Buycraft protects its customers' gCommerce shops with Cloudflare’s Rate Limiting.
Buycraft is a webstore platform focused on helping over 500,000 Minecraft servers run ecommerce platforms. Buycraft offers users an extensive control panel, providing customers with the ability to easily set up online stores, process payments and subscriptions, and understand their customers through detailed analytics.
Understanding the current state of their industry, Buycraft invested in DDoS protection from the start of their service. However, when they faced a small DDoS attack, their purchased protection didn’t mitigate the attack they were facing. “We had agreed on a fixed price per month for unlimited DDoS protection,” continued McNeil, “but when we were hit with a relatively small 10gbps attack, our site went down, and our previous provider demanded more money. We were effectively held to ransom by our security provider, and while we were able to come up with a short term fix, we knew we needed to find a new long-term solution.”
What’s more, Buycraft decided to enroll in Cloudflare’s Early Access program for Rate Limiting, which gives users fine grained control over the traffic that comes to their site. “We thought Rate Limiting would help protect against the increasingly common Layer 7 attacks we were seeing. So we specified a limit on the number of requests per second a given IP could make before it was blocked for a few hours.” When Buycraft turned Rate Limiting on, Cloudflare blocked 20 million malicious requests and their service experienced zero interruptions. “We didn’t even know we were under attack,” commented McNeil, “until I logged into the dashboard and saw the requests that were being Rate Limited. This is great for our service because without that protection our site would be down and we wouldn’t be able to process any transactions.”