HTTP DDOS and aws .. need help

we are growing rapidly ( 0-1 million users in 20 days ) and we are in eye of many hackers now ! we started getting smaller attacks intially which we learnt to stop ,but now we keep getting different type of attacks.

AWS has taken down our server after the recent massive HTTP DDOs we suffered ,
we saw about 10 MIllion HTTP DDOS requests in like 20 mins and the server was taken down by AWS

Cloudflare claims to stop all these type of things but looks like it doesnt

we need help immediately guys thanks

1 Like

I suspect you’re into the range of needing an enterprise account and the related services. Layer 7 attacks are a complicated mess to handle gracefully without inconveniencing users (CAPTCHAs and such), and at the scale of legitimate traffic you are describing you’re into the range where expertise is needed.

Cloudflare offers a number of tools and resources for dealing with DDoS attacks. You didn’t mention any steps you had taken to implement any of them so it’s impossible to say however they include:

Ensuring your origin IP is protected via :orange:
Restricting application to your application from non-Cloudflare IPs.
Intelligent caching strategies
IP Address/ASN/Country restrictions/blocks/captcha
User agent blocks
Firewall Rules
Rate Limiting
Bot Fight Mode
Bot Management
Custom Cache Rules

Almost all of those features are available on plans other than Enterprise.


This topic was automatically closed after 30 days. New replies are no longer allowed.