We’re getting DDoS attacks for a while. Below you can find Network Packets In (count) stats logged on an AWS EC2 instance.
Lately, we’ve set up Rate Limiting on endpoints this instance serving (8 req/sec). But, we couldn’t see any request blocked during attack periods. And also, request count seems not increased.
A little more details:
- Our instance’s all ports are closed to the world. Only 80 and 443 ports are open.
- We don’t see anything weird on nginx logs.
- On web app side, we do only allow requests coming from our hosts served on Cloudflare. Nothing unexpected happening there.
Any help would be greatly appreciated.