Unidentified DDoS attacks

Hey guys,

We’re getting DDoS attacks for a while. Below you can find Network Packets In (count) stats logged on an AWS EC2 instance.

Lately, we’ve set up Rate Limiting on endpoints this instance serving (8 req/sec). But, we couldn’t see any request blocked during attack periods. And also, request count seems not increased.

A little more details:

  1. Our instance’s all ports are closed to the world. Only 80 and 443 ports are open.
  2. We don’t see anything weird on nginx logs.
  3. On web app side, we do only allow requests coming from our hosts served on Cloudflare. Nothing unexpected happening there.

Any help would be greatly appreciated.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.