1. Home
  2. Forums Index
  3. General SEO Issues / Crawler, Spider, and User Agent ID 11:16 am May 4, 2026

Forum Moderators: open

Message Too Old, No Replies

Cloudflare starts hammering me today

Actual, or DOS?

         

SumGuy

3:05 pm on Jan 18, 2024 (gmt 0)

5+ Year Member Top Contributors Of The Month



Today I'm seeing an explosion of blocked hits to my website from a distributed Cloudflare range. Specifically these attempted hits are coming from:

172.68.x.x
172.69.x.x
172.70.x.x
172.71.x.x

The x.x part is too diverse to specify. It's all over the place. And interestingly is being held to 5 attempts per ip.

These are being blocked in my router, the packets are silently dropped so the Cloudflare machines are getting nothing back to indicate there's a live server on my side. There's been about 1500 attempts today, and it started this morning.

Cloudflare owns the entire range from 172.64.0.0 - 172.71.255.255 but does not announce all of them so their IP listings in the above 4 ranges appear as many small CIDR fragments. They are not part of Apple's private relay.

I will be moving the above 4 /16 CIDR's to my block-don't-log list so they don't pollute and bloat my router's logs. The alternate explanation for this is that they're being dos'd.

Is anyone else seeing hits to their website from those IP's?

not2easy

4:13 pm on Jan 18, 2024 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



172.64.0.0 - 172.71.255.255
172.64.0.0/13
is CLOUDFLARENET (Direct Allocation). If you don't see regular traffic from that range, you can block them all with the CIDR. I have not seen any traffic from that range. yet.

They are listed as Cloudflare WARP (proxy) AS13335
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. General SEO Issues / Crawler, Spider, and User Agent ID 11:16 am May 4, 2026