Calling on Cloudflare experts

[swguy]

If you have Cloudflare experience, would you please write up a FAQ on using it? All we have is a small paragraph on

https://docs.zen-cart.com/user/troub...cking_attacks/

You can submit it as a PR to the documentation repo or just attach it here, whatever is easier for you. Thanks.

[DannyVarley]

I just wanted to add my limited experience with Cloudflare and exactly how it helps us mitigate attacks and also serve data with cache more efficiently. We originally set this up to help us mitigate website attacks and once you know the proccess it is very simple.

If you have access to your DNS records and a limited technical knowledge it is quite easy to set up cloudfare by following the setup guide when you make an account.

1. Mitigating Attacks
We were having problems with huge spikes fo traffic from certain ip addresses and ranges from specifically Singapore, Russia and Pakistan. Wanting a way to block the entire country we have resulted in using Cloudflare. When set up you can go to Your Website > Security > WAF

This will allow you to set up a custom rule for specific countries to either challenge them with a captcha or outright block them:



To find our exactly what countries you may be getting attacked from it is worth looking at either the website logs if any are being created, the server logs including access logs where mine details the ips that are most connecting to the website. Then checking these ips via a whois checker online.

[swguy]

Thank you @DannyVarley! I will update the docs with your content.

[spminis]

I just wanted to add my limited experience with Cloudflare and exactly how it helps us mitigate attacks and also serve data with cache more efficiently. We originally set this up to help us mitigate website attacks and once you know the proccess it is very simple.

If you have access to your DNS records and a limited technical knowledge it is quite easy to set up cloudfare by following the setup guide when you make an account.

1. Mitigating Attacks
We were having problems with huge spikes fo traffic from certain ip addresses and ranges from specifically Singapore, Russia and Pakistan. Wanting a way to block the entire country we have resulted in using Cloudflare. When set up you can go to Your Website > Security > WAF

This will allow you to set up a custom rule for specific countries to either challenge them with a captcha or outright block them:



To find our exactly what countries you may be getting attacked from it is worth looking at either the website logs if any are being created, the server logs including access logs where mine details the ips that are most connecting to the website. Then checking these ips via a whois checker online.

I installed it but ran into a strange problem. My site worked on firefox and Edge on the computer but not on Iphone or Ipad. I got a "server not found" message and when I put my site into "is my site down" it showed it as down even though it was up on the the 2 browsers that I mentioned. If you know of a quick fix I'd appreciate as right now I don't have the time to try to fix the problem.
Thanks
Carol

[dbltoe]

It may not have propagated on the DNS being used by your iPhone (rather doubt it).

On your iPhone, go to dnschecker.org and enter the domain. See if the IP addresses for all the DNS servers matches that of CloudFlare.

[swguy]

or the iPhone might have the old information cached.

[dbltoe]

Toggling airplane mode should be the quickest way to clear the cache on an iPhone.

Restarting the iPhone should do it as well, but that takes time.

Chrome on an iPhone may need to have you separately clear its cache as well.

There's more than one standard DNS server used by an iPhone. It's more provider specific than iPhone specific.