LeCab blocks 900,000 login page attacks in just 2 hours with Cloudflare Rate Limiting.
LeCab is the leading Parisian private driver service. Founded in 2012, it was created on a simple idea: give the people of Paris a comfortable, reliable and affordable alternative to taxis and personal cars.
LeCab’s Challenge: Big Growth Brings Big Attacks “One day we faced an attack that was slowing down our site and making it unusable,” related Tobias Rohrle, CTO of LeCab. “Our host gave us more bandwidth, but then they became overwhelmed by the size of the attack. It was too large, had too many IPs, and even with blocking countries that we knew must be origins of illegitimate traffic for our service, the attack was still too overwhelming. Unfortunately, this attack wasn’t an isolated incident. It was a classic DDoS attack and we knew we would face one again. So, we immediately added protection and started our search for a permanent solution.”
“Six months later,” Rohrle continued, “we faced another, much larger brute force login attack. This one took us hours to notice because it wasn’t trying to break our infrastructure, but rather, break into it by pretending to be a legitimate user. We only discovered the attack when we were investigating why login to our app was taking longer than usual— turns out, attackers was testing a massive number of login and password combinations trying to break into accounts. Uber was hacked at the end of 2016, and we believe the Uber attacker was testing stolen login credentials against our database. If just a single attack like this were to be successful it would be catastrophic for our business. We needed to ensure we had the proper protection in place to prevent something like that from happening again.”
LeCab’s Solution: Powerful Protection and Rate Limiting “We knew other french competitors had also seen the same attack, and they were using Cloudflare to block it so we looked into that solution for ourselves,” Rohrle explained. “During the night of the first attack we actually set ourselves up on Cloudflare’s free plan and immediately saw how effective the solution was. Our website was back online within hours and even though we were on the free plan, it was still effective at stopping the attack we were seeing.”
“When we were hit with the larger attack we knew we needed something to both protect our infrastructure from taking a performance hit as a result of the attack and, more importantly, protect our sensitive customer data from being stolen. Cloudflare’s enterprise plan with rate limiting has been the perfect solution by escalating our software level mitigations to Cloudflare’s edge. We blocked over 900,000 login attempts in just 2 hours with rate limiting. If we didn’t have Cloudflare’s protection, I’m confident that the attacks that took us down initially would happen again.”
Rohrle concluded “Cloudflare helps to reassure our customer that their data is safe, and it helps with our performance and reliability because malicious traffic doesn’t hit our servers”