How to block brute force attack which bypass cloudflare ?

More than 80% website on internet uses cloudflare security. Small website owners uses cloudflare free plan which is pretty good but sometimes fails to block brute force attack. I seen some attackers can bypass cloudflare security even under attack mode.

This attacks down our hosting resources and website goes down. Regularly this happens then our hard seo work can destroy. So here we shared a guide which use when cloudflare under attack mode not able to block brute force attack.

Hackers and attackers uses sometimes tor ip and cloudflare not able to recognize it. Because everytime request made from different ip address. In this situation very hard to block every ip and stop brute force attack.

Normally people turn on under attack mode at the time of brute force attack. Most of time it handles but now a days i seen cloudflare not capable to stop this attack even comes from same ip address.

People who uses digital ocean and didn’t installed cpanel like me. Very hard to find brute force attack ip address but don’t worry the same can handle from cloudflare dashboard also. And there is no premium plans require.

How to block brute force attack which bypass cloudflare ?

Block brute force attack which bypass cloudflare under attack mode. Create new firewall rule according to below configuration & find the ip address first. Then block that ip from cloudflare or hosting.

1. Login to cloudflare account and select the website.

2. From menu select “Security” option and then “WAF” (Web Application Firewall) option.

cloudflare firewall rules

3. Click on “Create firewall rule” blue button. Enter rule name as “Complete block“.

4. Select “Threat Score” under field , Equals under operator & “0” as value.

cloudflare firewall rule create

5. Choose an action as block and save it. Turn it on for 1 minute only because this rule will complete block access even google bot so very minimum time turn on and off it.

6. Under “Overview” tab , Sort the list from “Previous 30 Minutes“. And copy the ip address which are common, requesting too much in very less time interval.

cloudflare security events

That is taking too much resources and downtime server so blocking that ip address stop brute force attack. Below is the steps to block ip address on cloudflare.

How to block ip address on cloudflare ?

1. Block the ip address from access website. Again visit “WAF” option and select “Tools” tab.

2. Paste ip address below search field and select from drop down list. Action as “Block” , Zone as “This website” & Add it.

cloudflare block ip

3. Immediately cloudflare will block the access from this ip address. Similarly find more ip address and block using same steps. This will block brute force attack which bypass cloudflare under attack mode which doesn’t show normally.

Stop brute force every time
Every brute force attack time Just turn on above created firewall rule for 1 minute ( threat score as 0 ) and find that ip address. You can also block the ip address from cpanel or any other method.

Conclusion

I hope the steps got which you are finding and your problem solved. Anything similar facing then comment below and tell me more about methods which you uses at brute force attack.