DDos Mitigation Using Cloudflare – Layer 7 Mitigation


I have seen many cases when websites are down for weeks because of DDos attack, They try every tool and firewall to block the ddos attack but nothing works for them. This happened with me also, I was new and my websites get ddos attack everyday, there was nothing much i could do, i tried every type of firewall and service but nothing worked for me, even i paid people for blocking it for me. In this tutorial i will be teaching you the secrets of cloudflare that will help you to mitigate the ddos attack using cloudflare, you can also block layer 7 attacks.

Today i will tel you easy way to block the ddos attack, with cloudflare. This will be a detailed tutorial on how to block the ddos attack permanently. I am going to share with you all hidden secrets of cloudflare.

So lets get started.

Is your website behind cloudflare?

If your website is behind cloudflare then skip this step, If its not behind the cloudflare then register your website with cloudflare.

Create a Cloudflare account

  1. Visit https://dash.cloudflare.com/sign-up.
  2. Enter your Email address and Password.
  3. Click Create Account.
  4. The Cloudflare will asks you to add a site to Cloudflare.

Enter your website’s root domain and then click Add Site. For example, if your website is www.example.com, type example.com.

5. Cloudflare attempts to automatically identify your DNS records. This process takes approximately 60 seconds to complete.

6. Click Confirm in the Confirm Plan window that appears.

7. Review whether all DNS records were identified in the DNS query results window.

To finish domain setup and activate your domain on Cloudflare, change your domain nameservers to Cloudflare.

DDos attack mitigation
Add Nameservers to your domain

Replace your current name servers to the cloudflare provided nameservers with your domain

Okay cool, we done setting up nameservers and cloudflare is active. Now lets start Mitigation.

Step 1 : Turn On Under Attack Mode

this is the first step you can use, It will block all the small attacks by adding JS challenge to your website, Its great for blocking layer 3 attacks, all visitors on your website will be show js challenge before entering to your website. This is helpful is most cases.

Step 2 : Checking the IP address from where the ddos attack is coming and blocking them.

On the cloudflare menu, go to firewall Tab and click on Overview.

In this tab you will be shown all the ip addresses from where the attack is coming from

Now you have the list of ip addresses, Its time to block them all.

Switch to “Tools” inside the firewall tab & block all the ip addresses from all your websites.

Now please allow few minutes for the attack to be stopped.

If you have any questions then you can ask in comments, i will reply to your every question.