But this time, it seems that we are having many more problems with websites that use CloudFlare. Perhaps the problem is that more people know CloudFlare than during the past WordPress floods and are using CloudFlare today. But because CloudFlare works as a reverse proxy, it can not block IP addresses with iptables as it normally would.
All this makes me question myself … Does CloudFlare create more problems than it solves with respect to something like this?
The idea would be that CloudFlare should block all these repeated floods on their servers, but that does not seem to be happening.
I'm just wondering if anyone else is experiencing this and how he might be dealing with this.
Now, before anyone mentions it, yes, I am aware that CSF has the integrated CloudFlare control. And although I can appreciate what ConfigServers tried to do with this, all this is a bit clumsy. This depends on the user account on your server having stored API credentials to control your CloudFlare configuration on the CloudFlare servers. This does not happen if the user registers in CloudFlare outside of their hosting account and / or never links it to their account (that is, with the nice CloudFlare add-on in cPanel). It also requires you to know which of your server's accounts are flooding and adjusting your CloudFlare settings accordingly. All this can work if you are dealing with a handful of accounts, but it does not expand very well at all.