Make rate limiting rule for IP range

Hello,

we recently suffer form an attack of GET requests in 3 minutes - total 3000 requests from 600 differnt IPs, each of those sent 5 requests.
They requested different URLs and nothing was common, except for their IP range.

How can I set a rule to start blocking/captcha if a range is sending X requests in 1 minute?

Thanks!

anyone, please

You can make a firewall to always js-challenge the IP range, if you are familiar with CIDR notation you can make a rule like this:

I’m not sure if you can do this with Firewall rules

this is the issue. it’s not a rule for one specific CIDR, it’s actually a rule like this:
“if a CIDR is sending X requests in 10 seconds - then block/challenge that CIDR”

we can’t predict what CIDR will attack us next so better set a general rule. Thanks

Sorry, Rate Limiting is per specific IP address.

You may want to take a look at Firewall -> Setttings to increase security settings.

thanks for the reply, but I couldn’t find anything specific in the Settings menu. do you have any recommendations?

This topic was automatically closed after 30 days. New replies are no longer allowed.