From 3 days someone is attacking my website (Ukrainian News Website) by GET queries. I started using cloudflare right now - I configure my DNS, I add rate limiting rule, I block domains, IPs from which these queries are comming, I turn on “I’m under attack” option. Now my hosting provider turned off my server because they can’t do anything too.
this is example row from server access log:
220.127.116.11 - - [01/Sep/2023:13:53:21 +0200] “GET /?543.6423382077977 HTTP/2.0” 301 254 “
https://asacannes.com/” “Mozilla/5.0 (Linux; Android 13; SAMSUNG SM-A528B) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/22.0 Chrome/111.0.5563.116 Mobile Safari/537.36” wro1
I not see any connections in my Cloudflare dashboard and firewall have no activity. I see only DNS connections on Analytics & Logs / DNS - 10 000 connections per minute.
I am using this rate limitting expression but it not blocks anything
(http.request.uri.path contains “”)
ON WAF Tab I add rule to block all GET requests but this is not blocking anything too (http.request.method eq “GET”)
How I can block these GET connections?