What is the name of the domain?
example.com
What is the issue you’re encountering
My websites seem to be DDOSed a lot and the biggest target is Vaultwarden (protected my cloudflare tunnel and access) and Kasm. What do you guys do to protect your domains from being attacked? 95% of my traffic is bot traffic. I would like to know what everyone else is doing on the free tier to protect their domain and I need some pointers on how to secure my domain. I would like to setup fail2ban if it is possible.
What steps have you taken to resolve the issue?
I setup the web application firewall to block any traffic outside of the US, I enabled “I’m under attack”.
fritex
August 21, 2024, 5:43pm
2
A good read about this which I’d suggest is:
This guide is for those users of Cloudflare who experience medium-high level complexity DDoS attacks.
Continue reading if you want to accomplish the following:
Becoming more familiar with the Cloudflare Dashboard and crafting custom firewall rules.
Understanding the standard behavior of DDoS attacks and deploying effective firewall rules.
Realizing how powerful and valuable Cloudflare Firewall Rules are.
I initially thought of making a more complex guide (I will). However, I realized that no…
Cloudflare recommends:
Other useful topics:
This posting is part of a series on Cloudflare’s firewall engine and discusses rules which might make your site just a tad less welcoming to automated robots and crawlers.
The HTTP version
HTTP was introduced in '96 with version 1.0 and relatively quickly superseded by version 1.1 in '97. 1.1 had been the defacto standard for about twenty years but got with version 2.0 a successor on its own in 2015. Version 3.0 did not take 18 years any more but its support is still somewhat shaky.
One thing…
Here’s a list from the perishablepress.com 7G .htaccess firewall:
(360Spider|acapbot|acoonbot|ahrefs|alexibot|asterias|attackbot|backdorbot|becomebot|binlar|blackwidow|blekkobot|blexbot|blowfish|bullseye|bunnys|butterfly|careerbot|casper|checkpriv|cheesebot|cherrypick|chinaclaw|choppy|clshttp|cmsworld|copernic|copyrightcheck|cosmos|crescent|cy_cho|datacha|demon|diavol|discobot|dittospyder|dotbot|dotnetdotcom|dumbot|emailcollector|emailsiphon|emailwolf|exabot|extract|eyenetie|feedfinder|flaming|…
Good list, thanks. I have deployed that but removed python and demon (those seem to block some RSS feedreaders, YMMV).
What I also have in place is this:
(http.user_agent contains “SemrushBot”) or (http.user_agent contains “AhrefsBot”) or (http.user_agent contains “DotBot”) or (http.user_agent contains “WhatCMS”) or (http.user_agent contains “Rogerbot”) or (http.user_agent contains “trendictionbot”) or (http.user_agent contains “BLEXBot”) or (http.user_agent contains “linkfluence”) or (http.us…
There’s a list of ASN belongs to hosting providers:
system
Closed
September 5, 2024, 5:44pm
3
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.