Hi all,
We've been using Cloudflare for a while now and atm we are in the free tier if that helps(and have turned off acceleration).
Since like last week we've seen a sudden hike in requests to the point where the server cannot handle it anymore.
These should be AI crawlers and we're trying to limit access to them but they seem to crawl into the forum somehow.
While we would want non-logged-in users/visitors to see the content, since no one can use the site anymore we have decided to only let in logged-in users without checks and for others, for a human check to go through.
The following is the rule we're using to identify logged in/actual users:
I was wondering if there is a better/more standardised/more accurate way to identify logged in users.
Thanks very much!
yasas Yep seen the same last week, not nodeBB install, but the server behind cloudflare showed a huge uptick, not served by cache either. SO I am guessing scanning the whole site or large parts.
IIRC the traffic was coming manly from swiss-german based servers but did not have the time to dig in. This is even with Block AI cralwers turned on.
In the recent past it's been Asia, like mostly Singapore.
The only way to handle this in Cloudflare is to watch and then put in place with geo-based challenge security rules in place afaict