Let me first introduce myself, I’m Daniël, a 3rd-line technician at mijndomein.nl, a dutch Webhosting company providing shared web hosting.

I’m getting in contact with you, about one of our customers chathotel.nl that we’ve recently put in / behind CloudFlare under the customers personal cloudflare account.

We noticed that there were attacks yesterday and tonight, which caused our platform to still be heavily affected even with CloudFlare on it.

What can the customer ( or we as the hosting company ) do to improve the situation, so it will filter out the attack more / better?

The ‘Under attack’ mode is enabled, and I’ve enabled the DDoS L7 ruleset and changed:

· Ruleset action to Challenge

· Ruleset sensitivity to High

Can you see if this will stop the attack(s) the happened on the spikes in the screenshot below?

image668×750 54.9 KB

Thanks in advance!

P.s. I forgot to mention the support ticket I created earlier: https://support.cloudflare.com/hc/requests/2338074

Thank you in advance.

I would suggest checking this guide out.

If that doesn’t work, we can suggest some rules, but I’d ask for the following:

1. Your current plan
2. The current firewall rules that you deployed
3. Photos of the dashboard, showing the firewall, analytics. The more information, the better.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.