I am a newbie here. So I appreciate if someone can help me out with a simple answer:
1: How different is DDOS prevention from Rate limiting feature of Cloudflare? Isnt DDOS a form of rate limiting already? Is DDOS equivalent to a rate limiting with a very high rate? Do I have to activate rate limiting if DDOS is already protecting my website?
2: For Cloudflare to work, do i have to make sure the domain im trying to protect has an orange cloud showing somewhere on my website?
3: Is it possible that attackers can bypass Cloudflare and attack my host’s IP directly ? If the answer is yes, should I do anything with my DNS? (I have something about rotating IPS towards Cloudflare but I have no clue what it means)