1. Home
  2. Forums Index
  3. WebmasterWorld / Website Security for Webmasters 11:50 pm May 20, 2026

Forum Moderators: open

Message Too Old, No Replies

Cloudflare Detected and Blocked 15.3Mln Requests Per Second DDoS Attack

         

engine

2:47 pm on Apr 28, 2022 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



Cloudflare has reported it detected and blocked a DDoS attack of 15.3 million requests per second over HTTPS.

What’s interesting is that the attack mostly came from data centers. We’re seeing a big move from residential network Internet Service Providers (ISPs) to cloud compute ISPs.

This attack was launched from a botnet of approximately 6,000 unique bots. It originated from 112 countries around the world. Almost 15% of the attack traffic originated from Indonesia, followed by Russia, Brazil, India, Colombia, and the United States.


https://blog.cloudflare.com/content/images/2022/04/1109-2.png

[blog.cloudflare.com...]

martinibuster

7:41 pm on Apr 29, 2022 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



What's of particular interest is that the origins of the botnet are OVH and Hetzner.

[searchenginejournal.com...]

lucy24

8:18 pm on Apr 29, 2022 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Interesting, possibly. Surprising, not even slightly.

(But holy ###, engine, I thought you were reporting a 15.3mln attack on your individual site. Ouch.)

phranque

9:32 pm on Apr 29, 2022 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



it's probably not a coincidence that one of our members reported IP addresses used by OVH [webmasterworld.com] and Hetzner [webmasterworld.com] hosted bots and scrapers the same day cloudflare published this blog post.

CF also mentions Azteca and Telkomnet as top networks originating the attack.
while OVH and Hetzner are well known here, i couldn't find any previous mentions of Azteca and Telkomnet on WebmasterWorld.

brotherhood of LAN

9:43 pm on Apr 29, 2022 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Had noticed some routing issues between OVH and Maidstone, UK last night, IIRC there was an AWS hop in between.

OVH/Hetzner are not surprisingly a source of bad traffic because they offer some of the cheapest dedi's in Europe.

lucy24

11:44 pm on Apr 29, 2022 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



OVH/Hetzner are not surprisingly a source of bad traffic because they offer some of the cheapest dedi's in Europe.
And, conversely, it seems safe to assume one reason they're cheap is that they don't bother with making and enforcing user rules.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. WebmasterWorld / Website Security for Webmasters 11:50 pm May 20, 2026