Rate Limiting for all IPs and DDOS

Hello,

my idea is to protect my hosting server in a case of DDOS attack, so the hosting server gets no more than XXX connections from ALL IPs in total.

So I want to have an option, for example, if my hosting server gets more than 500 connections per minute from all IPs, than all other connections should be be blocked.

This way I can protect my hosting provider from the server overloading in the situation of unexpected DDOS. Later I can fine tune another filters manually with further firewall options.

I would like to have an option like “Total maximum connections allowed per Minute”.

The problem is that the Cloudflare Rate Limiting option can be setup only per client basis. However it will not help if you get only one connection from one client per minute, but the amount of clients is let’s say 50.000. So your hosting server gets 50.000 connections at the same time, and this is the end of the day if you have a shared hosting or even “normal” dedicated hosting.

So I would like to have an option to limit the amount of all inbound connections from all IPs to some fixed value per minute.

Is it possible to implement this feature or I missed something and there is a possibility doing this?

Many thanks in advance :slight_smile:

That’s the definition of DDoS. Suppose you can do such a thing how do you know client 501 is not a legitimate user?

It does not matter in such situation whether the client number 501 is a legitimate user. The important thing that the hosting server does not go down. I can monitor my website and if I see I cannot get access to it I know something goes wrong. Then I can check Cloudflare firewall, analyze traffic, user agents, etc, and then filter out the malicious traffic with additional FW rules. But the hosting server will be ok anyway, and you will not have any troubles with your hosting provider, especially if you have a shared hosting.

So I wonder whether this kind of rules can be used.

There is a solution for that but requires root/admin access on server which seems doesn’t apply to your case (you may ask your hosting or move to such a hosting). Anyway:

You can do better than that by limiting requests. Limit CPU/Memory/Disk usage by processes involved in serving requests (web-server, database…). This way you end up serving as much as possible requests up to where your server can afford. Solution depends on your server operating system.

there is "queue’ serivces that do just that…

for example https://www.cloudflare.com/apps/queue-it

but its bad solution for ddos attack because in a time of attack your real visitors will wait forever for their queue so its the same as taking your site down

Very interesting. It looks like what I am asking for.

The app is called “Queue-it Virtual Waiting Room”.

But the pricing is unknown. They want to contact the customer first, and it looks like a third party plugin, not a service from Cloudflare. So…

Anyway thanks a lot for the tip!

This topic was automatically closed after 30 days. New replies are no longer allowed.