Threat_score

beehivemonitoring · January 23, 2021, 3:35pm

almost all trafic is with threat_score = 0 only less than 1% is above threat_score >1
and I am under attack

sdayman · January 23, 2021, 4:16pm

beehivemonitoring · January 23, 2021, 4:48pm

Thank you for this tutorial. I have this setting ok only what is strange is that all threat_score in the firewall equals 0. I cannot deactivate under attack mode because all hackers trafic start goes to my server

hannes · January 29, 2021, 8:27pm

Hey @beehivemonitoring ,

It might take a while until the threat_score has been updated. We calculate it based on data from Project HoneyPot and on internal threat intelligence from what we see being blocked by our WAF or DDoS mitigation.

Under Attack Mode is basically serving a JS Challenge to all of your proxied traffic (independent of the threat score). So if you want to narrow down the scope of traffic that gets served a JS Challenge, you can use Firewall Rules and serve a Challenge (CAPTCHA or JS Challenge) only for certain URLs, hostnames, regions, etc.

system · February 24, 2021, 6:57pm

This topic was automatically closed after 30 days. New replies are no longer allowed.

Topic		Replies	Views
Deprecated - Under DDoS Attack! First steps Tutorial Tutorials	0	14048	June 8, 2019
Managing Threat Score For Specified Country Security	2	886	August 2, 2023
DDOS attack via Cloudflare network, "Under attack mode" not working Website, Application, Performance	10	1151	November 1, 2023
Threat Score HTTP Attack Security	9	2454	June 18, 2020
If I enable I'm Under attack mode the 30% traffic drops General	5	23	November 23, 2024

Threat_score

Related topics