Comment by Aachen
1 year ago
> The attacker was using residential proxies and making about 8 requests before cycling to a new IP.
So how is Cloudflare supposed to distinguish legitimate new visitors from new attack IPs if you can't?
Because it matches my experience as a cloudflare user perfectly if the answer were "they can't"
Captcha/challenges and tracking users/IP rep across the web
They also do IP and request risk scores using massive piles of data they've collected