Is cloudflare basic enough to protect against ddos attacks?

good morning,
I have a site that has been continuously subject to DDOS attacks for a few days now, and the current povider is not helping. It also has its own paid CDN, but since it doesn’t help I’m trying Cloduflare. In the meantime I’ve activated the free plan, already configured everything and I’m just waiting for it to activate when it reads the changed DNS servers.
Since I’m in a hurry to get the site up and running again, is there anything I need to do as soon as it’s up and running, or is it already up and running automatically? I have a number of IPs that I block via htaccess, but they don’t seem to work and keep causing problems. Will cloudflare CDN already be able to block them automatically or do I have to do it manually?
Thank you

If you are under a DDoS attack then you can take a look at these threads for first steps and help with mitigation:

Try blocking them via Cloudflare instead, and make sure you Restore visitor IP at your origin.

hello and thanks for the answers: as soon as it was installed and restarted the attack and the database CPU went into saturation. I wanted to block the IP family 66.249.66 which seems to be the one causing the most problems, but it won’t let me enter it and wants the full IP. How do I block everyone in that family?
I have temporarily blocked the entire country, the United States, and in fact everything is working again, but thus I am also blocking visitors interested in the site.
Let me know
Thank you

1 Like

Enter 66.249.66.0/24 (see Classless Inter-Domain Routing - Wikipedia)

That’s part of a Google range of IP addresses…

whois 66.249.66.0
% IANA WHOIS server
% for more information on IANA, visit http://www.iana.org
% This query returned 1 object

refer:        whois.arin.net

inetnum:      66.0.0.0 - 66.255.255.255
organisation: ARIN
status:       ALLOCATED

whois:        whois.arin.net

changed:      2000-07
source:       IANA

# whois.arin.net

NetRange:       66.249.64.0 - 66.249.95.255
CIDR:           66.249.64.0/19
NetName:        GOOGLE
NetHandle:      NET-66-249-64-0-1
Parent:         NET66 (NET-66-0-0-0-0)
NetType:        Direct Allocation
OriginAS:
Organization:   Google LLC (GOGL)
RegDate:        2004-03-05
Updated:        2012-02-24
Ref:            https://rdap.arin.net/registry/ip/66.249.64.0

hi, if I try to also put /24 after the 0 it returns me “CIDR intervals can only be used with ‘in’ operators
Preview expression”
I tried just putting 66.249.66.0 and it seems to work: am I doing something wrong?
"

Instead of equals for the operator in the rule, select is in.

ok, it seems to work, thanks. But there are other IPs that cause problems, and to make everything work I still had to block the United States. now if I look in the US filter that I blocked, I see all the blocked IPs and they are almost all repeated. But is there a way to count them or understand which ones are repeated the most? in the short time that I blocked it, there are like 8000 addresses and it becomes difficult to understand and count them by hand. Thank you

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.