HTTP DDoS Attack Cloudflare Recommended Setting

Does anyone have a standard rule for HTTP DDoS attacks or even block URL that’s not even there?
Can you be protected before the attack happens on your website?
A standard rule for HTTP DDoS attacks?

to prevent DDOS attacks, the best setting in Cloudflare is to enable BOT fight mode

Is this it:

Cloudflare Security Settings

Adjust the basic security level to modify which visitors Cloudflare will limit from visiting your website. A low-security setting will prevent only the most threatening visitors from accessing your site. A high-security setting will block all visitors that have exhibited threatening behaviour within the last 14 days. Essentially off will act only against the most grievous offenders. We recommend starting out at low.

I’m Under Attack Mode should only be used when a site is having a DDoS attack. Visitors will see a processing page for about five seconds while we analyze the traffic and behaviour to make sure it is a legitimate human visitor trying to access your site.

The medium setting I take it?

I would recommend Medium, yes.

Nevertheless, this screenshot you provided does not look familiar to me and it seems to me like it’s not form the official Cloudflare dashboard, rather from some interface of Cloudflare integration partner?

Yes, kindly consider reading below articles and review the available security options:

Therefore, some Firewall Tips are published here :search::

There are Firewall Rules which could help you to block user-agents, crawlers, etc., there are few I would recommend to add to your Firewall Rules , like the posted here:

I would also recommend to take a look at the below article:

Make sure your DNS records are proxied :orange: so Cloudflare could protect you.

1 Like

Ok thank you it’s siteground, I will update my guide Web Firewall Protection regarding Page Rules soon

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.