Struggling to Protect My Website from DDoS Attacks
Lately, my website has been under constant DDoS attacks, and I’m struggling to find an effective solution. Here’s what I’ve tried so far:
Server Setup:
OS: Debian
Web Server: Apache2
Are the rules effective if I’m not using Cloudflare Zero Trust Tunnel but do allow only Cloudflare IPs? Is there something I’m missing, or are there better approaches to mitigate these attacks? Any advice or guidance would be greatly appreciated.
- Allowed only Cloudflare IPs (https://gist.github.com/Manouchehri/cdd4e56db6596e7c3c5a).
- Enabled WAF rules, including rate limiting and DDoS Layer 7 protection.
Server Setup:
OS: Debian
Web Server: Apache2
Are the rules effective if I’m not using Cloudflare Zero Trust Tunnel but do allow only Cloudflare IPs? Is there something I’m missing, or are there better approaches to mitigate these attacks? Any advice or guidance would be greatly appreciated.
