Random query string DDoS


Earlier we were receiving a DDoS attack which was only stopped with captcha enabled, however, having enabled captcha for all visitors is beyond tedious.
I tried to make a page rule but it was not being hit. The bots were making a request similar to:
I could not captcha all requests like /* as it would affect legitimate traffic as well, so I tried to block /?* expecting it to challenge all requests that started with an ? and were followed by anything.
The rule page did not allow me to make this, I assume it’s not supported, is there any way we could make a similar rule?


Use this:

Anything beyond a single ? will be blocked or challenged, whichever you prefer.

This is one reason i need a feature which Cache Everything and same time Ignore Query Strings.

You can use CF Workers to normalize the query strings so you can tell CF Worker to do cache everything even for query string urls Strip UTM query string

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.