Direct SYN-flood attack mitigation with Cloudflare

Hi everyone in the Cloudflare community!

I’ve just joined Cloudflare to solve my problem with SYN-flooding, setting my webserver under pressure for several days by now. My own attempts to mitigate it with iptables rules helped only for some time and I decided to use Clouflare for help.

My server is on a separate hosting and I changed NS names to Cloudflare ones, so that my domain resolves by Cloudflare. The issues with SYN-flooding remain.
Maybe this question sounds stupid, but how does Cloudflare help with attack mitigation, if packets go to a particular IP address? The server is still on the same IP and whatever DNS changes I do, it will remain there.

SYN Flood traffic through Cloudflare shouldn’t even reach your server:
https://www.cloudflare.com/learning/ddos/syn-flood-ddos-attack/

As you suspect, they’re targeting you directly, which is why you should set up a firewall at your host to block anything that doesn’t come from the list at cloudflare.com/ips

2 Likes

This totally makes sense. I’ve restricted the rules only for these IPs and the problem is gone.
Thank you so much for your prompt response!

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.