Struggling to Protect My Website from DDoS Attacks
Lately, my website has been under constant DDoS attacks, and I’m struggling to find an effective solution. Here’s what I’ve tried so far:
1. Allowed only Cloudflare IPs (https://gist.github.com/Manouchehri/cdd4e56db6596e7c3c5a).
2. Enabled WAF rules, including rate limiting and DDoS Layer 7 protection.
Despite these measures, the attacks persist. I’ve heard about Cloudflare Zero Trust Tunnel but am unsure if it will help in my case.
Server Setup:
OS: Debian
Web Server: Apache2
Are the rules effective if I’m not using Cloudflare Zero Trust Tunnel but do allow only Cloudflare IPs? Is there something I’m missing, or are there better approaches to mitigate these attacks? Any advice or guidance would be greatly appreciated.
1. Allowed only Cloudflare IPs (https://gist.github.com/Manouchehri/cdd4e56db6596e7c3c5a).
2. Enabled WAF rules, including rate limiting and DDoS Layer 7 protection.
Despite these measures, the attacks persist. I’ve heard about Cloudflare Zero Trust Tunnel but am unsure if it will help in my case.
Server Setup:
OS: Debian
Web Server: Apache2
Are the rules effective if I’m not using Cloudflare Zero Trust Tunnel but do allow only Cloudflare IPs? Is there something I’m missing, or are there better approaches to mitigate these attacks? Any advice or guidance would be greatly appreciated.
Welcome to the official Cloudflare Developers server. Here you can ask for help and stay updated with the latest news
85,042Members
Resources
Similar Threads
Was this page helpful?
