Does CloudFlare provide DDoS protection on the free plan? The website of a client was attacked while it was under CloudFlare. The hosting provider suspended the website due DDoS so it means CloudFlare disabled itself during the attack.
Do you think a Premium plan would help? Is there a limit it can handle?
Cloudflare doesn’t “disable” itself during an attack. DDoS protection is a feature for all plans. Higher cost plans don’t provide special DDoS protection. And so far, there’s been no DDoS attack Cloudflare hasn’t been able to mitigate through its server network.
I’m curious as to what the hosting provider noticed. Keep in mind that Cloudflare can’t stop attackers from directly hitting your IP address. So…all hits coming through Cloudflare naturally come from Cloudflare’s IP addresses, but include visitor IP address in the headers.
Was it a targeted attack? Scanning entire networks is easily done. Scanning and enumeration.
Cloudflare can not do anything against it since they are basically protecting on DNS level. (origin IP gets hidden behind CF)
Are you sure that there’s no DNS record exposing the origin IP? This is often the case with “mail.domain.com” which points to the origin as a subdomain. Since mail isn’t proxied by Clodflare (domains handling mail services must be set to ) the attacker has got the origin IP. And guessing smtp., mail, imap., webmail… isn’t that difficult. Even if it is not the same IP it might be on the same network range. Companies are often listed
in the whois record along with their provider so an attacker can go ahead with the scanning…
There are many ways this is just one example
Is he a CloudFlare employee? Oh, and it’s from 2011.
You can achieve more protection with Argo Tunnel for example. It’s available on every plan and billed on usage. You can find it under the “Traffic” tab.