Stop HACKERS and BOTS from reaching your website server - Cloudflare

Поділитися
Вставка
  • Опубліковано 13 гру 2024

КОМЕНТАРІ • 110

  • @Iordnutz
    @Iordnutz 11 місяців тому +1

    Great information! Thank you for creating this video and protecting a fellow business owner!

    • @SaaStuto
      @SaaStuto  10 місяців тому

      Hey @Iordnutz, So happy to hear that you found the information useful! Keeping the business community protected is definitely a priority. Appreciate you watching!

  • @Alex-hn3lc
    @Alex-hn3lc Рік тому +1

    I love Cloudflare I use it for all my sites. Thanks for the recommendation; I will compare it with my current rules and apply the necessary changes. The majority of bad requests I've received to date come from the following countries: Russia, Singapore, the US, France, the Netherlands, South Africa, China, India, Indonesia, Germany, and so on. These are countries I have no business with, so blocking countries you don't serve is a no-brainer.

    • @SaaStuto
      @SaaStuto  Рік тому +2

      Hey Alex,
      That's great to hear! I'm glad you found Cloudflare helpful. Please let me know if there is anything else I can help with!

    • @Alex-hn3lc
      @Alex-hn3lc Рік тому

      ​@@SaaStuto -- I'm good for now and I feel like I have covered all if not most of the corners. 😂So keep up the awesome work. Your videos are helpful.

    • @ecswest6083
      @ecswest6083 9 місяців тому +1

      Singapore is terrible Germany my 2nd worst , they are my biggest hassle as well . Im pretty sure its chinese hackers using vpn's because everyone known for so long so much hacking out of china they get region blocked so much

  • @Jake-vd8os
    @Jake-vd8os Рік тому +1

    Fire content as always thanks, brother. I'm setting up Cloudflare for my website and I was looking for WAF rules I may have missed out on. I will be implementing a few of the ones you've mentioned.

    • @SaaStuto
      @SaaStuto  Рік тому +1

      Hey Jake,
      Awesome, glad to hear it! I'm always happy when people find my content helpful. Let me know if you have any questions about setting up Cloudflare or the WAF rules - I'd be more than happy to help out.

    • @Jake-vd8os
      @Jake-vd8os Рік тому +1

      @@SaaStuto Thanks, bro I appreciate that. I’m going through the settings now that my name server is transferred to Cloudflare. Your video has put me halfway through there already so thank you 😊 🙏.
      The country WAF rule is working brilliantly you wouldn’t believe the number of unwanted countries it blocked in less than 24hrs. 😂 I’ve got a niche online store selling to the UK market only and my server used to get hit with requests from irrelevant audiences.

  • @Voigt_Analytics
    @Voigt_Analytics 7 місяців тому

    Really great video. Very useful. I've also had Cloudflare for a few days now and I'm very impressed. Especially the geo-blocking feature, HTTP1.0, known bots and the threat score are useful for my personal websites. I have just allowed Europe and North America and blocked countries like Russia and Ukraine (due to current events). It's enough that the world is a war zone, it doesn't have to be my server too.

    • @SaaStuto
      @SaaStuto  7 місяців тому

      Hey @Voigt_Analytics, I'm glad to hear the video was useful and that you're finding Cloudflare beneficial for your personal websites. It sounds like you're making great use of the features, especially given the current global situation. Stay safe, online and offline. :)

  • @ecswest6083
    @ecswest6083 9 місяців тому

    Good video , you showed me some new things to block - I have been getting hammered with bots lately , its so bad if I didnt have cloudflare my server would be maxxed out most of the time

    • @SaaStuto
      @SaaStuto  9 місяців тому

      Hey @ecswest6083, Glad to hear you found some new insights from my video! Dealing with bots can indeed be a hassle. Keep strong, stay protected and remember, sharing is caring so, pass on the knowledge to a friend in need!

    • @adammarkley9167
      @adammarkley9167 2 місяці тому

      One of my sites got hammered last night so much that my host provider suspended my site for 24 hours. Cloudflare shows tons of requests from other countries like Argentina, Ireland, and such. I'm gonna be adding these WAF rules for sure on all sites that I manage with Cloudflare.

  • @zaynclips
    @zaynclips Рік тому

    Your explanation is good, but how can you prevent content scraping...i tried to block a website ip address that perform the content scraping, moreover, i excluded all other bots except user agent(googlebot & bingbot) and i have done all these in cloudflare WAF, yet unable to stop them from doing the content scraping

    • @SaaStuto
      @SaaStuto  Рік тому

      Hey zayn clips,
      Thank you for your question. The best way to prevent content scraping is by using a Content Security Policy (CSP). CSPs are effective at stopping malicious bots from stealing and replicating content, as it blocks requests coming in through an unauthorized source. Additionally, you can also use CAPTCHAs or honeypots to further protect your site's content against scrapers. Hope this helps!

  • @raghavgakhar09
    @raghavgakhar09 7 місяців тому

    Thank you so much for this great video. I am having issue with the IP source address not equals rule, I put my ip in it but it not letting me access my admin panel. I did same as how told in the video.

    • @SaaStuto
      @SaaStuto  7 місяців тому

      Hey @raghavgakhar09, Glad you found the video great! Just double-check the IP settings and maybe try a quick reboot. Hope that helps! 😊

  • @shlomo.moshe.finkelstein
    @shlomo.moshe.finkelstein Місяць тому

    That's amazing. Are you working right now on some projects? What saas have you developed?

    • @SaaStuto
      @SaaStuto  Місяць тому

      Hey @shlomo.moshe.finkelstein, I'm so glad you think it's amazing! I'm always busy with fun stuff, and there's always something cool in the works. 😊

  • @i-love-bangladesh2.0
    @i-love-bangladesh2.0 Рік тому

    Thank You So much brother 💌 love from Bangladesh

    • @SaaStuto
      @SaaStuto  Рік тому

      Hey Seaworthy Fish,
      Thank you for the love from Bangladesh! It really means a lot to me. I'm glad my videos have been able to reach people all around the world and that they find them helpful. Thanks again, stay safe and take care!

  • @AsmrAllz
    @AsmrAllz Рік тому +1

    Great video 👍, can you please tell me I am planning to upgrade the shared hosting to dedicated cloud hosting in the same hosting provider but in new hosting they are not providing Ipv6, but in shared hosting, they have provided it, Do I delete the ipv6 record in Cloudflare?

    • @SaaStuto
      @SaaStuto  Рік тому +1

      Hey asmr allz,
      Thanks for the positive feedback! You'll need to contact your hosting provider and ask them if they provide IPv6 in their dedicated cloud hosting. If not, then you can delete the IPV6 record from Cloudflare.

  • @thenoobdev
    @thenoobdev 5 місяців тому

    Great info. But I need help. I added the managed challenge if not verified bot since last week on 4 websites.. and I noticed since than all four websites have big drop in Organic Traffic, but the same amount that dropped is added as direct traffic in my GA4. Any idea what this is, because it distorts my data a lot 😢

    • @SaaStuto
      @SaaStuto  5 місяців тому

      Hey @thenoobdev, Hey there! Hmm, that's interesting and it sounds frustrating. Maybe try adjusting a few things and see if that helps. Hang in there! 😅

    • @thenoobdev
      @thenoobdev 5 місяців тому

      @@SaaStuto it's so weird.. Organic went from 5k daily to near 0.. While Direct traffic went from near 0 to 5k daily :/

  • @Golf-w5k
    @Golf-w5k 3 місяці тому

    Thank you

    • @SaaStuto
      @SaaStuto  3 місяці тому

      Hey @user-sk4ds9mx3g, Glad you liked it! 😊

  • @Mediatomcat
    @Mediatomcat Рік тому

    Great clear video. Dont really need the sub, but giving it anyway cos the vid is so useful. Keep up the good work.

    • @SaaStuto
      @SaaStuto  Рік тому

      Hey Patrick McCarthy,
      Thank you so much for your kind words and support! I'm really glad you found the video useful, that means a lot to me. Your subscription is very appreciated - thank you!

  • @cheif_ytstore6972
    @cheif_ytstore6972 Рік тому

    I am getting deceptive site ahead again & again i want to fix it through cloudflare what should i do for that please tell me sir 😢 3:29

    • @SaaStuto
      @SaaStuto  Рік тому

      One of the WAF rules is being too hard. Try disabling one by one and test to see what rule is causing the issue.

  • @HubOfSeries
    @HubOfSeries Місяць тому

    Love from india 🇮🇳

    • @SaaStuto
      @SaaStuto  Місяць тому +1

      Hey @HubOfSeries, Love right back to you from across the globe! 😊

  • @victorzarabozo
    @victorzarabozo Рік тому

    Muy buenas reglas para evitar los bots. Gracias por la explicación. Un saludo desde España

    • @SaaStuto
      @SaaStuto  Рік тому

      ¡Muchas gracias! Estoy contento de que te haya gustado mi explicación. ¡Un saludo desde Mexico!

  • @MyCH-un4nd
    @MyCH-un4nd Рік тому

    Amazing bro thanks for this valuable information

    • @SaaStuto
      @SaaStuto  Рік тому

      Hey My CH,
      Thank you so much for the kind words and your appreciation! I'm really glad that this video was helpful to you. If there's anything else I can help with, please don't hesitate to ask. :)

  • @expertcoder3101
    @expertcoder3101 11 місяців тому

    Thank you sir, usefull and good video

    • @SaaStuto
      @SaaStuto  11 місяців тому +1

      Hey @expertcoder3101,
      Thank you so much! I'm glad the video was useful and that you enjoyed it. Please share this with your friends if they could benefit from watching it too.

  • @AutomotiveForBeginners
    @AutomotiveForBeginners 9 місяців тому

    Thanks for sharing! Subbed.

    • @SaaStuto
      @SaaStuto  9 місяців тому

      Hey @AutomotiveForBeginners, That's awesome to hear! Hope you enjoy the upcoming content. Do not hesitate to share the videos you find useful.

  • @pasanflo
    @pasanflo 9 місяців тому

    Looks interesting, thank you

    • @SaaStuto
      @SaaStuto  9 місяців тому

      Hey @pasanflo, Hey, I'm really glad you found it interesting! Feel free to share it with others who might also find it helpful.

  • @seand2601
    @seand2601 Рік тому

    I wonder if this kind of limitation affect your SEO? Does it? And what would be the better setting to avoid loosing SEO if any ?

    • @SaaStuto
      @SaaStuto  Рік тому

      As long as you don't block search engines or public pages you are ok

  • @jamessp500priceactionpage3
    @jamessp500priceactionpage3 2 роки тому +1

    Good idea thanks

    • @SaaStuto
      @SaaStuto  2 роки тому

      Best stop these bots before they reach the site

    • @amankumawat7472
      @amankumawat7472 2 роки тому

      @@SaaStuto my traffic from india, tell me-> what can i set country challange. (my site is attecking on my site, please help me)

  • @Patrick-ur9tq
    @Patrick-ur9tq 9 місяців тому

    if i say -> captcha if threatscore is 1 or 2, is that too low?

    • @SaaStuto
      @SaaStuto  9 місяців тому

      Yes

    • @Patrick-ur9tq
      @Patrick-ur9tq 9 місяців тому

      @@SaaStuto because to many false positivs?

  • @Masterminion1
    @Masterminion1 Місяць тому

    should i turn on bot fight mode? or will that slow down the website?

    • @SaaStuto
      @SaaStuto  Місяць тому

      It will actually make to faster since bots won't be taking up your server resources.

  • @Promocoesdiarias1
    @Promocoesdiarias1 Рік тому

    Good evening, I'm from Brazil, I need to block the United States, but I need to let Google bots pass and also adsense trackers, is it possible to do this in Cloudflare?

    • @SaaStuto
      @SaaStuto  Рік тому +1

      Hey Charles Moura,
      Yes, it is possible to block the United States in Cloudflare while allowing Google bots and Adsense trackers. To do this you will need to create an access rule that allows certain IP addresses or domains through your firewall. You can find more information on how to set up these rules here: support.cloudflare.com/hc/en-us/articles/200170056-Creating-access-rules

    • @Promocoesdiarias1
      @Promocoesdiarias1 Рік тому

      @@SaaStuto It didn't help me with what I need, but thanks for answering. :(

  • @dworker8955
    @dworker8955 Рік тому

    is cloudflare useful for api endpoints?

  • @mrdiesel07
    @mrdiesel07 2 роки тому +1

    Very Nice!

    • @SaaStuto
      @SaaStuto  2 роки тому

      Thanks

    • @amankumawat7472
      @amankumawat7472 2 роки тому

      @@SaaStuto my traffic from india, tell me-> what can i set country challange. (my site is attecking on my site, please help me)

  • @Jake-vd8os
    @Jake-vd8os Рік тому

    Is the country challenge not going to cause issues with search engine crawlers like Bing and Google?

    • @Jake-vd8os
      @Jake-vd8os Рік тому +1

      Update: I have whitelisted Google and other good bots.

    • @SaaStuto
      @SaaStuto  Рік тому +1

      Correct, update good bots to pass

  • @Frank-Lahore
    @Frank-Lahore Рік тому

    Thank you so much!! It did help.

    • @SaaStuto
      @SaaStuto  Рік тому

      Hey Frank,
      You're welcome, I'm glad you found it helpful! If there's anything else I can do to help just let me know. Thanks for watching and have a great day! :)

  • @rma9822
    @rma9822 Рік тому

    It is a good way but it is not enough! You can not stop hackers by only using this unless your host provider is Cloudflare which is not the case, I assume for most people. The IP address can be easily found and the hacker can use it to request a connection to the site or the server by writing just the IP address and then /wp-login or the server port. To solve this you need to enforce your server to only accept HTTPS connections from Cloudflare; otherwise, this method would be useless. Also, you need to make sure that you get the other stuff right like server security updates, exposed ports, DNS Protection, OWASP firewall (Included in the Cloudfalre Paid Plan), etc.

    • @SaaStuto
      @SaaStuto  Рік тому +1

      You are correct that using Cloudflare's WAF alone may not be enough to fully protect a website or server from hackers. To increase security, it is important to also enforce HTTPS connections from Cloudflare and keep the server updated with security patches and firewall configurations. Additionally, using other security measures such as DNS protection and an OWASP firewall can also help to further enhance security.

  • @GooseDave
    @GooseDave 2 роки тому

    Great explanation. I have started using Cloudflare, so this was a very useful tutorial. Fast and to the point. In addition to the WP file blocks discussed, is there a list available for other common platform/dev specific files we can block?

    • @SaaStuto
      @SaaStuto  Рік тому

      Thanks for the kind words! I'm glad you found the tutorial useful. As far as other platform/dev specific files to block, Cloudflare has a list of recommended file types that should be blocked in their documentation here: support.cloudflare.com/hc/en-us/articles/200170086-What-file-types-shouldn t -I-. Hope this helps!

  • @publikanguro.tecno.marketing
    @publikanguro.tecno.marketing 7 місяців тому

    Excelente video tutorial muchas gracias por toda esta gran ayuda.

  • @glitzone2784
    @glitzone2784 Рік тому

    Hello SaaStuto,
    I want to block the access to my website from all other countries except India... I Can Do that by ClouldFlare Rules does that effect the SEO...

    • @SaaStuto
      @SaaStuto  Рік тому

      Thanks for the question. Yes, you can block access to your website from all other countries except India with CloudFlare rules without affecting SEO. However, it is important that you set up the rules correctly so as not to interfere with any of your content being indexed by search engines or appearing in SERPs (Search Engine Results Pages). If done incorrectly there could be a negative impact on SEO performance.

    • @CHATHK
      @CHATHK Рік тому

      Pls can you tell us how to enable google adsense and indexing once you block other countries?

  • @catclothes8694
    @catclothes8694 Рік тому

    Thank you so much

    • @SaaStuto
      @SaaStuto  Рік тому

      Hey Cat Clothes,
      You're welcome, I'm glad you found it helpful!

  • @euandrefrancisco
    @euandrefrancisco Рік тому

    Fantastic!!

    • @SaaStuto
      @SaaStuto  Рік тому

      Hey André Francisco,
      Wow, thank you so much! I'm really glad to hear that and I hope you continue to enjoy my content. :)

  • @dabarago
    @dabarago 6 місяців тому

    Is it still free in June of 2024?

  • @amankumawat7472
    @amankumawat7472 2 роки тому

    my traffic from india, tell me-> what can i set country challange. (my site is attecking on my site, please help me)

    • @SaaStuto
      @SaaStuto  2 роки тому

      In the WAF section. create a rule to block or challenge the country

  • @ShahirNaga
    @ShahirNaga Рік тому

    Thanks:-)

    • @SaaStuto
      @SaaStuto  Рік тому

      Hey Shahir Naga,
      No problem! You're welcome.

  • @ajayrathod7777
    @ajayrathod7777 2 роки тому

    How can we protect AdSense by use of cloudflare, want to add setting like 1 user can only click maximum 2 times on our advertisement in 1 day

    • @SaaStuto
      @SaaStuto  2 роки тому +1

      That would probably set in adsense and not in cloudflare

  • @ksnovoa1632
    @ksnovoa1632 Рік тому

    Si hago tal cual lo dices no tendré problemas para que el robot de Google adsense acceda a mi blog, apenas lo voy a monetizar y quiero bloquear ciertos países ya que hace unos meses tuve un ataque y no paso a más pero no quiero bloquear al robot de Google 😩 espero me puedas responder

    • @SaaStuto
      @SaaStuto  10 місяців тому

      Configura Cloudflare WAF para permitir el tráfico del User Agent "Googlebot" antes de bloquear los países deseados, así no interferirás con el acceso de AdSense a tu blog.

  • @nofood1
    @nofood1 Рік тому

    amazing

    • @SaaStuto
      @SaaStuto  Рік тому +1

      Hey NOFOOD?,
      Thanks so much for the kind words! I'm glad you enjoyed my video and that it was helpful. :)

    • @nofood1
      @nofood1 Рік тому

      @@SaaStuto easily explained. Any ideas how to stop people from downloading videos from my site? Possible with cloudflare you think?

  • @kosisochukwuemmanuelderric7154
    @kosisochukwuemmanuelderric7154 2 роки тому

    Good afternoon. Please, I need help. Serous help

    • @SaaStuto
      @SaaStuto  2 роки тому

      What happened?

    • @SaaSMaster
      @SaaSMaster 2 роки тому

      Hey Kosisochukwu Emmanuel Derrick Udeh,
      I'm sorry to hear that you need help. Please let me know what I can do to assist you.

    • @kosisochukwuemmanuelderric7154
      @kosisochukwuemmanuelderric7154 2 роки тому

      @@SaaSMaster Good afternoon. I have disabled and even deleted my rss feed from feedburner and Blogger dashboard. Yet Indians are still scraping my contents and outranking me

    • @kosisochukwuemmanuelderric7154
      @kosisochukwuemmanuelderric7154 2 роки тому

      @@SaaStuto What do I do please?

  • @JamesAutoDude
    @JamesAutoDude Рік тому

    This doesn't help if they find out your server IP. They'll just bypass cloudflare and use your server IP directly

    • @SaaStuto
      @SaaStuto  Рік тому +2

      That's not correct. Plus, the server IP is public and anyone can know it via DNS checker

    • @JamesAutoDude
      @JamesAutoDude Рік тому

      @@SaaStuto this video explains it
      ua-cam.com/video/YRsZoySY3Zo/v-deo.html

    • @Alex-hn3lc
      @Alex-hn3lc Рік тому

      ​​​@@JamesAutoDude --- If hackers find your origin IP, then this is where your host comes into play. If you use a decent host, they'll take care of it, especially if you're on a managed solution. If you manage your own server, then you'll have to protect it yourself or hire competent pros to do it for you. There is no perfect method, and companies big and small get hacked all the time. So it's just about making it as hard as possible. This video does a good job of showing people how to protect their websites at the DNS level. Server protection is another whole level.

    • @bishnuchetri9941
      @bishnuchetri9941 Рік тому +1

      For example:If you use nginx, you can block all IP addresses and allow only those IP addresses which cloudfare uses. This way only cloudfare can access ur server and no one else

  • @damonb805
    @damonb805 2 роки тому

    🍀 p̴r̴o̴m̴o̴s̴m̴