Learn about Centmin Mod LEMP Stack today
Become a Member

Cloudflare Cloudflare Announces Unmetered DDOS Mitigation For All Plans

Discussion in 'Domains, DNS, Email & SSL Certificates' started by eva2000, Sep 26, 2017.

  1. eva2000

    eva2000 Administrator Staff Member

    49,350
    11,308
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,591
    Local Time:
    6:36 PM
    Nginx 1.21.x
    MariaDB 10.x
    Good news, Cloudflare made the announcement on their blog that all plans are getting unmetered DDOS migitation protection https://blog.cloudflare.com/unmetered-mitigation/ :cool:

    upload_2017-9-26_5-39-51.png

     
  2. Revenge

    Revenge Active Member

    467
    93
    28
    Feb 21, 2016
    Portugal
    Ratings:
    +354
    Local Time:
    9:36 AM
    1.9.x
    10.1.x
    How does Cloudflare protects from Layer 3 and 4? I never understood that. A layer 4 attack is an attack directly to the server IP in order to full the network bandwith causing a denial of service. If we attack the server IP, Cloudflare is completely bypassed.
     
  3. eva2000

    eva2000 Administrator Staff Member

    49,350
    11,308
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,591
    Local Time:
    6:36 PM
    Nginx 1.21.x
    MariaDB 10.x
    believe they're referring to DDOS mitigation at Cloudflare Edge servers
    so technically they're protecting themselves (Cloudflare) and not charging Cloudflare customers for it heh

    upload_2017-9-26_7-35-44.png
     
  4. eva2000

    eva2000 Administrator Staff Member

    49,350
    11,308
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,591
    Local Time:
    6:36 PM
    Nginx 1.21.x
    MariaDB 10.x
  5. eva2000

    eva2000 Administrator Staff Member

    49,350
    11,308
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,591
    Local Time:
    6:36 PM
    Nginx 1.21.x
    MariaDB 10.x
    more clarification https://community.cloudflare.com/t/l7-mitigation-on-pro-plan/6010

     
  6. RB1

    RB1 Active Member

    292
    75
    28
    Nov 11, 2016
    California
    Ratings:
    +122
    Local Time:
    1:36 AM
    Nginx 1.21.x
    MariaDB 10.1.x
    I guess it's about time that I stop DDoSing centminmod.com
     
  7. eva2000

    eva2000 Administrator Staff Member

    49,350
    11,308
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,591
    Local Time:
    6:36 PM
    Nginx 1.21.x
    MariaDB 10.x
    :eek::LOL:o_O
     
  8. rdan

    rdan Premium Member Premium Member

    5,332
    1,338
    113
    May 25, 2014
    Ratings:
    +2,069
    Local Time:
    4:36 PM
    Mainline
    10.2
    Only Cloudflare can stop this attack :|

    upload_2022-5-26_0-41-10.png

    upload_2022-5-26_2-5-3.png
     
    Last edited: May 26, 2022
  9. eva2000

    eva2000 Administrator Staff Member

    49,350
    11,308
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,591
    Local Time:
    6:36 PM
    Nginx 1.21.x
    MariaDB 10.x
    woah what was the peak requests there ?
     
  10. rdan

    rdan Premium Member Premium Member

    5,332
    1,338
    113
    May 25, 2014
    Ratings:
    +2,069
    Local Time:
    4:36 PM
    Mainline
    10.2
    Not sure what you ask :D

    But here's the complete graph from the time I enable Cloudflare CDN, until the attack stop.
    [​IMG]
     
  11. eva2000

    eva2000 Administrator Staff Member

    49,350
    11,308
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,591
    Local Time:
    6:36 PM
    Nginx 1.21.x
    MariaDB 10.x
    request/sec etc

    Cloudflare FTW (y)
     
  12. duy13

    duy13 New Member

    12
    3
    3
    Oct 22, 2016
    California, USA
    Ratings:
    +14
    Local Time:
    3:36 PM
    1.13.x
    MariaDB 10.x
    Have you ever encountered attacks where attacker queries bypass hcaptcha and cloudflare js? and cloudflare itself doesn't do anything with those queries (cloudflare business)
     
  13. rdan

    rdan Premium Member Premium Member

    5,332
    1,338
    113
    May 25, 2014
    Ratings:
    +2,069
    Local Time:
    4:36 PM
    Mainline
    10.2
    I haven't encountered it yet.
    That's bad if those firewall can be bypassed.
     
  14. duy13

    duy13 New Member

    12
    3
    3
    Oct 22, 2016
    California, USA
    Ratings:
    +14
    Local Time:
    3:36 PM
    1.13.x
    MariaDB 10.x
  15. rdan

    rdan Premium Member Premium Member

    5,332
    1,338
    113
    May 25, 2014
    Ratings:
    +2,069
    Local Time:
    4:36 PM
    Mainline
    10.2
    Okay, I will try this myself then agains't my own domain.