Being DDoS with over 1billion requests (so far)... (Site released just yesterday)
So, i've put in all the protection i can, but so far, its been almost 1 mil requests a minute-ish, and I don't really know what to do. I've set up the following settings but they appear to be hitting off my api, and i don't really know what other features to add....
These are the settings currently (btw the site isn't even loading now, and im talking about the main site):
If you have any ideas please let me know in this thread. I am pretty much desprate for anything at this point.
7 Replies
Yes I know this is just the discord but I dont have enough money to upgrade to the next plan above PRO to get the support chat
?ddos
If you are under a DDoS attack then you can take a look at these threads for first steps and help with mitigation:
- https://community.cloudflare.com/t/under-ddos-attack-first-steps/89476
- https://community.cloudflare.com/t/mitigating-an-http-ddos-attack-manually-with-cloudflare/302366
Those are helpful guides, although if they're hitting your API and you can't put something in front of it that makes a bit tricky unless you can craft a firewall rule to block them exactly
i'd also just do threat score <= 5 rather than 5 or 4
but yeah, ideally you work to spot a pattern and block that pattern
ty
The real solution is only relying on CF for volumetric L3/L4, ie., everything else is a host software responsibility.