• Welcome to the Chevereto user community!

    Here users from all over the world gather around to learn the latest about Chevereto and contribute with ideas to improve the software.

    Please keep in mind:

    • 😌 This community is user driven. Be polite with other users.
    • 👉 Is required to purchase a Chevereto license to participate in this community (doesn't apply to Pre-sales).
    • 💸 Purchase a Pro Subscription to get access to active software support and faster ticket response times.

Now with CloudFlare business

Rodolfo

Rodolfo

⭐ Chevereto Godlike
Chevereto Staff
Administrator
Last sunday Chevereto was under DDoS attack which caused that the website was down for about 6 hours. The origin of the attack was a former client (ex-client) who wasn't happy with being banned for pirate the script. Although that he "offer" me to stop the attack easily I just get CloudFlare Business because other haters could try to takedown the site.

Chevereto is now pretty well protected against this kind of attacks and I can guarantee more uptime for all of you. Now, if someone want to suggest me a server on the vicinity of 200 USD with the same DDoS protection be my guess. :p
 
The simple way to prevent DDoS Attacks with Cloudflare is.. buy a new IP Adress for your Server and dont give it to someone!
Hide the New IP Adress behind CloudFlare and you are Protected and dont need the Business Package.
 
Is not that simple. A DDoS attack can be made to the IP or the domain and there are a variety of DDoS attacks. If you manage to hide your real IP using CloudFlare you will mostly avoid the Layer 7 attacks because CloudFlare will cache that files so they won't screw you with some images being embed on several websites because CloudFlare won't issue a request to your host. This was the way that I manage to overcome when the demo was DDoSed.

Problem comes with dynamic content because that isn't cached. This means that all the traffic is passed through your host and they label you as a under DDoS domain and they will mostly shutdown until the attack is gone. So, if you use the CloudFlare basic plan you will have to go to the "I'm under attack mode" and wait until the attack is over.

But, even with CloudFlare business you don't have real protection. Even if your IP is so "hidden" and even if you make a DNS override in your host is pretty easy to get the real IP of a website. Meaning that they could easily takedown you by a DDoS to the real IP and since your server doesn't have that protection you will be down. If you are in a VPS or dedicated they will surely know to what site is under attack and then shutdown it for a while, if you are on a shared host you have more luck because they won't know what site under that pile of sites is actually the target because the target is the whole machine. Your hosting company will surely start a useless investigation and most likely they will have to put real DDoS protection on just that machine... I believe that is the best option to get cheap premium class DDoS protection (CF business + your host that doesn't know what is happening)

The real way of get protected is simple: DDoS protected webserver and if you are paranoid, put CloudFlare on it. If you run a DDoS protected server with litespeed you will actually avoid the Layer 7 so you won't need CloudFlare.

BTW, when I mean that is easy to get the real IP of a website I mean it. I won't share that knowledge because it actually affects me D: (and everyone else)
 
You must log in or register to reply here.
Back
Top