On a Windows server, we have 3 ecommerce websites. Two of them are B2C which get the most amount of traffic and one of them is B2B. All have SSL and are configured to redirect http:// to https://
Back in mid-2021 we had attempted to setup one of the B2C websites on Cloudflare, could not make it work and gave up. Since then, we have changed our server & IP addresses.
We do not use Cloudflare at all
My question is regarding the B2B website. This website was never introduced to Cloudflare and as such to my understanding Cloudflare should not have any knowledge about the website.
New Server , New IP address.
In a 48 minute span we received 39,000 hits from 13 different Cloudflare IP ranges, CLOUDFLARENET-EU , Cloudflare-EU , CLOUDFLAREAFRICA , CLOUDFLARENET (US). They cycle through about 300 unique IP addresses with about 15-30 second intervals, before the IP is used again. All traffic is to port 80 and never continues on to 443.
This attack (?) Comes in spurts daily , our only option is to restart the server.
I have logs with time & date
Any idea what is going on ?