{"id":21,"date":"2019-05-03T00:25:36","date_gmt":"2019-05-02T21:25:36","guid":{"rendered":"https:\/\/serdarwork.com\/tr\/?p=21"},"modified":"2023-01-06T00:55:05","modified_gmt":"2023-01-05T21:55:05","slug":"ddos-saldirilari-ve-ucretsiz-cloudflare-korumasi","status":"publish","type":"post","link":"https:\/\/serdarwork.com\/tr\/ddos-saldirilari-ve-ucretsiz-cloudflare-korumasi\/","title":{"rendered":"DDoS Sald\u0131r\u0131lar\u0131 ve \u00dccretsiz Cloudflare Korumas\u0131"},"content":{"rendered":"\n<p><strong>Cloudflare DDoS koruma<\/strong> ile ilgili internette ara\u015ft\u0131rma yapt\u0131ysan\u0131z e\u011fer &#8220;<em>Cloudflare \u00fccretsiz versiyonu DDoS sald\u0131r\u0131lar\u0131 i\u00e7in kolayl\u0131kla atlat\u0131labiliyor, web sitemi sald\u0131r\u0131lardan yeterince koruyam\u0131yor.<\/em>&#8221; gibi yorumlarla da s\u0131k s\u0131k kar\u015f\u0131la\u015fm\u0131\u015fs\u0131n\u0131zd\u0131r. Asl\u0131nda bu durum kullan\u0131c\u0131n\u0131n sunucusunu ya da Cloudflare&#8217;\u0131 do\u011fru bir \u015fekilde konfig\u00fcre edememesinden kaynaklanan yanl\u0131\u015f bir bak\u0131\u015f a\u00e7\u0131s\u0131d\u0131r.<\/p>\n\n\n\n<!--more-->\n\n\n<div class=\"wp-block-image is-style-default\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"512\" height=\"512\" src=\"https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/04\/hacker.png\" alt=\"hacker\" class=\"wp-image-55\" srcset=\"https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/04\/hacker.png 512w, https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/04\/hacker-150x150.png 150w, https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/04\/hacker-300x300.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure><\/div>\n\n\n<h2 class=\"wp-block-heading\">DDoS Sald\u0131r\u0131s\u0131 Nas\u0131l Engellenir<\/h2>\n\n\n\n<p><strong>DDoS sald\u0131r\u0131s\u0131 engelleme<\/strong> i\u00e7in \u00f6ncelikle Cloudflare ayarlar\u0131n\u0131z\u0131 yaparken sitenizin ger\u00e7ek ip adresini gizledi\u011finizden emin olmal\u0131s\u0131n\u0131z. Sunucunuzun g\u00fcvenlik duvar\u0131n\u0131 sadece Cloudflare \u00fczerinden gelen ziyaret\u00e7ileri kabul edecek \u015fekilde yap\u0131land\u0131r\u0131rsan\u0131z, do\u011frudan sitenizin ger\u00e7ek ip adresini hedef alan sald\u0131r\u0131lar\u0131n \u00f6n\u00fcne ge\u00e7ebilirsiniz.<\/p>\n\n\n\n<p>Tabii, \u00f6ncesinde sunucu bilginizin olmas\u0131, ola\u011fan d\u0131\u015f\u0131 durumu g\u00f6zlemleyebilmek i\u00e7in loglar\u0131 incelemeniz ve hangi b\u00fcy\u00fckl\u00fckte bir sald\u0131r\u0131 alt\u0131nda oldu\u011funuzu bilerek hareket etmeniz gerekir.<\/p>\n\n\n\n<p>Cloudflare \u00fccretsiz versiyonunda sitenize gelen DDoS ataklar\u0131n\u0131n b\u00fcy\u00fckl\u00fc\u011f\u00fc fark etmeksizin &#8211;<strong>Layer 7 DDoS sald\u0131r\u0131lar\u0131<\/strong> dahil- s\u0131n\u0131rs\u0131z koruma sa\u011flamaktad\u0131r. Tabii \u00fccretli planlar ihtiya\u00e7lar\u0131n\u0131zla orant\u0131l\u0131 olarak ekstra opsiyonlar sunmaktad\u0131r fakat sitenize devasa b\u00fcy\u00fckl\u00fckte bir sald\u0131r\u0131 var, bu seviyede bir koruma i\u00e7in \u00fccret \u00f6demelisiniz gibi bir durum s\u00f6z konusu de\u011fildir.<\/p>\n\n\n\n<p>E\u011fer sunucu ve Cloudflare tarafl\u0131 gerekli d\u00fczenlemeleri yapt\u0131\u011f\u0131n\u0131za eminseniz, atak s\u0131ras\u0131nda Cloudflare&#8217;\u0131n &#8220;<strong>I&#8217;m Under Attack<\/strong>&#8221; modunu kullanarak pek \u00e7ok sald\u0131r\u0131dan kurtulabilirsiniz.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\u00d6rnek Bir DDoS Sald\u0131r\u0131s\u0131<\/h2>\n\n\n\n<p>Bir ka\u00e7 g\u00fcn \u00f6nce forum sitelerinde DDoS ile ilgili bir konuya rastlad\u0131m. Payla\u015f\u0131ml\u0131 hostingde bar\u0131nd\u0131r\u0131lan bir web sitesi, gelen DDoS ataklar\u0131yla beraber \u00e7\u00f6kme sorunu ya\u015f\u0131yor. Sonras\u0131nda VDS&#8217;ye ge\u00e7i\u015f yapsa da benzer sald\u0131r\u0131lar devam etti\u011fi i\u00e7in \u00e7ok ge\u00e7meden yeni sunucusu da \u00e7\u00f6k\u00fcyordu. \u00dcstelik sitesini Cloudflare ile korumas\u0131na ra\u011fmen&#8230;<\/p>\n\n\n\n<p>Tabii, burada sorunun kayna\u011f\u0131n\u0131 Cloudflare olarak g\u00f6rmek i\u015fin kolay\u0131na ka\u00e7mak olurdu. Sunucusunu sa\u011flam bir network g\u00fcc\u00fc sunan Vultr&#8217;a ta\u015f\u0131may\u0131 ve tabii server kurulumu, optimizasyonu dahil olmak \u00fczere, Cloudflare konfig\u00fcrasyonu ile birlikte t\u00fcm ta\u015f\u0131ma i\u015flemlerini bizzat yapabilece\u011fim konusunda bir teklif sundum.<\/p>\n\n\n\n<p>\u00c7ok ge\u00e7meden ta\u015f\u0131ma i\u015flemlerine ba\u015flad\u0131k. M\u00fc\u015fterimizin sitesini yeni sunucuya ta\u015f\u0131d\u0131\u011f\u0131m\u0131z gibi DDoS sald\u0131r\u0131lar\u0131 tam gaz kald\u0131\u011f\u0131 yerden devam etti. Site ger\u00e7ekten b\u00fcy\u00fck boyutta bir atak ile kar\u015f\u0131 kar\u015f\u0131ya kalm\u0131\u015ft\u0131.<\/p>\n\n\n\n<p>Sald\u0131r\u0131y\u0131<strong> \/?s=abc, \/?s=xyz <\/strong>gibi her bir istekte farkl\u0131 random harfler kullanarak milyonlarca sorgular olu\u015fturup sunucuyu yan\u0131ts\u0131z b\u0131rakmay\u0131 deniyorlard\u0131.<\/p>\n\n\n\n<p>Son 24 saatte <strong>291,000,000<\/strong> &#8216;un \u00fczerinde istek g\u00f6nderildi.<\/p>\n\n\n<div class=\"wp-block-image is-style-default\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"330\" height=\"252\" src=\"https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/05\/ddos-attacks.png\" alt=\"ddos ataklar\u0131\" class=\"wp-image-382\" srcset=\"https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/05\/ddos-attacks.png 330w, https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/05\/ddos-attacks-300x229.png 300w\" sizes=\"(max-width: 330px) 100vw, 330px\" \/><\/figure><\/div>\n\n\n<p>Zaman aral\u0131\u011f\u0131n\u0131 24 saatten 7 g\u00fcne geni\u015fletirsek, T\u00fcrkiye\u2019den son bir haftada sadece <strong>34,300<\/strong> civar\u0131nda HTTP iste\u011fi yap\u0131ld\u0131\u011f\u0131n\u0131 g\u00f6r\u00fcyoruz. Sitenin T\u00fcrk kullan\u0131c\u0131lara hizmet veren ve tamamen T\u00fcrk\u00e7e bir web sitesi oldu\u011funu g\u00f6z \u00f6n\u00fcnde bulundurdu\u011fumuzda, ger\u00e7ek ziyaret\u00e7ilerden gelen bu isteklerin, sald\u0131r\u0131n\u0131n yan\u0131nda bir hi\u00e7 oldu\u011funu rahatl\u0131kla g\u00f6rebiliriz.<\/p>\n\n\n\n<figure class=\"wp-block-image alignwide size-large is-style-default\"><img loading=\"lazy\" decoding=\"async\" width=\"916\" height=\"438\" src=\"https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/04\/ddos-countries.png\" alt=\"ddos \u00fclkeler\" class=\"wp-image-31\" srcset=\"https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/04\/ddos-countries.png 916w, https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/04\/ddos-countries-300x143.png 300w, https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/04\/ddos-countries-768x367.png 768w\" sizes=\"(max-width: 916px) 100vw, 916px\" \/><\/figure>\n\n\n\n<p>DDoS sald\u0131r\u0131lar\u0131 sunucunuzun bant geni\u015fli\u011fi limitlerini de gereksiz olarak etkileyebilir. Bu sald\u0131r\u0131da ise sadece 24 saat i\u00e7erisinde <strong>1.21TB <\/strong>ciddi bir veri ak\u0131\u015f\u0131 g\u00f6r\u00fcl\u00fcyor.<\/p>\n\n\n<div class=\"wp-block-image is-style-default\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"330\" height=\"239\" src=\"https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/05\/ddos-bandwidth.png\" alt=\"ddos bant geni\u015fli\u011fi\" class=\"wp-image-384\" srcset=\"https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/05\/ddos-bandwidth.png 330w, https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/05\/ddos-bandwidth-300x217.png 300w\" sizes=\"(max-width: 330px) 100vw, 330px\" \/><\/figure><\/div>\n\n\n<p>Neyseki bu 1.21TB&#8217;l\u0131k gereksiz veri ak\u0131\u015f\u0131 yine Cloudflare ile sald\u0131rganlar aras\u0131nda ger\u00e7ekle\u015ftirilmi\u015f oldu. Sunucuya yans\u0131t\u0131lmad\u0131.<\/p>\n\n\n\n<p>Asya a\u011f\u0131rl\u0131kl\u0131 olmak \u00fczere d\u00fcnyan\u0131n pek \u00e7ok farkl\u0131 lokasyonundan, farkl\u0131 ip adresleri kullanarak 48 saatten fazla bir s\u00fcredir sald\u0131rmaya devam ettiler.<\/p>\n\n\n\n<figure class=\"wp-block-image alignwide size-large is-style-default\"><img loading=\"lazy\" decoding=\"async\" width=\"900\" height=\"289\" src=\"https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/05\/example-ddos-attacks.png\" alt=\"ddos \u00f6rnek sald\u0131r\u0131\" class=\"wp-image-385\" srcset=\"https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/05\/example-ddos-attacks.png 900w, https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/05\/example-ddos-attacks-300x96.png 300w, https:\/\/serdarwork.com\/tr\/wp-content\/uploads\/sites\/2\/2019\/05\/example-ddos-attacks-768x247.png 768w\" sizes=\"(max-width: 900px) 100vw, 900px\" \/><\/figure>\n\n\n\n<p>Sunucu hizmetimizde, sitenizi olduk\u00e7a performansl\u0131 bulut sunuculara ta\u015f\u0131mak ile birlikte <strong>Cloudflare DDoS korumas\u0131n\u0131<\/strong> siteniz i\u00e7in en iyi \u015fekilde ayarl\u0131yoruz. Kurulumunu ve optimizasyonunu \u00fcstlendi\u011fimiz  sunucunuza, sald\u0131rganlar\u0131n Cloudflare&#8217;\u0131 bypass ederek eri\u015fememeleri i\u00e7in pek \u00e7ok \u00f6nlem al\u0131yoruz. T\u00fcm i\u015flemleri sizin ad\u0131n\u0131za eksiksiz yap\u0131yoruz. Ayr\u0131ca sald\u0131r\u0131 alman\u0131z halinde gerekli teknik deste\u011fi de sa\u011flayaca\u011f\u0131m\u0131zdan \u015f\u00fcpheniz olmas\u0131n.<\/p>\n\n\n\n<p>E\u011fer siz de rakiplerinizin sitenize bu tarz bir sald\u0131r\u0131 d\u00fczenleyeceklerini d\u00fc\u015f\u00fcn\u00fcyorsan\u0131z, \u00f6nlemlerinizi ge\u00e7 olmadan almal\u0131s\u0131n\u0131z. Aksi halde siteniz uzun s\u00fcre kapal\u0131 kalaca\u011f\u0131 gibi Google taraf\u0131ndan da cezaland\u0131r\u0131labilir.<\/p>\n\n\n\n<p><strong>Daha fazla bilgi alabilmek i\u00e7in<\/strong> <strong>l\u00fctfen bizimle <a rel=\"noreferrer noopener\" href=\"https:\/\/serdarwork.com\/tr\/iletisim\/\" target=\"_blank\">ileti\u015fime<\/a> ge\u00e7mekten \u00e7ekinmeyin.<\/strong><\/p>\n\n\n\n<p>E\u015fsiz \u00f6zellikler bar\u0131nd\u0131ran Cloudflare, g\u00fcvenlik a\u00e7\u0131s\u0131ndan sitenize bir hayli katk\u0131 sa\u011flayacakt\u0131r. Ay\u0131rt etmeksizin t\u00fcm projelerinizde tercih etmenizi \u00f6neririm. Konumuzun d\u0131\u015f\u0131na \u00e7\u0131kmamak ad\u0131na Cloudflare&#8217;\u0131n sundu\u011fu site h\u0131z performans\u0131n\u0131 art\u0131ran say\u0131s\u0131z \u00f6zellikten bahsetmiyorum bile. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cloudflare DDoS koruma ile ilgili internette ara\u015ft\u0131rma yapt\u0131ysan\u0131z e\u011fer &#8220;Cloudflare \u00fccretsiz versiyonu DDoS sald\u0131r\u0131lar\u0131 i\u00e7in kolayl\u0131kla atlat\u0131labiliyor, web sitemi sald\u0131r\u0131lardan yeterince koruyam\u0131yor.&#8221; gibi yorumlarla da s\u0131k s\u0131k kar\u015f\u0131la\u015fm\u0131\u015fs\u0131n\u0131zd\u0131r. Asl\u0131nda bu durum kullan\u0131c\u0131n\u0131n sunucusunu ya da Cloudflare&#8217;\u0131 do\u011fru bir \u015fekilde konfig\u00fcre edememesinden kaynaklanan yanl\u0131\u015f bir bak\u0131\u015f a\u00e7\u0131s\u0131d\u0131r.<\/p>\n","protected":false},"author":1,"featured_media":38,"comment_status":"open","ping_status":"closed","sticky":true,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"_links":{"self":[{"href":"https:\/\/serdarwork.com\/tr\/wp-json\/wp\/v2\/posts\/21"}],"collection":[{"href":"https:\/\/serdarwork.com\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serdarwork.com\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serdarwork.com\/tr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/serdarwork.com\/tr\/wp-json\/wp\/v2\/comments?post=21"}],"version-history":[{"count":0,"href":"https:\/\/serdarwork.com\/tr\/wp-json\/wp\/v2\/posts\/21\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/serdarwork.com\/tr\/wp-json\/wp\/v2\/media\/38"}],"wp:attachment":[{"href":"https:\/\/serdarwork.com\/tr\/wp-json\/wp\/v2\/media?parent=21"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serdarwork.com\/tr\/wp-json\/wp\/v2\/categories?post=21"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serdarwork.com\/tr\/wp-json\/wp\/v2\/tags?post=21"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}