Personal Blog

DDoS Attacks and Free Cloudflare Protection

If you have ever made any research about Cloudflare DDoS protection, you probably have seen comments like “Free version of Cloudfare could be defused really easily, it is not effective.” often. Actually, this is a wrong point of view caused by the incorrect configuration of the server or Cloudflare.

How to prevent DDoS Attacks

First of all, while setting Cloudflare you must check if your IP address is being hidden. If you set your server’s security wall in a way that only the visitors, who are visiting through Cloudflare can pass, then you can prevent the attacks that are directed to your origin IP address.

Of course, you should first have knowledge about the server, you should analyze the logs for any unusual situation, and you should also know how big the attack is before making anything.

The free version of the Cloudflare plan protects your site from any DDoS attack –including Layer 7 DDoS attacks– Of course, the paid versions offer extra options according to your needs, however, it doesn’t mean that you must pay for a higher level of protection if you are under a really huge attack.

If you are sure about that you have made the essential settings the server and Cloudflare right, during the attack you can simply activate  “I’m Under Attack” mode via Cloudflare Dashboard, in this way you can prevent a lot of attacks.

A Large DDoS Attack

A few days ago, I saw a thread about DDoS in a forum site. A web site which is hosted by a managed hosting company has the problem of corrupting because of DDoS attacks, although it is being secured by Cloudflare. These attacks were continuing after transferring it to VDS and the new server was corrupting again.

Of course, finding the source of the problem in Cloudflare would be the easy and wrong way. I offered transferring their server to Vultr and building and also configuring the server.

In a while, we started the transferring process. After transferring our customer’s site to the new servers, the attacks continued. The site was under a huge attack.

The attackers were trying to stop the server from answering by making billions of query requests with random letters such as /?s=abc , /?s=xyz .

In the last 24 hours, more than 291,000,000 requests have been sent to the server.

We had a look and saw that there was appr. 34,300 HTTP requests that were made in Turkey over one week period. If we consider the fact that this site is Turkish used by Turkish users, the requests of the real visitors are a small part in comparison to the requests made by the attackers.

DDoS attacks can affect the limits of the server’s bandwidth. In this attack, more than 1.21TB in less than 24 hours can be seen.

Luckily this dataflow took place between the attackers and Cloudflare. The server wasn’t affected by it.

An example of the DDoS (requests by countries)

The attackers kept on attacking for more than 48 hours. They were from all around the world, mostly from Asia.

In our Nginx WordPress migration service, we move your sites to the cloud servers and setup Cloudflare DDoS protection for your site. We take every precaution against the attackers, who are trying to bypass Cloudflare and reach to your server. All these services are completed by us. We also offer technical help in case of an attack, don’t waste your time!

If you think that that kind of an attack is possible to your site, take precaution before it is too late. If you do not take precaution your site may not only get shot down for a long time, it may also be punished by Google.

If you have any questions or if you need consulting feel free to ask.

Cloudflare will contribute to the security of your website. I suggest you to prefer it for all your projects. I’m not even talking about the site speed performance which Cloudflare is offering. 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *