Firewall Rules don’t work?

Hi there,
i’ve been using Cloudflares firewall rules since several months,
i have a issue with a IP which is attacking my website.
I’ve managed to block it with CF firewall rules, i was very happy because i was risking a ban by google for fake AD’s clicks (generated by this IP). One day those fake clicks returned, this time by a different IP address but from the same “hosting”. What i have done, i’ve added it to the firewall rules ((ip.src eq 192.71.xxxx and ip.src eq 37.247.5xxxx) but for my surprise i’ve kep getting those annoying fake clicks from this IP…any clues why this time CF is not able to stop it? anything wrong in my rules?

thank you :slight_smile:

  • What’s the domain?
  • Post a full, uncensored screenshot of your firewall rule
  • Post a screenshot of your firewall rules list
  • Is your server configured to only accept connections from cloudflare.com/ips?
4 Likes

Could it be that they are reaching your backend directly? It seems unlikely that they are somehow bypassing a firewall rule like that unless another rule with higher priority allows them to enter your site.

2 Likes

Sounds like a DDOS attack! You should visit the embedded links below

Alternatively, you could visit support.cloudflare.com then search up “DDOS”!

If it is an individual IP address, by definition, it couldn’t be a distributed attack. Also, the way the OP described it, it’s apparently not a denial of service either but he simply wants to block that address.

He most likely did not firewall the machine and gets direct connections. Alternatively, his firewall setup is not correct. Hence the four questions :wink:

2 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.