Rate Limiting times anomaly compared to analytics

I’m getting a lot of spam traffic that visits my homepage (and many other of my websites) every day with about 50-2000 requests. Usually it is from ireland but the information varies so it’s unable to be caught by simple rules.

I’ve enabled rate limiting to try and stop this traffic but it doesn’t seem to have worked entirely.

Google Analytics is set to UK time and says that the spike of traffic happened at 3am, however in cloudflare i only see rate limiting being applied at 1AM. Is this UK time? Also it does not seem to have stopped the spike in analytics as otherwise i shouldn’t be seeing it.

Rate Limiting is set at 10 requests per 10 seconds, Challenge.

My question is: Why has it not applied a rate limit at 3am when the spike happened?

Urgh, looks like the spam traffic decided to try other pages after the homepage this time so i’ve set the rule to run on all pages. This probably accounts for why it wasn’t caught at 3am.

This topic was automatically closed after 30 days. New replies are no longer allowed.