Posts: 36
Threads: 6
Joined: Jul 2012
All cloudflare does it understand what a denial of service attack looks like and then learns who is launching it and is able to just add a firewall rule to blackhole the connection. Now, RUDY attacks they are unable of blocking.
Posts: 36
Threads: 6
Joined: Jul 2012
(2012-09-12, 09:37 AM)Kickerbat Wrote: (2012-09-10, 06:53 PM)damoncloudflare Wrote: "The example of Cloudflare; The DDOS "bot" would still be hitting the server with packets and will still be using bandwidth on that server, so you can still perform such overflow."
Fully blocking means it doesn't hit your server.
If you're using a CloudFlare block by country, it isn't a full block and shows a captcha. This is pretty effective in stopping most bots.
Important to note that we will only help with stuff that we actually proxy (web traffic). If they are attacking your IP directly, that is a different issue entirely (still some things you can do to stem).
CloudFlare doesn't work like that. That wouldn't fix a DDOS issue. Bandwidth is still being transmitted, overflows will come into action. DNS = Unavailable = website down.
Blocking a country cannot stop a bot network of thousands of bots.
Cloudflare is not really helpful.
If you want something better get a firewall up and just use it.
Posts: 9,866
Threads: 594
Joined: Jan 2006
2012-09-13, 10:57 PM
(This post was last modified: 2012-09-13, 11:02 PM by User 2877.)
I'm under your Business plan now and attacks like RUDY are pretty much done with. At best they last for a few minutes until my scripts activate various mechanisms to stop it. I do stuff on my end too.
btw if Damon can take a suggestion about CF..for business I'd like more control for my block list. It's very slow and you can't even grab via API your current block list. I'd love the option of adding a massive block list I have consisting of most datacenters I deem a problem. Most sites do not need datacenters to have access to their site. They just need home connections. By blocking datacenters I block most proxies, VPNs, and attacking bot datacenters.
So again I hope CF has betters tools and options for Business subscribers to control their blocklist. The current method sucks.
Oh also you can't add cidr blocks other then 0/24 and 0/16. Also sucks.
Quote:Now, RUDY attacks they are unable of blocking.
Not entirely true and RUDY attacks are stoppable at the Apache level when interacting with your Firewall...if you know what you're doing. With DDOS protection you should have connectability between all your services so that if you're detecting it at the HTTP level you bump it up to your firewall and from there you can bump it to Cloudflare or your datacenter. At any rate most people just don't have the access or the knowledge to effectively stop ddos attacks.