alt Hacker NewsSimilar experience last week. But tbh I'm using the free plan so I wasn't expecting too much from them. What it worked was to use nginx rate limiter aggressively, parse logs and deny top ips with nginx. Because all traffic comes through CF I wasn't able to use iptables for blocking
Replies
reassess_blind • today at 3:42 AM
Cloudflare’s has a free rate limit feature, btw. Not as configurable as nginx but it’s nice to not have the requests touch your server at all.
If you can thwart it with your own nginx, then it can’t be much of an attack. Cloudflare is one of your only hopes against a volumetric attack especially when paying $0.