despite recently activating cloudflare’s DDoS mode + rate limit, my site has encountered increasing performance issues and downtimes related to CPU spikes, site currently crashes multiple times an hour and every times it takes several minutes to come back
what I have tried
-Under Attack mode (non stop)
-Rate limit (7 hits per 10 seconds)
-Challenge all known bots except google
-Heavy filtering of Hosting ASN
despite all this and despite ever decreasing legitimate trafic, the downtime of my dedicated servers keeps increasing every day
what the ■■■■ is going on ?
Set some firewall on the host origin like UFW and allow only yourself temporary.
Lock your host and allow only Cloudflare IPs to connect:
Make use of the Cache if possible on the host, or configure it at Cloudflare:
I guess, if not some malicious or nulled theme if you’re using WordPress, you’d have to track & trace a bit those requests using Security → Analytics & Security → Events from the Cloudflare dashboard.
You can temporary override your DDoS and set to “Block” action and sensitivity “High” to prevent further damages while working on figuring out how to create your Custom WAF Rule to block those requests without enabled Under Attack Mode and get your Website working back again while the attack is still ongoing.