Skip to content

Latest commit

 

History

History
45 lines (28 loc) · 2.17 KB

README.md

File metadata and controls

45 lines (28 loc) · 2.17 KB

Anti-DDoS Python Script

This is a simple Python script designed to detect timeouts and enable Cloudflare custom WAF rules. The script was created to help users who prefer to have their Cloudflare WAF off when not needed.

Prerequisites

  • Cloudflare free plan
  • Another server with SSH access to host the script
  • Python installed on the server (you can also host it on the same server, but it's not recommended)
  • Installed requests and ping3 on server with Python

FAQ

Q: How does it work?

A: The script sends a request every second to detect timeouts (default timeout is 5 seconds). It then pings the server IP to check if the server is up. If the server is down, it waits for 60 minutes and repeats the process. If the server is up but there is downtime, it indicates a potential DDoS attack. The script then uses the Cloudflare API to update WAF rules (examples provided in the code). After 60 minutes, it turns off the Cloudflare rules.

Q: Is it tested and functional?

A: Yes, it works effectively with a stable hosting provider. If your hosting provider experiences instability, the script might trigger itself even without a DDoS attack.

Q: Can I customize the DDoS detection method?

A: Yes, you can modify the script to use your own DDoS detection method. The provided timeout-based method is effective for stable VPS setups.

Screenshots

Downtime during DDoS attacks: downtime

High CPU usage during server downtime: ddps-dead-server

Normal CPU usage during non-attack period: ddos-not-dead-server

Cloudflare dashboard showing requests: cloudflare-panel

Discord logs for reference: discord-logs

Sources

  • Uptime Kuma
  • Grafana integrated with Prometheus