DDos Protection by Cloudflare


#1

Please help me.

I Have configured cloudflare for my website. When we open this website its I see the following message

“Checking your browser before accessioning
This process is automatic . Your browser will redirect to yours requested content …”

Now what i Need there is a menu in my website. When i click on that menu same cloudflare message should appear again on that menu click.

Please help me for the same.

Simply means
I want a browser checkup message twice on my website first times while opening its coming properly but need also on a particular menu click.


#2

Every plan works, you should just set it to “I’m under attack”.

Why would you want that, though?


#3

Please help me


#4

Well I replied to your inquiry. I just added a follow-up question.


#5

I Have configured cloudflare for my website. When we open this website its I see the following message

“Checking your browser before accessioning
This process is automatic . Your browser will redirect to yours requested content …”

Now what i Need there is a menu in my website. When i click on that menu same cloudflare message should appear again on that menu click.

Please help me for the same.

Simply means
I want a browser checkup message twice on my website first times while opening its coming properly but need also on a particular menu click.

I need like this


#6

You cannot force a repeat for that process. That is an automatic process by Cloudflare to check if you are a real user or not, preventing connections to the origin in the latter. Once you are validated you are free to use the site for some time (selectable in the Dashboard).

My question still stands: why would you need to have this process twice? It isn’t great for the users if it appears once (but necessary sometimes), why twice? Usually the benefits/reductions in server usage thanks to Cloudflare are enough to not need the total “I’m Under Attack” mode active unless you are actually under attack.


#7

Hello,
Actually my customer want this twice in his website. Just to make himself more confident & secure.
First on while opening the website & second on signup link.

Hope you understand my requirement.


#8

I got the requirement, but it’s not actually possible. Plus having that screen isn’t a way to make a website more “secure”, it just means that less bad traffic will arrive. You, as a webmaster, should explain that it’s not really needed, will make a worse experience for the users, slow down loading, possibly lower a bit Google’s (and other search engine) ranking.

You could most likely have better security adding HTTPS (it will encrypt the connections, ideally between origin <-> Cloudflare <-> visitor if enabled correctly), enabling WAF (on the Pro plan), enabling Rate Limiting on the login/signup APIs or additional APIs that you have, making sure that the website is built and run on the latest software, enabling all the possible security features browsers now allow (CSP, SRI, etc.) and making it static if at all possible to prevent possible attacks on the backend due to bugs.

If you really still want that page to appear often you could simply lower the “Challenge Passage” dropdown in the Firewall tab of the dashboard to sometini like 5 minutes. Note that I STRONGLY ADVISE AGAINST IT unless you really know what you are doing and you have a really good reason.


#9

Hello,

Thanks for the beautiful & understandable answer.

Now let me know is it possible ?

I want cloudflare on signup link instead of complete website as customer further requirement is “I Need cloudflare message on signup link instead of while opening the website if twice is not possible than”

Let me know this please


#10

That would work, you can have the “I’m Under Attack” mode active on a single page via a Page Rule. It won’t appear on every page load though, if a user has passed it (it could be even on another website, I think, but don’t quote me on this) and loads the page it won’t reappear untile the time I specified in the last message has passed.

I would still question the effectiveness of the solution, but it could work. I would first propose securing the sign up and login page with a better identity provider (Firebase?) and eventually a rate limiting.


#11

Thank a lot for the quick answer.

Here could you please let me know how can i do this (Need Steps) from page rule option.
Also let me know what option i have to select in the dropdown list.
Currently i am a “Free plan user”


#12

A support page from Cloudflare itself it’s best I believe which will explain how to setup Page Rules.

As for the options you should look in the dashboard (under Firewall), they will be there.


#13

i don’t recommend cloudflare free account for cdn, earlier i was hosting my website https://www.bestvpndeals.com and the free version was good for nothing. Moved it back to the hosting provider. The lack of having your site on cloudflare is, they have no live chat/support. Only pick the premium account!


#14

Why was it good for nothing? Could it have been that your site was misconfigured, as I imagine given the little info you gave?

I don’t get the live chat comment…


#15

Matteo, ddos protection wise its good… the support article are descriptive, sometimes you need to discuss few technical aspects from a technical person, which lacks with cloudflare. I personally like cloudflare but only the premium version.

One more site of mine is hosted here right now for CDN:
bookwritinginc


#16

2 posts were split to a new topic: FTP password issues


#18

Well, if you need one on one support then you are searching a completely different product. Cloudflare does offer that, but only for Enterprise. You cannot expect such level of support in a free product. You can still contact support, with a longer than usual wait time, since you are in a low priority.


#19

Hi Matteo …Grazie .
Sono Max , sono italiano , grazie della risposta …alla fine ho risolto …funziona tutto bene .

io abito in Thailand …ed ho oltre 20 siti web …sinceramente e’ la prima volta che utilizzo questo software, ma per ora tutto bene


#20

This topic was automatically closed after 31 days. New replies are no longer allowed.