Under Attack Cloudflare Make My Visitor Drop

Hi all, i need help my website from last 2 months until now still got ddoss attack every second they send ton of bot, i use i’am under attack from cloudflare but i think my visitor uncomfortable about that… so now my keyword on google was dissappear… anyone know how to fix ddoss attack without use under attack from cloudflare?


The I’m Under Attack security level should not affect your Google rankings. IUA is set to let Googlebot and other known search engines bypass the rule.

But of course presenting the JS challenge to every visitor may cause many to avoid your site. You want to familiarize yourself with Firewall Rules, then check your access logs for patterns that identify the attackers (IP addresses, ASN, countries etc) and craft a few rules to challenge attackers.

Or you can use the opposite approach, and identify your legit visitors and challenge everyone else, as I’ve suggested here:

1 Like

Before i tried to block by ip, but after a minutes my website directly down… so i tried activated under attack my website become normal, but i think my visitor so lazy waiting about 5 second load by under attack system cloudflare. The person was attack me send email a picture like this… i want to know if i upgrade to pro, i can use Enhanced security with Web Application Firewall (WAF) as solution replaced under attack by cloudflare? Because i dont want my visitor waiting pass the under attack checking browser…


PRO Plan provides very little difference in terms of protection against DDoS attacks compared to the FREE plan.

The PRO plan gives you the WAF and some other features on the dashboard, but none of them focus on what you are asking for.

1 Like

Okay, so the solution only use under attack cloudflare?

No, what Floripare said earlier was a good start. Cloudflare gives you all required tools you could need to mitigate application attacks. If you lack of time or knowledge to do so, you may want to switch to a managed service or ask your system administrator to handle it.

IUAM page should only be used as a quick resource to properly mitigate attacks.


This topic was automatically closed after 30 days. New replies are no longer allowed.