Http Ddos Attack

What should I do. They don’t stop attacking my domain. It’s a pain in the ■■■ to keep blocking the massive ip’s spamming on my website…

I can’t now log in my cloudflare account. I want to check the active/current attack but my browser just keep loading…

Tnzx

You have some issues loggin in at Cloudflare dashboard? Any errors?

How is your Website getting spammed? Via comments or?

You can use Cloudflare Firewall rules or either IP Access rules to block the IP address.

To make sure you have good security and protection setup and being ready to mitigate DDoS for your Website/domain which is added to Cloudflare, make sure to check the articles below.

Also to note, check and make sure the DNS records are proxied (:orange: cloud).

It looks like Cloudflare is already blocking those requests.

Are there others you’d like to block? @fritexvz’s links are a good place to start.

1 Like

Is it possible that my cf account is also blocked? I can’t access my cf anymore. It just keep loading on my screen…

Very unlikely. Try the usual tricks: Clear browser data/cookies, Incognito, different browser.

1 Like

Thank you sir.

I will try it now…

Be right back…

If it is possible, can you enable the I am under an attack! mode?

Moreover, ce7ven.com is being used as a VPN proxy or? (due to the Website content)

If so, would that mean that users should connect through your Website (via HTTPS) and go to their desired destination URLs?

  • which is why Cloudflare recognized the requests as HTTP DDoS? (not sure about it, just guessing if so)

Or over some other port which is not being supported and proxied or it actualy is compatible and proxied via Cloudflare?

And if the users are using direct access, em, connection to the IP address, I guess there is not a possible way to cover that one (if not using Cloudflare Spectrum, or already not on an Business or Enterprise plan) - or at least not if not having a proper DDoS mitigation as a firewall in front of your host/origin (iptables could help, but I do not believe at that scale).

I am just thinking about if this is possible and/or violates the TOS?

Maybe I am totally on the wrong point here about it?

Do you know WAF sir? I’ve read that WAF can atleast minimize http ddos attack. It’s been 3days that my servers are down…

WAF is more for hacking attempts. It blocks requests targeting vulnerabilities.

Any suggestion sir… to stop http ddos? Thanks in advance…

Are you noticing that the IP’s are in a certain range? If so you can block that range which will return an “Access denied” error on their end saying your IP has been blocked! Also is IUAM enabled? This should help protect against attacks like this. Also what’s the website URL I can find out and see if you have IUAM enabled by visiting the website by requiring a challenge (browser integrity check) when IUAM is enabled for your domain!

From the look of this screencap I would at the minimum be challenging all Philippine IPs (as long as you can still get into your CF account)

1 Like

This topic was automatically closed after 29 days. New replies are no longer allowed.