Today I experienced a large brute force attack on a login page (not wordpress) and I have enabled “Under Attack” mode as well as Rate limiting. Unfortunately as I am on the free plan, I don’t have access to a all of the DDOS tools.
The attack appears to be ongoing and so far within the last 6 hours I have had 107,465 hits.
I have configured rate limiting to “5 requests per 1 minute, Block for 1 hour”
I am curious to know the following:
How can I get a view of when the attack is stopped?
How can I understand the potential cost of the rate limiting? I’ve read the documentation and I understand that I only get charged for “good” traffic - so how does CF determine what is good traffic? I normally get a few hundred genuine visitors a day…
I think the billing is not a concern since you just protect your login page. Based on your rate limiting configuration there will be only 5 requests maximum within 1 minute that your visitor can make, any extra request will be blocked by Cloudflare - and you will not get charged by those rate limited requests.