Protecting a website from DDOS attacks using cloudflare
1 hour ago, babadoctor said:…but for now I just want to worry about those attacks which require an attacker to send a massive amount of bandwidth.
Even Cloudflare will run into limits eventually. At that point there's not much you can do if you don't have the money to build up your own redundant infrastructure. It really depends on how much of a target you are. Largest known attacks on the internet were in the Tbps range. Even if you're not a direct target, the interruption this causes to other services could still affect you.
1 hour ago, babadoctor said:No, the DNS lookup doesnt show the IP address or anything like that.
What about server responses? Anything in there that could give away the actual IP(s)? Hiding behind a proxy is well and good as long as you don't reveal your own location by accident.
6 hours ago, babadoctor said:so then why is it that I constantly hear about websites being attacked and going offline for extended periods of time?
Not everyone uses Cloudflare, nor can Cloudflare mitigate every type of attack. Servers going offline could simply be a precaution due to security concerns. E.g. think about the recent Log4j vulnerability. Several of our customers took down their servers until we could clarify that our product doesn't even use it. There are also timing attacks where exploits may become possible once a server has been slowed down just enough, which might prompt a server shutdown until more resources can be brought online.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now