Should we keep the Cloudflare DDoS protection enabled?

Should we keep the cloudflare DDoS protection enabled?

  • Yes

    Votes: 10 76.9%
  • No

    Votes: 2 15.4%
  • What?

    Votes: 1 7.7%

  • Total voters
    13

Rob

Administrator
Staff member
Joined
Oct 27, 2011
Messages
915
Reaction score
1,736
Credits
1,129
We get hammered quite a bit from bots that do take the site down for (normally) about 7-8 minutes. At least once/day. The other day it was pretty bad, so I enabled the DDoS protection from Cloudflare (Thanks Cloudflare free plan!!).

Anyway, this introduces a 5ish second delay in loading the site when you first get here, then again after another 5 minutes or so it seems like. Some people might get 'are you human' puzzles, though, I haven't seen any posts about that this time around.

Should we keep this enabled to ensure the site is functioning properly 24/7? Let us know by voting on the poll! Thanks everyone!
 


OP
Rob

Rob

Administrator
Staff member
Joined
Oct 27, 2011
Messages
915
Reaction score
1,736
Credits
1,129
I'm not sure... What impact will it have long-term with things like search engine results?
Not sure - I have a weekly-ish thing from hrefs website that lets me know links gained/lost, so it should give me an idea. I don't believe it'd make a difference?
 

Bartman

Well-Known Member
Joined
Mar 14, 2022
Messages
488
Reaction score
413
Credits
3,404
1652063051483.png

This is what is a PITA.
 

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
6,705
Reaction score
5,861
Credits
53,992
I don't believe it'd make a difference?

Google recently changed their ranking (I too get ahrefs alerts, by the way) to include how rapidly a site loads. What I am unsure of is what they consider loading. Is it loaded when it shows the warning? Is it loaded when it gets to the actual content? Are the search engine bots going to wait that five+ seconds to get in and index the new material?

I guess I'd look for ways to remove the checking, to see if there's another option - using this only as a last resort.
 
OP
Rob

Rob

Administrator
Staff member
Joined
Oct 27, 2011
Messages
915
Reaction score
1,736
Credits
1,129
Google recently changed their ranking (I too get ahrefs alerts, by the way) to include how rapidly a site loads. What I am unsure of is what they consider loading. Is it loaded when it shows the warning? Is it loaded when it gets to the actual content? Are the search engine bots going to wait that five+ seconds to get in and index the new material?

I guess I'd look for ways to remove the checking, to see if there's another option - using this only as a last resort.
Ah, yeah, that's true - about the load time. Plus, I don't want people getting that 'oops' issue. Let me turn it off overnight, we'll see if the 'oops' thing goes away.
 
OP
Rob

Rob

Administrator
Staff member
Joined
Oct 27, 2011
Messages
915
Reaction score
1,736
Credits
1,129
I changed it from "under attack!" to "medium". Let's see how that goes.

Edit: @Bartman can you take note if you get the 'oops' at all the next day or so?
 

Attachments

  • Screenshot from 2022-05-08 22-47-58.png
    Screenshot from 2022-05-08 22-47-58.png
    116.2 KB · Views: 75

wizwanabe

Member
Joined
May 9, 2017
Messages
47
Reaction score
66
Credits
280
@Rob , @KGIII , i personnely perfer the 5ish seconds. I've noticed a quick check when I log in if this keeps the site safe, go for it.
 

f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
4,900
Reaction score
3,526
Credits
35,667
I don't mind the extra 5 seconds to load the page so keep it on since I don't there's probably not a better solution for ddos's.
 

Brickwizard

Well-Known Member
Joined
Apr 28, 2021
Messages
2,833
Reaction score
1,845
Credits
21,147
@Bartman
I get that occasionally [maybe a couple of times a week] I just accept it as I think it's system load
 

Brickwizard

Well-Known Member
Joined
Apr 28, 2021
Messages
2,833
Reaction score
1,845
Credits
21,147
@Rob @KGIII
I have no problem with an extra 5 sec login procedure, If it is going to protect the site, there has to be some balancing act, between site function, Kg's hit count and potential cost [buying more bandwidth]
If the reduction to medium on the security controls work, then in a few weeks perhaps try it at the next setting down, A bit of trial and error until you are comfortable with it,
 

kc1di

Well-Known Member
Joined
May 14, 2021
Messages
1,131
Reaction score
944
Credits
8,097
I too have no problem with the extra 5 seconds, Better than the whole site going down and getting the 404 or 405 screen. Which has happened a few times here. It would be nice if the bots would just go away but that's dreaming.
Thanks for your work on this it's appreciated.
 

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
4,787
Reaction score
4,102
Credits
27,530
We get hammered quite a bit from bots that do take the site down for (normally) about 7-8 minutes. At least once/day. The other day it was pretty bad, so I enabled the DDoS protection from Cloudflare (Thanks Cloudflare free plan!!).
Is enabling this on a permanent/semi permanent basis at all likely to give Cloudflare ideas that they can up the ante on you ?....charge you more ?
 

Brickwizard

Well-Known Member
Joined
Apr 28, 2021
Messages
2,833
Reaction score
1,845
Credits
21,147

Brickwizard

Well-Known Member
Joined
Apr 28, 2021
Messages
2,833
Reaction score
1,845
Credits
21,147
@Bartman .. Stupid question, but have you checked the settings in your browser and browser security add on's

It may be something in your add blocker causing the problem
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Linux.org Hosting Donations
Consider making a donation

Members online


Top