One of my site is being attacked and the atack goes througth cloudflare network without being treated as suspicious activity.
How I know that is going throught cloudflare?
Looking at the information tab of my domain (here in cloudflare), I have normally 30K-100K request per hour depending on the hour, when the site is being attacked I could see more than 4 millons reques per hour registered here.
The “under atack” mode does not mitigate this either.
At first I have created a rule to block the countries from where the traffic was being originated, but after a few hours it seems that the atacker has updated his method and that does not work anymore.
The atack consist on thousands of requests to my dynamic urls.
The only thing that is working is blocking the atacked urls altogether on NGINX.
How is that kind of trafik going throuth Cloudflare?
Yes, I am on a free plan, but I am willing to upgrade to a PRO plan if this kind of attacks are blocked.