We’re getting DDoS once or twice per day at random times for last few weeks. Under attack is handling it well. However, having under attack ON 24/7 is slowing us down and making UX worse. Is there any type of setup that would do what Under Attack does but actually let normal users roam free after they pass a challenge? if not - any other ideas?
Thank you. However, we are not looking for manual mitigation of DDoS. We’re looking for a solution that will deter the initial attack immediately just like UAM does, but leave normal users alone and not constantly spam them with challenges.
Other than Cloudflare’s automated detections, there isn’t one. Challenges are how to sort the “normal users” from the attack traffic. If you don’t want that, then you need to craft rules as in the guide that specifically block the attack traffic.