2600 Solutions is a boutique business IT consulting company located in Hawaii, providing competitive IT solutions to small businesses across the Hawaiian Islands.
2600 Solutions’ Challenge: Protecting Sites From Brute Force Attacks, Without Compromising Normal Traffic
2600 Solutions manages most of their client websites through WordPress. While customizable and effective, 2600 Solutions was finding it difficult to continue using WordPress because of the increasing number of attacks their customers’ sites were facing. Jeff Williams, owner of 2600 Solutions, explained “over the past 24hrs I’ve had over 200 brute force attempts over my sites. They’re accessing wp-admin/admin.php, the core administrative file for WordPress sites, and just trying to brute force into that. I searched and found one potential solution, but when I did my due-diligence on it I discovered that the provider was actually a malicious Russian actor attempting to gain access to my sites. I needed something to block these malicious attempts without harming normal traffic and protect my clients’ sites from getting compromised.”
2600 Solutions’ Solution: Rate Limiting Malicious Requests
Initially, 2600 solutions came to Cloudflare to use its CDN and DNS services, but when Williams saw Rate Limiting Early Access, he signed up hoping that it could help with his brute force attacks. Cloudflare’s Rate Limiting works by allowing customers to both set a threshold for the total number of requests that can hit their origin servers over a given period of time and limit the number of requests from a specific IP address. Williams hoped that these thresholds would put a stop to the brute force attacks he was seeing. The results were better than he could have hoped for: “Cloudflare’s rate limiting blocked over 3000 requests coming to my website in the past month. That’s in addition to the 60% bandwidth savings and IP obfuscation I get with Cloudflare’s CDN and DNS.”
With Rate Limiting enabled, Williams delighted that “I can go to sleep and wake up knowing no one else has touched my backend. Especially with the attacks over the holidays, I was putting a lot of IP addresses onto a black list, which was tedious and tiring. But now, Rate Limiting helps block those requests. Since using rate limiting I’ve seen a drop in the number of attacking addresses, and I get peace of mind so I’m not sitting on the computer all day and blocking these addresses.”