HTTPS DDoS not blocked

Hi,

I’m on a Cloudflare PRO plan and currently experiencing issues with some people “trolling” on my website.
Basically they make a lot of HTTP requests on a single endpoint, and that makes my website timing out.

The website had a lot of 502 errors today because of this, I didn’t know what was happening until I looked at my origin server’s access logs to see that I had a very few IPs flooding an endpoint.

I’m quite surprised that Cloudflare didn’t detect these small attacks, even after I enabled the “Under Attack” mode. I had to manually add the IPs to the WAF for them to be blocked.

Is there a way to make it work a bit better ? I can’t have my eyes on the access logs all day long.

Thank you for your help !

Maybe you can check Rate limiting rules. Sounds exactly as the solution to your issue.

It says it’s only for Enterprise, but on https://support.cloudflare.com/hc/en-us/articles/115000272247 it says something different.

Thanks for your answer.

I could enable rate limitation of course but I believe the Cloudflare anti-DDoS system should cover this simple scenario right?

Enabling rate limiting will make me pay more just because of a few people, for something that the website should be protected against even in the free plan.

If you’re on a Pro plan you could just open a ticket and ask for help and maybe later share the results with the community.

Yes that’s what I did.

I’ll update with the result

Greetings,

If I may add here as a really good reference for further cases in terms of security and protection with Cloudflare:

Last but not the least, kindly see more by reading Cloudflare articles which contain a lot of helpful information for better understanding and usage as well in terms of Security and Protection:

3 Likes

Hi :slight_smile:

I received a reply from the support. They have been able to see the “attack” on their graphics but told me that the attack wasn’t big enough to get automatically block by the anti-DDoS.

They also gave me very helpful information about how to build rules to avoid this scenario.
And they added that the best is to always make our own custom rules for each specific website.

I guess I DDoS free now… Until next time maybe :stuck_out_tongue:

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.