Using IP Access rules against Floods?

I wonder if it’s a common method if you would use the IP access rules to block certain ip addresses flooding your backend.

For example, I could create a php based flood protection with an algorithm. If a ip address access the uri: “/login” 10x within 30 seconds, my php script would send an api request to the Cloudflare ip access rules to block the malious ip address.

I have read this article:
https://developers.cloudflare.com/waf/tools/ip-access-rules/

But I’m not sure if you would use this tool to automatically block flood attacks. You anyway have a limit of 50k entries.

I know that you can also use rate-limiting directly in Cloudflare.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.