WingNews logo WingNews
top | item 44371380

(no title)

ripberge | 8 months ago

Huh, I got attacked from 170 countries last year (HTTP) and Cloudflare's autonomous detection (machine learning powered) rules did almost nothing. It was millions of the same requests over and over and the only thing that we could do to stop it was manually put in rules to block routes. Not only that, some of the attacking traffic came from within Cloudflare workers or it was at least going through their WARP client (those details are now fuzzy). Was a pretty miserable failure to perform on their part.

discuss

order

pacalleri|8 months ago

Similar experience last week. But tbh I'm using the free plan so I wasn't expecting too much from them. What it worked was to use nginx rate limiter aggressively, parse logs and deny top ips with nginx. Because all traffic comes through CF I wasn't able to use iptables for blocking

hombre_fatal|8 months ago

If you can thwart it with your own nginx, then it can’t be much of an attack. Cloudflare is one of your only hopes against a volumetric attack especially when paying $0.

reassess_blind|8 months ago

Cloudflare’s has a free rate limit feature, btw. Not as configurable as nginx but it’s nice to not have the requests touch your server at all.