DDoS protection starts with DNS protection and works as follows:
- Requests to your domain name do not come to your server, but to intermediate Cloudflare servers
- Cloudflare checks the source of the request and, if an attack is detected, the request blocked
- If the request is secure, it is passed to your server for processing.
Cloudflare has a lot of servers distributed throughout the world. They take the brunt of DDoS attacks, leaving your server safe. In addition to that:
- Hide the real IP of your server
- Cache static content (pictures) of your website on their servers to provide quick access to it (CDN).
Register on cloudflare.com and click the Add a Site button:
Next, enter the name of our domain and click Add Site:
Click Next, select a free plan and click Confirm Plan:
After that, we can immediately specify the IP address or host of our server. Click Continue:
Now the most difficult 🙂 — we need to specify the Cloudflare DNS server in the settings of our domain registrar page
(where you bought the domain). I have GoDaddy and it looks like this:
After you have updated the DNS server settings on the registrar page, click Continue on the Cloudflare page:
Updating DNS settings can take from 10 minutes to 1 hour. Then you will see this screen:
This means that now Cloudflare manage your domain. You can:
- Enter IP address of your server
- Create subdomains
- Add SSL certificate for your site
- View statistics for your site