Getting attacks from the attacker who is also using cloudflare


#1

I am getting attack from a hacker who is using Cloudflare to trick and send attacks. cloudflare team was unable to properly find the attack source we spotted it out after 3 weeks of being under attack and still we are. will Cloudflare take any action against the attacker as he is also a cloudflare’s user.


#2

It is impossible to run attacks through CloudFlare since you cannot make outbound connections through their network.

What’s the kind of attack?


#3

the attacker is using a web app to send attacks by processing his app on user’s background as cloudflare do not block browser ua he is able to bypass the cloudflare’s js challenge and uam mode.

attacker’s website is on Cloudflare with SSL and using that to attack my website’s login page he is able to send more than 50k requests per min to my login page. Its even difficult to keep website online with rate limiting.


#4

Just a stupid idea. Since this seems to be an automated process without knowledge of the users (?) try to captcha them. Even though the js challenge is the highest level but it could be worth a try


#5

my website users are dumb to complete a google captca, but i am using it still website is struggling.


#6

Did the captcha lower the amount of requests?
Cloudflare abuse team didn’t shut down the domain?

Even though It’s not nice. I’d try to redirect them elsewhere with pagerules.

Create an new A record goaway.domain.com pointing to 127.0.0.1

Create a page rule

*domain.com/admin/*

with a 301 to goaway.example.com

Something like that. You’d need to find a way to login for yourself. A VPN maybe. Or deactivate the rule if you need access to your admin area.

I know that that difficulties to get user to do just one click. I ran a web radio for about ten years. “where can I listen”. It must be really hard to find such things on the front-page. :roll_eyes:


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.