We are being DDOSed again, and cloudflare is catching most of it so the site is still usable. We are tweaking the settings of our DDOS protection to make it load faster

submitted by magnora7 from self.SaidIt

sorted by:
top
newinsightfulfun
you are viewing a single comment's thread.

view the rest of the comments →

[–]notaddos1 5 insightful - 2 fun5 insightful - 1 fun6 insightful - 2 fun -  (1 child)

Yes, although when we noticed the 429s, the other IP addresses that we didn't have also returned 429. Are you sure you're limiting the real IPS, not the IPS cloudflare?

The end point does not matter. Any url, the url contains a random xxxxxx number that is appended at the end to avoid some caching

[–][deleted] 4 insightful - 1 fun4 insightful - 0 fun5 insightful - 1 fun -  (0 children)

Thanks. Yeah the rate limiting is supposed to act on visitor ips not CF ips, but maybe it's misconfigured.