How To Protect Against Ddos Attacks With Cloudflare.
As a regular attitude used to look at the monthly usage for my website bandwidth, sometimes I see a good traffic which directly reflects on the bandwidth; sometimes traffic is low which means decrease bandwidth usage.
From three days later, in the morning, I logged in Cpanel to see the bandwidth usage and I shocked!; The bandwidth usage was crazily increased doubt it would be an issue with the server calculation or something.
So to be sure I checked my Google analytics report to see the visitors information and as I thought it was a spammy attack, I had a huge traffic in one day, from only one country ”Russia’, after this I looked at language tab to see visitors browser language and I shocked again it is like you see here :
Now it's absolutely a hacking attack, this type of attack known as 'DDoS’ attack, and if you didn't have any idea about this attack here it is.
What is 'DDos’ means ?
It is simply a Short of “Distributed Denial of Service” attack, and it is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. They target a wide variety of important resources, from banks to news websites, and present a major challenge to making sure people can publish and access important information.
How DDoS Attacks Work?
In a DDoS attack, the incoming traffic flooding the victim server from many different sources – potentially hundreds of thousands or more-. This, in fact, makes it not possible to stop the attack simply by blocking a single IP address; plus, it is very difficult to distinguish genuine user traffic from attack traffic when spread across so many points of origin.
The right question is, why I had hit by this attack?, although I care about giving a value to my visitors and never ever make enemies on the internet, after googling I figured out that ‘'DDoS’ not an oriented attack at all times, sometimes it would be a part of serial attacks to a specific hosting provider server's or even like a Reprisal reaction from country people to another, like The above example if you noticed the language tab has a message about Donald Trump voting!!
After understanding that attack the next step to find out a good solution to protect my website, this heading me towards CloudFlare service, but before discussing how to integrate CloudFlare to website let's talk about CloudFlare itself, what is it mean? What are features has involved and why website owners needed.
What's CloudFlare Service?
CloudFlare service is a free service that accelerates and protects your website by acting as a proxy between your visitors and your server or website. With CloudFlare, you can protect your website against malicious visitors, save bandwidth and reduce average page load times.
How CloudFlare works?
It's consists of a network of data centers that sits between your web server and the rest of the internet. So, your visitors will navigate their browser to their site and instead of going direct to the origin server, websites with CloudFlare will direct traffic to the CloudFlare network instead.
This does two things: CloudFlare cached static web content to the visitor, and watch visitors be sure they are good and not a spammy attack, malicious bots, or other bad things. Because CloudFlare’s network is made up of 101 global data centers, that means we can serve your visitor's web content very fast regardless of the distance between your origin server and the viewer.
CloudFlare watches a lot of internet traffic, over 5% of the internet. They can tell what traffic is coming from what IPs and if they detect that IP was causing attack traffic, like a DDoS attack, they can rank it for security risk. They use their own IP reputation ranking in conjunction with 3rd party rankings to develop a threat ranking and depending on your account settings, will block or challenge some of those visitors.
What’s even better, CloudFlare is very robust. This means that web traffic is routed through CloudFlare in the most efficient way possible and isn’t dependent on certain pathways. So if, for instance, someone on CloudFlare has DDoS attacked, they can keep his website up and available because they have a lot of flexibility on how they get the good traffic to his origin server.
Cloudflare Cpanel Integration Steps
1- Go to cloudflare.com, register a new account (Sign up), and fill your information,
2- Enter your domain name for your website without "www”, then click Begin Scan. For example, if your website is www.example.com, type example.com.
3- Cloudflare will scan your domain's DNS records. This will take approximately 60 seconds to complete. Once the DNS scan has finished click Continue.
4- A list of all the DNS records found is displayed, including your sub domains. In this step, you can decide which sub domains you want to enable by click on the gray icon when to click it will change to an orange icon.
5-Select a plan choose a free plan (you can upgrade plan anytime), then click Process and continue.
6- On the final step, copy Cloudflare DNS server name and go to your domain manager like (GoDaddy or names.com), change your hosting DNS name server to Cloudflare DNS name. You can also find your CloudFlare NameServers in your CloudFlare dashboard under Overview.
7- Go to website Cpanel like this and Click to CloudFlare icon under software block
8- Write Cloudflare username and password then click login
Congratulations!, Integration finished, you have to wait about 48 hours to activate CloudFlare service on your site, You will receive a confirmation email from CloudFlare when the nameservers update is complete. Your site will not experience any downtime during this period.
Cloudflare Common Configurations
1- Caching Level option: to cache static file in your website, keep it standard
2- Purge Cache: Clear cached files to force Cloudflare to fetch a fresh version of those files from your web server.
3- Auto Minify: Reduce the file size of source code on your website.
4- Security Level: Adjust your website's Security Level to determine which visitors will receive a challenge page.
5- Development Mode: Temporarily bypasses our cache allowing you to see changes to your origin server in real-time.
6- Always Online: If your server goes down, Cloudflare will serve your website's static pages from our cache
7- Firewall option:to filter website traffic by IP or by country,to activate filtration you need to go to cloudflare.com dashboard, click firewall tab, go to the bottom of the page to “Access Rules “ tab, Choose the country from country lists, then you have three choices, to block the traffic which coming from selected (lP-country) or validate traffic by using Captcha or allow all traffic.
8- I’m under attack mode: If you believe that you are undergoing a DDoS attack, CloudFlare offers all customers the option of ‘I’m under attack mode’. This will immediately put in place a challenge Captcha page for all visitors. Outside of those times, CloudFlare’s Threat Control means you can select different security levels based on our IP reputation database. In addition, CloudFlare allows you to block countries or IP ranges if you don’t wish to have traffic from those sources.
Remember my friend the Popular wisdom" there is no 100% secure system", this is right in our life , also on the internet, sometimes hackers can skip CloudFlare or any other systems, but if this service can protect you from 90% of attacks then it is fair enough, at least It makes their mission more difficult, especially if it is for free.