I am making this setting to protect myself from a DDoS attack while my website is under attack. Since I’m receiving 20 million requests within 15 minutes, this setting protects me from DDoS, but I have a problem: my website is not loading cookies properly due to the limit I set. How can I resolve this issue and keep my website stable while under attack?
You’ve set the limit too low if you’re hitting it on normal browsing like that. I would also try to mitigate the attack directly, using Under Attack Mode / creating manual firewall rules if needed:
Ps. You can use “Edit Expression” => type “true” to match all requests, a bit cleaner
