Unable to Stop Ddos attack . Please help

Yesterday my site got 4.8 Million hits in 3 hours . Today its 8 Million in 1 hour . cc is able to block most of the requests but few requests are still bypassing and getting success to down my site . Please tell me what rules i can apply to protect my site . i already block many countries .

First things first, enable “Under Attack Mode”

Then, look what requests are still getting through and I’d work on crafting Firewall Rules based on those. If you’re seeing lots of hits from somewhere like Russia you could block the whole country temporarily. Or see if they’re coming from a few ASNs or such.

Checkout this guide for what to do when under attack: Under DDoS Attack! First steps

1 Like

Few like 1-10, or 100-500?

Are these maybe the crawlers or bots? Did you analyze your web traffic?
Are the naked domain and www DNS records proxied? (:orange: cloud)
Bypassing, does this mean like comming directly to your server IP address?

Make sure to protect your admin / login page, if you have one.

Well, depending on the attack type, if user-agents, crawlers, etc., there are few I would recommend to add to your Firewall Rules, like the posted here:

If you need to block requests and traffic to proxied DNS records (:orange:) to all compatible and supported Cloudflare port’s except port 80 and 443, use the below Firewall Rule:

  • (http.host contains "yourdomain.com" and not cf.edge.server_port in {80 443})

If using cPanel or some other, which is working over 2083, etc, the above one is good, while also the other could be combined as well (you could whitelist and allow only your IP if you need to access cPanel interface):

  • (http.request.uri.path contains "cpanel") or (http.request.uri.path contains "plesk") or (http.request.uri.path contains "whm")

If using WordPress, consider to add something to your Firewall Rules from below links (including wp-login.php and xmlrpc.php):

Therefore, some Firewall Tips are published here:

Using the search :search: :

Nevertheless, do not forget and properly setup the Cache for your website which can help leverage the load and tasks your server has to do for each request:

Make sure your site is fully secured (HTTPS) using Full (Strict) SSL:

Furthermore, may I suggest you reading articles from the below:

3 Likes

I blocked All countries only my own Country is unblocked that too with JS challenge from firewall settings. I enabled bot fight mode also . Enabled I’m under Attack mode . My server ip is not exposed . I saw a graph of cpu usage where i noticed that it being used at 91% . and thats how my web is always going down whenever someone is doing this attack .

Do you use any caching method?
Obviously, the traffic is hitting something which triggers the event to CPU for work, like database, or some Ajax requests, etc.
If you do not have a propper Page Cache due to some other reason maybe, each time some webpage is being requested, the server needs to re-generate the same over and over again instead of serving it cached for each repeated request.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.