Someone spammed my worker with 31 requests in 8 seconds and I want to block them so ti doesn't happen again!

Ok, someone decided to spam my worker with 31 requests in 8 seconds (most of them were cancelled and multiple requests were sent in 1 second) I’ve attached the timestamps below
image
I’ve noticed the following things

  1. That all requests come from the same IP address
  2. The requests are most likely a result of someone spamming the reload or reload without cached content button over and over again!
  3. No activity has occurred on my worker from any IP since this incident.

With that being said, I would like to block the IP address so this doesn’t happen again! Does anyone know how to do that?

You have an arsenal of tools to do that as CF Workers is processed after CF IP Access Rules, Firewall Rules, Rate Limiting etc according to CF Traffic Sequence diagram. So the usual ways to handle malicious requests applies with CF Workers too.

I don’t have an origin web server (no root domain)

Doesn’t matter, CF IP Access Rules, Firewall Rules, Rate Limiting all operate at CF Edge before hitting an origin server.

1 Like

So it’s protected? Then why didn’t it block or rate limit the requests?

Is the request to .workers.dev domain or your worker added route assigned to yourdomain.com/*. CF features will only operate on worker added route assigned by you where yourdomain.com is CF zone domain. It won’t work with .workers.dev.

So I have to have a root domain? Otherwise, the features won’t work?

doesn’t have to be route just any subdomain or root domain off your CF zone domain i.e. if you worker is named myworker. You could add route to myworker with any of the following

yourdomain.com/*
sub.yourdomain.com/*
yourdomain.com/dir/*
sub.yourdomain.com/dir/*

just make sure the domain/sub domain has a valid DNS orange cloud proxied entry pointing to a dummy IP i.e. 192.0.2.1 if you don’t have an origin server

1 Like

So add a route then features (like rate limiting) will work?

Yes then they work for requests via the CF zone domain name at least.

Ok, how do I create a route?

From official docs https://developers.cloudflare.com/workers/. Specificially https://developers.cloudflare.com/workers/platform/routes

2 Likes

“To claim a *.workers.dev subdomain, such as my-subdomain.workers.dev , select the Workers icon on your account home, or Workers then Manage Workers on your zone’s dashboard, and begin setup on the right side of the Workers dashboard under Your subdomain . The name field in your Worker configuration is used as the secondary subdomain for the deployed script, (e.g., my-worker.my-subdomain.workers.dev. ).” This is what I see on the main page of my workers (with my account ID blacked out)

I think I’m doing something wrong, but don’t know what it is I’m doing wrong! So do you mind telling me what I’m doing wrong?

I’d re-read https://developers.cloudflare.com/workers/platform/routes

example sub.yourdomain.com/* CF zone subdomain assign to CF worker named none - change that to your CF Worker name

I’ve already tried submarine.workers.dev*/ and it

So change my worker name to “none”?

change to whatever name of your CF Worker is listed on manage Worker listing page

Is the “Manage worker” found on the dashboard or the main page of the workers?

it’s the listing you screenshotted at Someone spammed my worker with 31 requests in 8 seconds and I want to block them so ti doesn't happen again! - #13 by AppleSlayer

i.e. nice-router-advice is a CF worker name

So what do I do with that? (If anything at all)