Should we keep the Cloudflare DDoS protection enabled?

Should we keep the cloudflare DDoS protection enabled?

  • Yes

    Votes: 9 75.0%
  • No

    Votes: 2 16.7%
  • What?

    Votes: 1 8.3%

  • Total voters
    12

Rob

Administrator
Staff member
Joined
Oct 27, 2011
Messages
914
Reaction score
1,730
Credits
1,123
We get hammered quite a bit from bots that do take the site down for (normally) about 7-8 minutes. At least once/day. The other day it was pretty bad, so I enabled the DDoS protection from Cloudflare (Thanks Cloudflare free plan!!).

Anyway, this introduces a 5ish second delay in loading the site when you first get here, then again after another 5 minutes or so it seems like. Some people might get 'are you human' puzzles, though, I haven't seen any posts about that this time around.

Should we keep this enabled to ensure the site is functioning properly 24/7? Let us know by voting on the poll! Thanks everyone!
 


OP
Rob

Rob

Administrator
Staff member
Joined
Oct 27, 2011
Messages
914
Reaction score
1,730
Credits
1,123
I'm not sure... What impact will it have long-term with things like search engine results?
Not sure - I have a weekly-ish thing from hrefs website that lets me know links gained/lost, so it should give me an idea. I don't believe it'd make a difference?
 

Bartman

Well-Known Member
Joined
Mar 14, 2022
Messages
395
Reaction score
351
Credits
2,763
1652063051483.png

This is what is a PITA.
 

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
6,490
Reaction score
5,742
Credits
52,206
I don't believe it'd make a difference?

Google recently changed their ranking (I too get ahrefs alerts, by the way) to include how rapidly a site loads. What I am unsure of is what they consider loading. Is it loaded when it shows the warning? Is it loaded when it gets to the actual content? Are the search engine bots going to wait that five+ seconds to get in and index the new material?

I guess I'd look for ways to remove the checking, to see if there's another option - using this only as a last resort.
 
OP
Rob

Rob

Administrator
Staff member
Joined
Oct 27, 2011
Messages
914
Reaction score
1,730
Credits
1,123
Google recently changed their ranking (I too get ahrefs alerts, by the way) to include how rapidly a site loads. What I am unsure of is what they consider loading. Is it loaded when it shows the warning? Is it loaded when it gets to the actual content? Are the search engine bots going to wait that five+ seconds to get in and index the new material?

I guess I'd look for ways to remove the checking, to see if there's another option - using this only as a last resort.
Ah, yeah, that's true - about the load time. Plus, I don't want people getting that 'oops' issue. Let me turn it off overnight, we'll see if the 'oops' thing goes away.
 
OP
Rob

Rob

Administrator
Staff member
Joined
Oct 27, 2011
Messages
914
Reaction score
1,730
Credits
1,123
I changed it from "under attack!" to "medium". Let's see how that goes.

Edit: @Bartman can you take note if you get the 'oops' at all the next day or so?
 

Attachments

  • Screenshot from 2022-05-08 22-47-58.png
    Screenshot from 2022-05-08 22-47-58.png
    116.2 KB · Views: 58

wizwanabe

Member
Joined
May 9, 2017
Messages
47
Reaction score
66
Credits
280
@Rob , @KGIII , i personnely perfer the 5ish seconds. I've noticed a quick check when I log in if this keeps the site safe, go for it.
 

f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
4,819
Reaction score
3,460
Credits
35,108
I don't mind the extra 5 seconds to load the page so keep it on since I don't there's probably not a better solution for ddos's.
 

Brickwizard

Well-Known Member
Joined
Apr 28, 2021
Messages
2,676
Reaction score
1,770
Credits
20,021
@Bartman
I get that occasionally [maybe a couple of times a week] I just accept it as I think it's system load
 

Brickwizard

Well-Known Member
Joined
Apr 28, 2021
Messages
2,676
Reaction score
1,770
Credits
20,021
@Rob @KGIII
I have no problem with an extra 5 sec login procedure, If it is going to protect the site, there has to be some balancing act, between site function, Kg's hit count and potential cost [buying more bandwidth]
If the reduction to medium on the security controls work, then in a few weeks perhaps try it at the next setting down, A bit of trial and error until you are comfortable with it,
 

kc1di

Well-Known Member
Joined
May 14, 2021
Messages
1,044
Reaction score
885
Credits
7,436
I too have no problem with the extra 5 seconds, Better than the whole site going down and getting the 404 or 405 screen. Which has happened a few times here. It would be nice if the bots would just go away but that's dreaming.
Thanks for your work on this it's appreciated.
 

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
4,685
Reaction score
4,051
Credits
26,747
We get hammered quite a bit from bots that do take the site down for (normally) about 7-8 minutes. At least once/day. The other day it was pretty bad, so I enabled the DDoS protection from Cloudflare (Thanks Cloudflare free plan!!).
Is enabling this on a permanent/semi permanent basis at all likely to give Cloudflare ideas that they can up the ante on you ?....charge you more ?
 

Brickwizard

Well-Known Member
Joined
Apr 28, 2021
Messages
2,676
Reaction score
1,770
Credits
20,021

Brickwizard

Well-Known Member
Joined
Apr 28, 2021
Messages
2,676
Reaction score
1,770
Credits
20,021
@Bartman .. Stupid question, but have you checked the settings in your browser and browser security add on's

It may be something in your add blocker causing the problem
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Linux.org Hosting Donations
Consider making a donation


Top