Cloudflare - A Recent Analysis

Thumbnail
Share
by Madison Huntley|Marketing Intern

Recent Defence

Cloudflare services offer protective and preventive measures in an effort to mitigate and deflect a range of human attackers and bot attacks. In lighter terms, Cloudflare sets up a security ‘cloud’ to front your web page so your site can continue running successfully. 

Following on from our recent blog on the security, stability, and speed of Cloudflare, we recently encountered a new threat and implemented features and rules on Cloudflare Firewall to mitigate it.

We wanted to touch on this event because it will help us visualize the advantages of Cloudflare. The key rules included were the Javascript Challenge Access and Block IP Address features. The Javascript Challenge boosts security measures by directing new users to the application where it will then detect if the user is a bot or human based on mathematical challenges. This Block IP rule is able to block connections from certain or multiple IP addresses that are considered hostile or undesirable. This particular rule implemented has already been able to detect an attacker in the system.             

On January 24th, we detected a hacker, due to server load. From the information gathered, the attacker attempted to breach the login page. We quickly found his IP in the Cloudflare logs, since the login page is already protected with a Javascript Challenge. This speedy detection allowed us to install an IP block right away. Fast forward to January 27th, and the attacker was back again. It was the same IP detected from previous attacks, and he had tried various tactics including a crude form of port scanning. If this particular attack were to have been successful without Cloudflare installed, the site would have gone down.

 

Threat Statistics (1 Month)

Image
Cloudflare
Total Threats Blocks in the US: 139, 019

The graph above shows us that for the entire month of January, this site was attacked from a particular IP Address 134,000 times  on that given day.

 

Threats minus IP block

Image
Cloudflare

This shows us the number of attacks in this month period that did not include those from an IP Block. While Browser challenged attacks are more prominent than Bad Browser, both pale in comparison to the hundreds of thousands on the previous Y-Axis showcasing the number of IP Block threats. 

 

Type of Threats

Image
Cloudflare

 

Image
Cloudflare

 

You can see here the most abundant threat is an IP Block with 91%. As you saw from our first graph, Cloudflare documents these suspicious IP addresses immediately. Although compared to the IP Block Threats the other percentages may seem irrelevant, those correlating numbers are still ones to keep in mind. For those who may not know, Unclassified Threats include a number of automatic blocks usually relating to Hotlink Protection and actions that happen on the edge based on the composition of the request. Cloudflare blocks these attacks at the edge before they can reach your server. Browser Challenged Threats are failed attempts made to pass the Javascript challenge that Cloudflare offers. Finally, Bad Browser Threats show up when the source of the said request was either not legitimate or it was malicious. Cloudflare’s Browser Check looks for these HTTP  headers abused and will deny the access.

 

Threats by Geography

The chart above shows us that the United States remain the leading country for cyber threats by over a hundred thousand in the last month for this particular website. Generally, we see similar trends for other websites. Cloudflare provides analytics depicting the column on the left which indicates how many of those particular search engine bots have crawled and or scanned websites for given information.

Image
Cloudflare

 

Conclusion

The benefits of Cloudflare services go beyond just safeguarding your website. While these Firewall features need to be highlighted, Cloudflare also automatically optimizes the delivery of websites to ensure the most efficient page load times and optimal performance. If you were unsure of the severity behind protecting your site, these graphs show the staggering level of threat that Cloudflare has protected against within one month.

At Achieve we understand the necessity of a site’s security and stability in today’s ever-changing digital age. We recognize how and where Cloudflare has delivered time and time again, and we are expertly trained to implement Cloudflare as a piece of software. 

If you have any questions about your sites stability or how you can improve the security and reliability of your site please feel free to reach out at any time!

 

[email protected]

800-618-8777

 

 

Related News & Events