Jump to content
MaxCheaters Official Group at Discord
--> Place your ad text here <--

Cloudflare Ddosing Me

Szakalaka

By Szakalaka
in Off-Topics

 Share

Recommended Posts

Szakalaka Newbie

Szakalaka

Posted
Posted

Hi, is there anyone with experience on CF? I got small web server on my vps (literally nothing interesting here), i allow only IPs from cloudflare range, so it's impossible to connect directly. Now, i am under ddos, and CF seems not to filter out the requests. At this point there were total 80kk requests from ONLY 30 unique visitors. How can i configure CF to ban IPs that connect lets say more than 1k times over an hour? I spent hours digging in their documentation and tools...

Link to comment
Share on other sites
Szakalaka Newbie

Szakalaka

Posted
  • Author
Posted

I know i can do it with iptables. The thing is, its just a tiny tiny vps, so every connection = check in the iptables. I just wanted cloudflare to take responsibility of filtering, not to let them into my server at all.

Link to comment
Share on other sites
xxdem Newbie

xxdem

Posted
Posted

I know i can do it with iptables. The thing is, its just a tiny tiny vps, so every connection = check in the iptables. I just wanted cloudflare to take responsibility of filtering, not to let them into my server at all.

 

None will do that for free. 

 

Keep in mind that iptables has nearly zero overhead and a very slight one in case of a few million records

Link to comment
Share on other sites
eressea Newbie

eressea

Posted
Posted (edited)

iptables is your friend, it can do anything you describe and literally ALL firewalls are just user interfaces for plain iptables. Just look for a guide on the net

 

Unless you have some special hardware like Radware DefensePro

 

I know i can do it with iptables. The thing is, its just a tiny tiny vps, so every connection = check in the iptables. I just wanted cloudflare to take responsibility of filtering, not to let them into my server at all.

 

I fear you won't find any free service for it; or at least service you can count on

 

Keep in mind that iptables has nearly zero overhead and a very slight one in case of a few million records

 

Depends on how many rules do you use, whether you use conntracking (and whether you use it the right way - then it can help much because you check only SYN packets and pass through the rest) etc...

There's also lot of additional settings that might interest you like SYN cookies.

 

Szaka: If I were you, I'd start with iptables and try to find something better only if iptables won't do it

 

EDIT: In case you need to check whether IP belongs to some set, don't set rules for all those addresses. Use ipset http://ipset.netfilter.org/

Edited by eressea
Link to comment
Share on other sites
xxdem Newbie

xxdem

Posted
Posted

Unless you have some special hardware like Radware DefensePro

 

AFAIK even hardware firewalls internally use iptables.

Except if someone writes his own OS for the firewall a case I really doubt since the iptables that comes with the linux Kernel is an extremely good and reliable base.

I may be wrong because I don't have much hands-on experience with firewalls

Link to comment
Share on other sites
eressea Newbie

eressea

Posted
Posted

AFAIK even hardware firewalls internally use iptables.

Except if someone writes his own OS for the firewall a case I really doubt since the iptables that comes with the linux Kernel is an extremely good and reliable base.

I may be wrong because I don't have much hands-on experience with firewalls

 

When it's Linux-based, it will use iptables, that's fact. There are some other options that are used commonly, for example pfSense which is FreeBSD-based. Also Cisco has it's own operating system (IOS, don't confuse with iOS)

Link to comment
Share on other sites
Sdw Newbie

Sdw

Posted
Posted

Depending on how, you can act on iptables or webserver, cloudflare, beside declaring yourself under attack you can't do shit. I wouldn't even consider those guy to protect me.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing


  • Posts

    • ULTRASTORE
      Stop searching, all accounts are available with email acces

      By ULTRASTORE · Posted

      Welcome to my store :  https://topestore.mysellix.io/fr/ 2015-2022 Aged Discord Account 2015 Discord Account : 50.99 $ 2016 Discord Account : 10$ 2017 Discord Account :3.99 $ 2018 Discord Account : 3.50$ 2019 Discord Account : 2.70 $ 2020 Discord Account :1.50$ 2021 Discord Account :0.99$ 2022 Discord Account :0.70$ Warranty :Lifetime Payment Methods : Crypto/ PayPal Contact Me On Discord Or Telegram Discord : @ultrasstore11 Telegram : https://t.me/ultrastore1 Welcome to my store :  https://topestore.mysellix.io/fr/ 2015-2022 Aged Discord Account 2015 Discord Account : 50.99 $ 2016 Discord Account : 10$ 2017 Discord Account :3.99 $ 2018 Discord Account : 3.50$ 2019 Discord Account : 2.70 $ 2020 Discord Account :1.50$ 2021 Discord Account :0.99$ 2022 Discord Account :0.70$ Warranty :Lifetime Payment Methods : Crypto/ PayPal Contact Me On Discord Or Telegram Discord : @ultrasstore11
    • fearless1
      [L2J] Arena War 3x Interlude Classic Files

      By fearless1 · Posted

      L2 ArenaWar: Low Rate PvP Server with Free Buffs & Autofarm [PVP]⚔️ [Free]🆓 Classic Interlude with  3x XP rates! Free starter pack(no grade) to kickstart your adventure! Autofarm for convenient grinding! Free buffs to keep you fighting fit! (2 job buffs) No experience loss on death! (Except with Karma) Clear Karma system to keep things fair! ⚖️ Active community of 800-1k players! Join our Discord to learn more! >> Discord <<     Server website: https://l2arenawar.com/en/    
    • Dorie
      [Q] How do you clear/reset ExServerPrimitive packet properly

      By Dorie · Posted

      This is dedication! 2 years working on a problem. Congratulations!
    • Tryskell
      [Q] How do you clear/reset ExServerPrimitive packet properly

      By Tryskell · Posted

      You indeed have to save player position over Enterworld to properly clean it up later (if you don't, even trying to delete packet content would eventually keep it up), that's what we do with debug packet (which is a reusable Map of ExServerPrimitive packets) on aCis.   It doesn't solve the FPS stuttering - more you draw/delete lines, more your client becomes laggy. It's like if client wasn't deleting drawn points/lines properly, but instead simply hide them and redrawn content above.   If you got a solution, I would happy to integrate it.   You should check aCis#Player _debug packet integration, it allows very big amount of lines/points to be drawn, it is also reusable.   https://gitlab.com/Tryskell/acis_public/-/blob/master/aCis_gameserver/java/net/sf/l2j/gameserver/model/actor/Player.java?ref_type=heads https://gitlab.com/Tryskell/acis_public/-/blob/master/aCis_gameserver/java/net/sf/l2j/gameserver/network/clientpackets/EnterWorld.java?ref_type=heads  
    • TOPsellers
      we sell WEBSITE TEMPLATES

      By TOPsellers · Posted

      we sell website templates, make websites to order. Great selection at very good prices. My contacts discord : advert1231 telegram : https://t.me/ggwpins  

  • Topics

×
×
  • Create New...