We have repeatedly been receiving ddos attacks with TLSv1.2 (http over TLS) packets from cloudflare IPs sized around a kb and totalling up to a gigabit of attack traffic giving some serious issues. The content is fully garbled so i am guessing that it is encrypted. Is there anything we could do to to block these (reflection?) attacks or dissect them from real traffic to cloudflares servers?
And yes: there were were thousands of these packets per minute so i doubt its in any way legit traffic.