Permanently under attack. CF doesn't help at all


#1

Since 2-3 days my website is being attacked and CF doesn’t do anything against it. I’ve also got the Pro Business plan and set up the WAF on highest security and made a rate limiting rule of 12 requests per minute. Are my settings wrong or why doesn’t anything work?


#2

What kind of attack? Some attacks just look like a site that’s getting a lot of traffic that shouldn’t get blocked.


#3

First time he did a POST attack on our login page. After that he did a GET attack on our index page. So basically a layer 7 attack.


#4

Activate I am under attack mode. More info how it works and read this one also.


#5

We had this mode enabled for a whole day and he still got through.


#6

OK, that’s possible.
How quick are you spammed? How many different IPs? Do you have any logs?


#7

Apache logs of a few seconds from when it happened:
https://pastebin.com/raw/twf1Dmbq


#8

There are the origin IPs visible. Is this intended? Do you extract them?


#9

I’m using mod_cloudflare which shows the real ips.


#10

The rate limiting rules do appear to be working. You can increase the amount of time they are banned.


#11

This topic was automatically closed after 14 days. New replies are no longer allowed.