Mirai ddos attack at a glance

How To Save Your Site From DDOS Attack With Cloudflare

What happens if your site is attacked by a hacker, and they want to shut your site down because of bad neighbour or competitor. What will you do to save your website, and prevent or stop attackers from this?

I. Experienced my self with DDoS Attack

Recently, my website has experienced a DDOS attack for 5 days. I use Cloudflare to encrypt my site, but they send A mass of request to my website. It’s about 27 million requests per day from these countries: Indonesia, Philippines, Brazils, Italy, Vietnam, India and some other countries that didn’t show on Cloudflare analyze because of a free account.

Mirai ddos attack at a glance

It’s a hard time and takes me a long time to solve the problem. I google and know that it ‘s a kind of HTTP flood attack. Really, almost requests to my site from HTTP requests. And when I digger more, I found that this attack’s name is Mirai. It’s a DDoS attack public script that is developed by a Russia developer and public on a forum of hacker several years ago.

To prevent a DDoS attack, we should know what it is.

In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. (wikipedia)

II. How to prevent DDOS Attacks with Cloudflare

Now, we can have an overview of DDoS, about what it’s. Shortly, when you checked and see a lot of request to your website at the same time, you should prepare for an incoming attack by following these steps.

1, Turn on ” I’m under Attack” under the tab overview

under attack, cloudflare

2, Go to the Firewall tab, to set firewall rules

firewall rules creating of cloudflare

3, Under Analytics Tab, go to the traffic analytics section.

You checked and see if top countries and the request. You will know the traffic come from these countries, that could be attackers.

4, Go to the Firewall Tab, next to Firewall event,

To check the record of traffic, and where the traffic go to, if there are any suspicious actions or URLs, you can block it in access rule ( over firewall event section)

5, More action depends on Your Cloudflare’s account type.

Now if you have a premium account in Cloudflare you can enable web application rule and some rule to stop DDoS attack or source of attack’s traffic.

6, Nothing you can do except for move to VPS server

If you use Share-hosting package because the share-host provider will abandon you). Share-host means that there is a group account on that host. Then if your website is attacked, that will affect to another site on that shared hosting.