Protect from Http flood attack

Hello
our site on free plan of Cloudflare . Is "Im Under Attack Mode " can protect us from every http flood attack ?

That mode will challenge every unchecked request with a JavaScript challenge. If an attacker runs full-fledged browser instances or something that still executes JavaScript they will manage to pass these challenges, however that is generally not the most common approach.

So … this feature can mitigate vast flood HTTP attack . correct ?
what is the difference between this feature and flood http attack protection on business or enterprise plan ?

There shouldn’t be any difference, the only difference may be on extremely large attacks. The Enterprise plan will have also different kind of attack protection.

the “flood attack” is called layer 7, the best tool in Cloudflare against layer 7 is the “rate limiting” which is cost money but can be activated in all plans.

if you don’t want to enable it your other options is to observe your logs and create smart firewall rules, IP Access Rules, User Agent Blocking, Page Rules and caching rules but they are not “automatic” and they should be created manually to defend against specific attack.

the other problem is to create this rules you need knowledge, and you get it from the server logs, but under attack your server may be down and you don’t have access to your logs, so your other option is to use the worker service and create a worker which collect logs data for you(but it also paid feature), you can use this worker if you need help GitHub - boynet/cf-logdna-worker: simple cloudflare worker recipe to send logs into logdna

I dont 100% understand Cloudflare pricing but it seems that from the business plan you get “Advanced DDoS support”:

Backed by a full SLA, our DDoS experts will keep you online 24/7/365 no matter the size, type, or duration of the attack.

so I believe that from business plan they will write the proper rules to stop the attack for you but talk with them about it they also have a button named “Under Attack?” it could be worth to click it and talk with them

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.