anti ddos settings
Hello, I use the free version of cloudflare to secure my site + I use cloudflare tunnel on my vps server. The problem I have is that during a DDOS attack cloudflare lets all the traffic through consequently the vps server is loaded and the site goes down. I am attaching my configurations for the domain below.
11 Replies
WAF custom rule
WAF rate limit
SSL settings
DDOS settings
bots
general security settings
how can i configure cloudflare settings to provide better security against DDOS attacks?
If you found some good knowledge please let me know 🙏 I been hitted by a major DDOS Attack today too, thank you for a settings you had already shared. I added them to my WAF and it helped with the attack
Btw. You should use OR instead of AND because then it checks if it meets all of the requirements. I also recommend Adding countries like: UAE and Isreal to the list as it is a command location for the bots too.
If you are under a DDoS attack then you can take a look at these threads for first steps and help with mitigation:
- https://community.cloudflare.com/t/under-ddos-attack-first-steps/89476
- https://community.cloudflare.com/t/mitigating-an-http-ddos-attack-manually-with-cloudflare/302366
I'm pretty sure the countries are not written out but in the country code like DE for Germany.... but I'm not sure.
Nope, Cloudflare autofills the correct country, you don't use a country code