UDP Flooding

One of my sites which proxied by CloudFlare, is under UDP Flood attack, and i am receiving a lot of UDP packets which seriously occupies resources.
Please correct if am wrong, shouldn’t CloudFlare protect from this?

Cloudflare doesnt handle UDP at all. If you receive UDP requests, they must bypass Cloudflare and go straight for your server instead.

I do assume you are not on an Enterprise plan, correct?

Correct, i just want to understand, from which type of attacks protects Cloudflare?

Cloudflare only handles HTTP and - in an Access context - also SSH and RDP.

If i want Cloudflare to protect from DDOS or earlier stated UDP flood, is there a plan (ex. Enterprise) to do so?

Yes, Spectrum on Enterprise would cover UDP as well.

Now all is clear.
Thanks for quick support and help.

:wave: @user417,

Cloudflare doesn’t proxy UDP packets for :orange: records, however it is still potentially possible for an attacker to go direct to origin if they know your IP. Changing your origin IP and or using the Argo tunnel product to further obfuscate your origin can be a defense mechanism, but the UDP flood is NOT coming through requests to your Cloudflare proxy IP address.

Those are automatically dropped at the :logo: edge.

— OG

:wave: @sandro,

Since they are going direct to origin for this attack the only way Cloudflare could protect an origin IP would be their Magic School Bus… I mean Magic Transit solution which creates GRE tunneling to the origin and pushes the origin /24 or larger to the :logo: edge.

Spectrum can absolutely be used to protect something that can’t normally be :orange: by proxy omg it through Cloudflare and obfuscating the origin, but the true origin IP is still potentially at risk to an attacker.

Or something… networking is a thing and I am just a little pug.

— OG

This topic was automatically closed after 30 days. New replies are no longer allowed.