https://discord.cloudflare.com logo
Join Discord
Powered by
How I Prevent DDoS on Workers/Pages
# workers-help
f
My Friend Try Ddos My Pages Cloudflare And I Get Exceeded Limit, How I avoid exceeding the limit caused by the DDoS attack And Protect My Pages From Ddos? Any advice would be appreciated. Thank you.
l
How much is that costing 😖
i
It seems that they are still on Free tier so should be fine finance-wise, but I too wish to know what can be done when you're getting attacked with that amount of requests, are there any ways we can protect our wallet.
f
When My Friends Attacking My Pages I Try Access Is Not Working
Don't Know
s
Your "friend" didn't "try" DDOSing, he succeeded at DDOSing you 🤣
f
Yup
i
Filter every request per ip address and throatled by rate limit
h
Redirect from your Pages.dev, and then add more WAF rulles
f
How I do it on Pages
d
Bro
f
Hmm How?
XD
h
Bulk Redirects should be able to cover a pages.dev domain
f
I will try
r
how its even possible that to happen in cloudflare?
biggest ddos mitigation service
h
Cloudflare is great against DDoS attacks, but it does require configuration
r
ok, then they should investigate request before charging people
and refund fake request
h
I mean, you can ask for a refund if you get DDoSsed.
They don’t do this automatically because combing through 1 billion+ requests per day isn’t something you just do
d
I don't even recommend using workers unless it's for a small team of people / community
Just use regular cloudflare with a 3$ vps
h
I mean, the $5 Workers tier free allocation will get you pretty far, especially if you tune your WAF rules. But it all just depends on what you are hosting
And the nice thing too is the low latency, and basically zero maintenance
Once a Worker is running, you generally don’t have to maintain it
r
the $5 workers, is capped at 5$ month?
Up to 30s wall time
this thing need to be added at cloudflare pages also
h
No, it is not. The $5 allocation is just what is included. If you use more, you will be billed for it
If you pay for Workers, then you get it on Functions too
r
and if you get ddos, you pay 10000$
h
Note too that the person above is on the free tier, so they didn’t pay a thing
r
yea, but his website will be down this month
h
Well, that is what WAF is for
And they can always pay to increase limits if they need it
r
also i dont understand why they dont include PHP
😢
h
Because Workers isn’t a container platform, it only runs JS and WASM. You might be able to run PHP by compiling to WASM though, if you really want PHP
r
i know, but performance will be the same?
never used WASM
s
have you calculated how many requests it would take to actually cost you that much on workers? you are just throwing numbers around
i
You can also use cf turnstile
f
She can bypass the cf turnstile
h
Who?
f
Btw my friend told me that using C2 to DDoS, the DDoS is so strong can bring down Tiktok and Fortnite website he give me the video
My Friend
h
I mean, no protection is perfect. But Turnstile should definitely help against the more lower-level bots.
f
Well my friend try DDoS again I try reach my pages is not working its say SSL_HANDSAKE
h
That's something else, not a reaction to the DDoS.
f
Hmm maybe my code its broken because the DDoS
i
hello, from 2 weeks i am facing high traffic load, which is comming from ddos attact, i have already enabled the proxy and i am under attack mode enabled, but still facing ddos attack on my server, my use goes very high, please help me to get out from this
PreviousNext
Powered by