Last step

Jeetkune

Administrator
Under the topic Step 3 - WAF Custom Rules - Known, one of the rules you have implemented is the Cloudflare Threat Score rule.
Among the rules you have implemented, there is a rule called Cloudflare Threat Score.
  • The threat score value for this rule is set to 1.
  • This is extremely important, as a score of 1 is highly effective against DDoS attacks.
  • However, a threat score of 1 blocks legitimate access to your site.
To prevent this rule from blocking real users from accessing your site, we will create a special index-static.html file. This setup will ensure that the threat score does not block genuine users while still protecting your site effectively.

⚠️

Please follow the steps described below carefully and precisely to set up the index-static.html file. This is crucial to avoid disrupting legitimate access to your site.


How to View and Save the Page Source of a Login Page in Chrome:​

  1. Open the Login Page
    Navigate to the login page of your chat website in Google Chrome.
  2. Access the Page Source
    • Right-click anywhere on the page (but not on an image or input field) and select "View Page Source" from the menu. 1736084123025.png1736084647426.png
    • Alternatively, press Ctrl + U (Windows/Linux) or Cmd + Option + U (Mac) to open the page source.
  3. Download and Extract the File
    • Download the zip file shared at the bottom of the forum page.
    • Extract the file to access the empty index-static.html file.
  4. Copy the Source Code
    • Return to the View Page Source tab where you accessed the login page's source code.
    • Copy all the source code of the login page (before logging in).
  5. Paste the Source Code into the File
    • Open the extracted index-static.html file in a text editor (e.g., Notepad, VS Code, etc.).
    • Paste the copied source code into this file.
    • Save the file without making any changes to its name. Do not rename the file.
  6. Upload the File to Your FTP Server
    • Log in to your FTP server and navigate to the root directory (where the main index.html file is located).
    • Upload the index-static.html file to the root directory.
    • Ensure that the file appears in the FTP directory with the name index-static.html.
  7. Final Check
    • After uploading, verify that the file is correctly placed in the root directory and remains named as index-static.html.

After completing the previous steps, follow these instructions:
  1. Open Your index.php File
    Open your index.php file in your code editor.
  2. Locate the $page_info = array( Line
    Find the line where you define $page_info = array( in your index.php file.
  3. Insert the Code Right Above This Line
    As shown in the image, copy and paste the following code just above the $page_info = array( line, starting from the line right after the <?php tag.
  4. Modify the your_cookie Line
    In the code you paste, replace the your_cookie line with the cookie name that you set after logging into your site.
    For example, if the cookie name is tc_userid, change it to tc_userid or whatever your cookie
  5. Save and Upload the File
    After pasting the code, save the file and upload the updated index.php file to your server using FTP.

⚠️

Make sure that you paste the code in the exact location specified, just above the $page_info = array( line and right after the <?php tag. Incorrect placement could cause errors on your site.

Once you've done this, the updates will be applied, and your site will work with the new configuration.
1736086066549.png
PHP:
// Başlangıçta karakter kodlamasını belirtheader('Content-Type: text/html; charset=utf-8');

// your_cookie çerezi ayarlı değilse ve script CLI modunda değilse
if (!isset($_COOKIE['your_cookie']) && (php_sapi_name() !== 'cli')) {
    $static = file_get_contents('index-static.html');

    // İçeriğin "gradient_sheet" içerip içermediğini kontrol et
    if (strpos($static, "gradient_sheet") !== false) {
        // Varnish önbelleklemesi için uygun başlıkları gönder
        header('Cache-Control: public, max-age=86400'); // 1 gün önbellek
        header('Pragma: cache'); // Önbelleği etkinleştir
        header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 86400) . ' GMT'); // Son kullanma başlığı

        // Statik içeriği gönder ve scripti sonlandır
        die($static);
    }
}


If you have done everything correctly, it should work. However, there is an important point you must not forget. Please read this carefully.

The rules you have implemented will block all files or directories after the / in your domain URL.
For example:
  • your_domain.com/a.php
    As you can see, the file a.php comes after the /. This could also be an image, MP3, or any other file or directory.
Most DDoS attackers directly target files like PHP, so this effectively blocks such attacks entirely.

Why Did We Apply Rate Limiting Only to​

If we were to block access to domain.com/ directly, no users would be able to access your website at all. Instead, by using threat score and rate limiting, we have successfully managed to significantly reduce all heavy and high-volume DDoS attacks without disrupting legitimate traffic.

Recommended Setup for Better Protection​

To ensure optimal performance and protection, I strongly recommend that your VPS server has at least 4 CPUs. This is critical for handling traffic effectively during DDoS mitigation.

By following these measures, you can maintain strong protection while ensuring your site remains accessible to real users.

That's all... ( jeetkune and yeva )
 

Attachments

Last edited:
Back
Top