How Cloudflare Can Cut Your Site's Traffic Load

This WordPress blog has been under consistent DDoS attacks for a month starting from late August. Initially caught off guard by the denial-of-service attacks, we were able to mitigate the situation by upgrading our server size on Cloudways and integrating with Cloudflare for DDoS protection.

Adding a domain to Cloudflare helps significantly reduce traffic. Typically, about one-third of traffic is saved during normal operations, and during DDoS attacks, Cloudflare handles a substantial amount of the traffic.

How to Respond if You Are Under a DDoS Attack

If you are under a DDoS attack, you can take the following measures to respond:

  1. Block the IP addresses used in the DDoS attack. This blog is hosted on Cloudways, and we contact Cloudways to identify and block the IPs involved in the DDoS attack.
  2. Integrate with Cloudflare and switch to Under Attack Mode when a DDoS attack is detected.
  3. Increase server size. In some cases, if the server size is too small, the above measures may not withstand the attack. I found upgrading from a 2GB RAM server to a 4GB RAM server provided a better defense.

How Much Traffic Can You Save by Integrating Cloudflare?

DDoS attacks on blogs are relatively rare; however, due to the drop in the cost of executing these attacks, smaller businesses and blogs are increasingly becoming targets.

This blog has been running for nearly a decade, and this was the first time it experienced a DDoS attack. Over the course of one month, we faced over 14 attacks at varying times and intensities—almost every other day.

As this was an unprecedented situation, our initial response was inadequate, leading to hours of downtime. Fortunately, with the support from Cloudways, we blocked the IP addresses used in the attacks and were able to defend against them by integrating with Cloudflare.

If the scale of an attack increases, relying solely on Cloudflare's integration may not suffice, and you might need to upgrade your server. I found that a 2GB RAM configuration struggled with defense, but after upgrading to a 4GB RAM, we managed to fend off the attacks successfully.

When integrated with Cloudflare, most traffic during a DDoS attack is handled by Cloudflare.

The following shows the traffic data from August 20 to September 19.

You can observe a sharp increase in traffic during the DDoS attacks. Before the attacks, we hadn’t integrated with Cloudflare, but when the assaults began, it’s clear that over two-thirds of the traffic was managed by Cloudflare during this period.

Even during normal operations, integrating with Cloudflare appears to reduce traffic by approximately one-third. In fact, over the last 24 hours, Cloudflare accounted for around 34% of our traffic.

Changing your domain's nameserver to Cloudflare presents various advantages and disadvantages.

  1. Some traffic will be managed by Cloudflare
  2. Enhanced security
  3. If using the free plan, you may experience slightly slower speeds in South Korea
  4. Capability to defend against DDoS attacks

Since the DDoS attacks at the end of August, this blog has not encountered any further assaults. However, utilizing Cloudflare can provide a solid defense against potential DDoS threats.

With shared hosting services like Cafe24, you might risk affecting other users within the same server during a DDoS attack, possibly leading to ejection from the hosting service. Opting for cloud hosting, such as Cloudways, allows you to effectively counter DDoS attacks with assistance.

When a DDoS attack begins, activating Cloudflare’s Under Attack Mode and contacting Cloudways enables them to block the attacking IP addresses. This ensures that even if the server goes temporarily down, it can resume normal operations after the IP blocks are implemented.

Conclusion

If you're concerned about DDoS attacks, want to reduce traffic, or enhance security, considering integration with Cloudflare is a viable option. Cloudflare offers both free and paid plans, and typically, the free plan suffices.

Keep in mind that there are pros and cons to using Cloudflare, so make your decision based on your website's current circumstances. This blog has signed up with Cloudflare due to DDoS concerns. 😄

For added security, consider implementing the following measures:

  1. Regular site backups
  2. Keeping the WordPress core, themes, and plugins updated to their latest versions
  3. Optional security plugins

If you’re using Cloudways, there's no need to install a separate security plugin, though you can choose to add one like Wordfence if desired. The Bot Protection plugin on Cloudways has been removed, and Bot Protection features are now integrated into the server firewall.

If you are looking for affordable and fast web hosting, you might consider shared hosting options like ChemiCloud or FastComet.

The Pros and Cons of Using Cloudflare as Your CDN Solution

Cloudflare offers a myriad of advantages for enhancing website performance and security. As a global content delivery network (CDN), it boosts site speed through strategically placed proxy servers, provides free SSL certificates, and delivers robust DDoS protection. With a network encompassing 200 data centers across the globe, Cloudflare facilitates intelligent load balancing and efficient static content caching. This can significantly shorten page load times and reduce bounce rates. Additionally, Cloudflare helps to filter out spam bot traffic, conserving server bandwidth, and offers complimentary DNS services enhanced with security features like a web application firewall (WAF) protection.

However, Cloudflare comes with its challenges. Users might encounter latency issues, particularly with dynamic content, and face privacy concerns as all traffic is routed through Cloudflare's servers. Relying on this third-party service means that any network disruptions could directly affect website availability. While advanced features are available, they require subscription plans, and the more basic options offer limited customization. Furthermore, some users have reported difficulties with false positives in security settings, which can block legitimate traffic and complicate access to sites. Therefore, website owners should carefully consider if Cloudflare’s benefits adequately counterbalance its potential drawbacks for their specific needs.

See Also...