Jump to content
MaxCheaters Official Group on X
MaxCheaters Official Group on Discord

Cloudflare Ddosing Me

Szakalaka

By Szakalaka
in Off-Topics

 Share

Recommended Posts

Szakalaka Newbie

Szakalaka

Posted
Posted

Hi, is there anyone with experience on CF? I got small web server on my vps (literally nothing interesting here), i allow only IPs from cloudflare range, so it's impossible to connect directly. Now, i am under ddos, and CF seems not to filter out the requests. At this point there were total 80kk requests from ONLY 30 unique visitors. How can i configure CF to ban IPs that connect lets say more than 1k times over an hour? I spent hours digging in their documentation and tools...

Link to comment
Share on other sites
Szakalaka Newbie

Szakalaka

Posted
  • Author
Posted

I know i can do it with iptables. The thing is, its just a tiny tiny vps, so every connection = check in the iptables. I just wanted cloudflare to take responsibility of filtering, not to let them into my server at all.

Link to comment
Share on other sites
xxdem Newbie

xxdem

Posted
Posted

I know i can do it with iptables. The thing is, its just a tiny tiny vps, so every connection = check in the iptables. I just wanted cloudflare to take responsibility of filtering, not to let them into my server at all.

 

None will do that for free. 

 

Keep in mind that iptables has nearly zero overhead and a very slight one in case of a few million records

Link to comment
Share on other sites
eressea Newbie

eressea

Posted
Posted (edited)

iptables is your friend, it can do anything you describe and literally ALL firewalls are just user interfaces for plain iptables. Just look for a guide on the net

 

Unless you have some special hardware like Radware DefensePro

 

I know i can do it with iptables. The thing is, its just a tiny tiny vps, so every connection = check in the iptables. I just wanted cloudflare to take responsibility of filtering, not to let them into my server at all.

 

I fear you won't find any free service for it; or at least service you can count on

 

Keep in mind that iptables has nearly zero overhead and a very slight one in case of a few million records

 

Depends on how many rules do you use, whether you use conntracking (and whether you use it the right way - then it can help much because you check only SYN packets and pass through the rest) etc...

There's also lot of additional settings that might interest you like SYN cookies.

 

Szaka: If I were you, I'd start with iptables and try to find something better only if iptables won't do it

 

EDIT: In case you need to check whether IP belongs to some set, don't set rules for all those addresses. Use ipset http://ipset.netfilter.org/

Edited by eressea
Link to comment
Share on other sites
xxdem Newbie

xxdem

Posted
Posted

Unless you have some special hardware like Radware DefensePro

 

AFAIK even hardware firewalls internally use iptables.

Except if someone writes his own OS for the firewall a case I really doubt since the iptables that comes with the linux Kernel is an extremely good and reliable base.

I may be wrong because I don't have much hands-on experience with firewalls

Link to comment
Share on other sites
eressea Newbie

eressea

Posted
Posted

AFAIK even hardware firewalls internally use iptables.

Except if someone writes his own OS for the firewall a case I really doubt since the iptables that comes with the linux Kernel is an extremely good and reliable base.

I may be wrong because I don't have much hands-on experience with firewalls

 

When it's Linux-based, it will use iptables, that's fact. There are some other options that are used commonly, for example pfSense which is FreeBSD-based. Also Cisco has it's own operating system (IOS, don't confuse with iOS)

Link to comment
Share on other sites
Sdw Newbie

Sdw

Posted
Posted

Depending on how, you can act on iptables or webserver, cloudflare, beside declaring yourself under attack you can't do shit. I wouldn't even consider those guy to protect me.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing


  • Posts

    • UTCHIHAmkt
      ✨FULL VERIFIED AGED DISCORD ACCOUNTS 2015–2024 Start at 0.4$

      By UTCHIHAmkt · Posted

      DISCORD : utchiha_market telegram : https://t.me/utchiha_market SELLIX STORE : https://utchihamkt.mysellix.io/ Join our server for more products : https://discord.gg/hood-services https://campsite.bio/utchihaamkt  
    • tomlondon12
      ✅ Mass DM Panel | Instagram, Twitter, Telegram and Discord!

      By tomlondon12 · Posted

      We are taking new orders!!    
    • FaTal1Ty
      L2-Prodigy

      By FaTal1Ty · Posted

      Server Rates: » Xp 500x. » Sp 500x. » Aden 500x. » Drop 1x. » PartyXp 2x. » PartySp 2x. » Starting character level -61. Enchant rates: » Safe enchant +4. » Blessed and simple scrolls max enchant (+16). » Crystal scrolls max enchant (+20). » Simple enchant scrolls chance – 65%. » Blessed enchant scrolls chance – 100%. » Crystal enchant scrolls chance – 50% Augmentations: » Mid life stone skill chance – 5%. » High life stone skill chance – 10%. » Top life stone skill chance – 20%. » Augments 1+1 Unique features: » Main town – Giran » Automatic-Manual Potions. » Working 2 castle sieges. (Giran-Aden) » SPS cancel lasts 10 seconds and than buffs come back. » Stackable scrolls, lifestones, book of giants. » Unique pvp zone » More then 11 active raid bosses. » Wedding system. » Unique farming areas. » Npc skill enchanter. » Full npc buffer with auto buff. » Max count of buffs – 55. » Max subclasses – 4. » Free and no quest class change. » Free and no quest sub class. » Raid boss drop nobless item. » No weight limit. » Unique protection anti-hwy armor for archers/daggers etc. » Ingame password change. » Top pvp/pk/online ranks NPC. » Unique monsters & NPC. » Interlude retail skills. » Server up-time [24/7] [99]%. » Perfect class balance (all class can kill all class depending on players skill and setup knowledge,gear,augmentations). » Announcements on double kills triple kills etc. » Announcements on Grand Boss death , with the name of the killer as well as clan name of the player. » Information Npc in game with all servers infromations. Custom server gear : 1). Titanium Armor Lv.1 2). Epic Armor Lv.2 3). Epic Weapons-Kamikaze-Black S grade (Same Stats) 4). Demonic-Angelic Wings-Baium Hair-Custom Accessories (SameStats) 5). Custom Fighter/Mage tattoo Lv1-Lv2-Lv3 6). Shirt (STR,CON,INT +1) 7). Custom Shields Server Commands: .tvtjoin .tvtleave – Join or leave tvt event. .ctfjoin .ctfleave – Join or leave ctf event. .dmjoin .dmleave – Join of leave dm event. .online – current online players count. .repair – repairs stuck character in world. .menu – opens online menu panel. .exit – PVP zone exit in case you are bullied. .changepassword - Opens online menu then u can change ur password in game. .farm - Enable/disable autofarm Event system: » TVT event » CTF event » DM event » Tournament Event » Party Zone » Unique event shop. Olympiad game: » Retail olympiad game. » Competition period [1] week. » Olympiad start time [18:00] end [00:00] GMT+2. » New Heroes every Sunday.
    • MarGaZeaS
      [L2J] KoofsVsNoobs

      By MarGaZeaS · Posted

      Tomorrow grand opening lests go 🙂 
    • SeconD
      [L2J] L2Blaze

      By SeconD · Posted

      New season of Warfire X150 has been postponed to September 28th.

  • Topics

×
×
  • Create New...