Over the last few days I’ve noticed heavy and sporadic activity coming from Luxembourg, with really high requests in any one period.
In the last 6 hours it’s been a total of over 165k requests, for files like: feed/rss, feed/atom, /author/admin and also a few legitimate pages on my website
Cloudflare is stating these are EMPTY/NONE Content Types, and show up as the grey panels.
Yesterday I tried to get onto of this by adding a temporay County Block for Luxembourg in Firewall Rules, but this is being completely ignored. It’s the first rule, so should override everything else.
I also added the file types that are being targeted to block access individually in Firewall Rules, and these are also being ignored.
It seems whatever I do to try and mitigate this behaviour, from Luxembourg, from within Cloudflare is being totally ignored.
I also added Luxembourg IP address in htaccess, but this again isn’t making any difference.
I am seeing activity in Rate Limiting Billing (but not actually within the Firewall, Tools, Rate Limiting Rule) , and look forward to being charged for the pleasure in the not too distant future. At the moment it’s under 9000, but over 10k and i’ll be charged.
So really looking to put a halt to this behaviour.
Is anyone else seeing this level of activity, and any ideas on how to mitigate the traffic!
I did open up an official ticket last week, but responses have been slow and are not really answering the questions and concerns I have put to them.