"The example of Cloudflare; The DDOS "bot" would still be hitting the server with packets and will still be using bandwidth on that server, so you can still perform such overflow."
Fully blocking means it doesn't hit your server.
If you're using a CloudFlare block by country, it isn't a full block and shows a captcha. This is pretty effective in stopping most bots.
Important to note that we will only help with stuff that we actually proxy (web traffic). If they are attacking your IP directly, that is a different issue entirely (still some things you can do to stem).
(2012-09-10, 06:53 PM)damoncloudflare Wrote: [ -> ]"The example of Cloudflare; The DDOS "bot" would still be hitting the server with packets and will still be using bandwidth on that server, so you can still perform such overflow."
Fully blocking means it doesn't hit your server.
If you're using a CloudFlare block by country, it isn't a full block and shows a captcha. This is pretty effective in stopping most bots.
Important to note that we will only help with stuff that we actually proxy (web traffic). If they are attacking your IP directly, that is a different issue entirely (still some things you can do to stem).
So basically you mean to say that cloudflare helps hiding the server IP and builds a wall against attacks also speeds up the site performance?
All cloudflare does it understand what a denial of service attack looks like and then learns who is launching it and is able to just add a firewall rule to blackhole the connection. Now, RUDY attacks they are unable of blocking.
(2012-09-10, 06:53 PM)damoncloudflare Wrote: [ -> ]"The example of Cloudflare; The DDOS "bot" would still be hitting the server with packets and will still be using bandwidth on that server, so you can still perform such overflow."
Fully blocking means it doesn't hit your server.
If you're using a CloudFlare block by country, it isn't a full block and shows a captcha. This is pretty effective in stopping most bots.
Important to note that we will only help with stuff that we actually proxy (web traffic). If they are attacking your IP directly, that is a different issue entirely (still some things you can do to stem).
CloudFlare doesn't work like that. That wouldn't fix a DDOS issue. Bandwidth is still being transmitted, overflows will come into action. DNS = Unavailable = website down.
Blocking a country cannot stop a bot network of thousands of bots.
I'm pretty sure Damon knows exactly how cloudflare works...
(2012-09-12, 10:24 AM)euantor Wrote: [ -> ]I'm pretty sure Damon knows exactly how cloudflare works...
Lol you're right because he works for cloudflare and we don't so he know more than us about cloudflare.
(2012-09-12, 09:51 PM)kamz89 Wrote: [ -> ] (2012-09-12, 10:24 AM)euantor Wrote: [ -> ]I'm pretty sure Damon knows exactly how cloudflare works...
Lol you're right because he works for cloudflare and we don't so he know more than us about cloudflare.
I would hope that I know more about CloudFlare than you do. Like I've said before, I'm Under Attack is very good at stopping/mitigating many common http: attacks (MOST site admins here are probably on free or Pro plans, so I'm Under Attack is really the best available option). More advanced DDoS protection is available to
paid CloudFlare plans.
(2012-09-12, 09:37 AM)Kickerbat Wrote: [ -> ] (2012-09-10, 06:53 PM)damoncloudflare Wrote: [ -> ]"The example of Cloudflare; The DDOS "bot" would still be hitting the server with packets and will still be using bandwidth on that server, so you can still perform such overflow."
Fully blocking means it doesn't hit your server.
If you're using a CloudFlare block by country, it isn't a full block and shows a captcha. This is pretty effective in stopping most bots.
Important to note that we will only help with stuff that we actually proxy (web traffic). If they are attacking your IP directly, that is a different issue entirely (still some things you can do to stem).
CloudFlare doesn't work like that. That wouldn't fix a DDOS issue. Bandwidth is still being transmitted, overflows will come into action. DNS = Unavailable = website down.
Blocking a country cannot stop a bot network of thousands of bots.
Cloudflare is not really helpful.
If you want something better get a firewall up and just use it.
(2012-09-13, 11:38 AM)Beyond the Lines Wrote: [ -> ] (2012-09-12, 09:37 AM)Kickerbat Wrote: [ -> ] (2012-09-10, 06:53 PM)damoncloudflare Wrote: [ -> ]"The example of Cloudflare; The DDOS "bot" would still be hitting the server with packets and will still be using bandwidth on that server, so you can still perform such overflow."
Fully blocking means it doesn't hit your server.
If you're using a CloudFlare block by country, it isn't a full block and shows a captcha. This is pretty effective in stopping most bots.
Important to note that we will only help with stuff that we actually proxy (web traffic). If they are attacking your IP directly, that is a different issue entirely (still some things you can do to stem).
CloudFlare doesn't work like that. That wouldn't fix a DDOS issue. Bandwidth is still being transmitted, overflows will come into action. DNS = Unavailable = website down.
Blocking a country cannot stop a bot network of thousands of bots.
Cloudflare is not really helpful.
If you want something better get a firewall up and just use it.
We have tons of sites that have used us to help mitigate DDoS attacks that would disagree.We just aren't going to stop *every* attack.
I'm under your Business plan now and attacks like RUDY are pretty much done with. At best they last for a few minutes until my scripts activate various mechanisms to stop it. I do stuff on my end too.
btw if Damon can take a suggestion about CF..for business I'd like more control for my block list. It's very slow and you can't even grab via API your current block list. I'd love the option of adding a massive block list I have consisting of most datacenters I deem a problem. Most sites do not need datacenters to have access to their site. They just need home connections. By blocking datacenters I block most proxies, VPNs, and attacking bot datacenters.
So again I hope CF has betters tools and options for Business subscribers to control their blocklist. The current method sucks.
Oh also you can't add cidr blocks other then 0/24 and 0/16. Also sucks.
Quote:Now, RUDY attacks they are unable of blocking.
Not entirely true and RUDY attacks are stoppable at the Apache level when interacting with your Firewall...if you know what you're doing. With DDOS protection you should have connectability between all your services so that if you're detecting it at the HTTP level you bump it up to your firewall and from there you can bump it to Cloudflare or your datacenter. At any rate most people just don't have the access or the knowledge to effectively stop ddos attacks.