We came under DDOS attack a few days ago. There were a ton of IPs that were attacking us, at the same time over 250 access requests per second. On taking a closer look all the IPs belong to Cloudflare, but that is strange as we use Cloudflare CDN.
Some examples are - 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168
It makes no sense, as when we turned we are under attack mode on, the DDOS attack went away. Then we turned it off, we again saw same IPs attacking us.
Then we blocked 100’s of IPS so then our CPU usage became bearable.
We are on a VPS and Cloudflare has been our CDN and suddenly its IPs are attacking us since 5-7 days Is there some settings mismatch?
Any help is appreciated. website: www.gadgetbridge.com