More than 80% website on internet uses cloudflare security. Small website owners uses cloudflare free plan which is pretty good but sometimes fails to block brute force attack. I seen some attackers can bypass cloudflare security even under attack mode.
This attacks down our hosting resources and website goes down. Regularly this happens then our hard seo work can destroy. So here we shared a guide which use when cloudflare under attack mode not able to block brute force attack.
Hackers and attackers uses sometimes tor ip and cloudflare not able to recognize it. Because everytime request made from different ip address. In this situation very hard to block every ip and stop brute force attack.
People who uses digital ocean and didn’t installed cpanel like me. Very hard to find brute force attack ip address but don’t worry the same can handle from cloudflare dashboard also. And there is no premium plans require.
How to block brute force attack which bypass cloudflare ?
1. Login to cloudflare account and select the website.
2. From menu select “Security” option and then “WAF” (Web Application Firewall) option.
3. Click on “Create firewall rule” blue button. Enter rule name as “Complete block“.
4. Select “Threat Score” under field , Equals under operator & “0” as value.
5. Choose an action as block and save it. Turn it on for 1 minute only because this rule will complete block access even google bot so very minimum time turn on and off it.
6. Under “Overview” tab , Sort the list from “Previous 30 Minutes“. And copy the ip address which are common, requesting too much in very less time interval.
That is taking too much resources and downtime server so blocking that ip address stop brute force attack. Below is the steps to block ip address on cloudflare.
How to block ip address on cloudflare ?
1. Block the ip address from access website. Again visit “WAF” option and select “Tools” tab.
2. Paste ip address below search field and select from drop down list. Action as “Block” , Zone as “This website” & Add it.
3. Immediately cloudflare will block the access from this ip address. Similarly find more ip address and block using same steps. This will block brute force attack which bypass cloudflare under attack mode which doesn’t show normally.
I hope the steps got which you are finding and your problem solved. Anything similar facing then comment below and tell me more about methods which you uses at brute force attack.