discord.place
What should I do to avoid these attacks? When I turn on Attack mode, my visitors clients cannot access API subdomain because Cloudflare is showing a challenge to outgoing requests and the client cannot get a response from the API.
Under Attack mode will block non-browser traffic, therefore, API will be impacted in this case.
To stop the attack immediately, take these actions:
Deploy firewall rules and rate limiting rules to enforce a combined positive and negative security model. Reduce the traffic allowed to your website based on your known usage.
Ensure all DDoS Managed Rules are set to default settings (High sensitivity level and mitigation actions) for optimal DDoS activation.
To protect your hostname against attack, you must enable the Proxy Mode on the DNS record for the hostname. Check this documentation for more details.
Enable Under Attack Mode under the Overview section. See What Does Under Attack Mode Do for more information. Under Attack Mode will block all non-browser traffic.
The HTTP DDoS Managed Ruleset protect your website against DDoS attacks. The rules may have various default actions. If the DDoS Managed Rules have triggered, ensure the rule action is Block. Refer to our guide on DDoS false negative for further details.
Change Security Level to High. And turn on others security features such as Browser Integrity Check.
To find out if your origin server IP is exposed, use online tools such as Censys. Hide your origin IP address from direct attack by proxying traffic to Cloudflare. Learn more here on how to block other IP addresses.
If the attack is going directly to your origin without bypassing Cloudflare, Cloudflare WAF is not able to block it. As a best practice, we also recommend that you explicitly block all traffic that does not come from Cloudflare IP addresses or the IP addresses of your trusted partners, vendors, or applications. Please kindly find the instruction at Cloudflare IP addresses · Cloudflare Fundamentals docs.
Enable caching as much as possible to reduce the strain on your origin servers, and when using Workers, avoid overwhelming your origin server with more subrequests than necessary.
Enable DDoS alerting to improve your response time.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.
