How see the IPs who accessed my website during a DDoS attack?

We are getting multiple DDoS attack the last days and I m trying to find the IPs who were able to pass my firewall rules.

I have set up strong firewall rules and 98% - 99% of the attacks is mitigated but the some are able to pass thought and still overload my DB. (we have more than 90 Millions requests in the past 24h…)

Usually we have about 100 unique visitor per hour but when that happen we had a surge of 5000.

I m trying to get the list if these 4900 bad false visitor, find a pattern and increase my firewall rules to kick the next waves of DDoS.

Anyone knows where I can get this list? I am able to see the repport of IPs block in the firewall section, but I need the ones not blocked.

If they got through the firewall, then they’ll be in your server logs.

yeah I was hoping to get the list with cloudflare to have the view and analytics tools.
Thanks!

This topic was automatically closed after 30 days. New replies are no longer allowed.