Someone is DDOSing my site nearly everyday the last 5 days


So last week my site got its first DDOS and after that happened I set up Cloudflare but the last couple days the same area has been sending DDOS attacks to my site and it’s within a few minutes they do it again. I can’t afford the premium option for hits and I have Cloudflare on the under attack setting but there still doing this. How can I stop this happening as its making my site impossible to use?


I have banned some parts of the USA because that’s the main source of the DDOS but this person is using some sort of IP changer meaning he can bypass this… I would really appreciate any help with this :frowning:


First of all, very sorry for you, I know DDoS attacks can kill your free hosting account, anyways, if someone gets through a Javascript challenge and cloudflare security, it’s a good hacker we are talking about :+1: I have no suggestions.


Yeah I agree, it’s annoying because its not like my site has lots, that anyone wants it’s just my personal site I use for school :frowning:

1 Like

Switch to a different domain name?

Unfortunately, there is no convenient way to stop a DDoS attack. Cloudflare’s Under Attack mode can help, but it’s not impossible to bypass. But at some point in the chain, some server will have to handle all that traffic, and it’s not going to appreciate being hit by an attack.


That’s very true, but is there any way I can stop it happening again? Can IFastNet do something?

1 Like

@TylerMWise seems to have found out the DDOSER himself!

It’s one of those strange times :upside_down_face:

But going back to the real question, maybe changing IP may help (by creating a new hosting account), but I’m not sure. Or if that doesn’t work, then the only solution is to change the domain name as @admin said.

1 Like

This user said he did it once and he promises that, but he was “testing a software”. This makes me wonder if this software has the power to take over other sites like the infintyfree site and ones like that…?


Maybe read this?

Hope it helps you :wink:


Even if they found a large exploit around Cf or IF, I doubt they would say so. Some people abuse technology :frowning:


True :sob:


Thanks I will take a look :slight_smile:


Better you report him to his ISP?

1 Like

Hi what can I find for you

Eliminate Website Vulnerabilities

The best way to prevent a DDoS attack is to eliminate all vulnerabilities on your website. A site that’s supported by a strong network and hosting service is far less likely to be the victim of a successful attack.

If you use a WordPress website, make sure to regularly update the version you’re using, so the software includes the latest safeguards against DDoS attacks.

Talk to your hosting provider about whether they regularly update their systems, software, and firewalls. You and your hosting provider share responsibility for protecting your site against DDoS attacks.

You can install plugins that stabilize and strengthen your website by intelligently managing all incoming traffic. Don’t install too many security plugins and choose them very carefully.

Many plugins, while intended to protect your website, are actually quite vulnerable to an attack themselves. Using high-quality prevention tools is important.

Source: How to Prevent a DDoS Attack on Your Website - HostPapa Blog


I will take a look :slight_smile:

1 Like

My account will be reactivated automatically in less than an hour so I will see if this users decides to DDOS again…

EDIT: I have been made aware a company I work for called TechResort has gotten the exact same amount DDOS hit attacks as my site did.

1 Like

DDoS attacks are a pain, especially on a free hosting account. Here’s what you can do to prevent this from happening, the easy way. I’ve combined all of the user posts in this thread to form a helpful guide, credit is given.

Step One: Find the IP the attacks are coming from

If you’re using Cloudflare, it’s a lucky day for you. All you need is an IP to start handling these attacks. Refer to step two to completely block the IP from accessing your site. I don’t really use Cloudflare, as it interferes with features on my website. Look up how to find where traffic to your website is coming from.

Step Two: Find the ISP

Look up the IP and find it’s ISP. This will come in handy for the ISP to block contact with your site.

Step Three: Notify the ISP

It doesn’t matter if they are using a VPN or not. If you contact the VPN provider, they can suspend the hackers account. If their ISP is not hidden with a VPN, contact the ISP and tell them the IP and that they need to block access to your website.

(Credit: BayoDino)

Step Four: Do a victory lap

If the ISP is actually helpful, they will block access from the IP to your website. Congratulations if this helped!

Hope this helps! I wish you the best of luck.


Hey everyone again, I have just got a message saying my site area has been suspended:
Your account was suspended for abuse. InfinityFree monitors accounts to ensure they do not contain any harmful content, and that they don't overload the free hosting servers. To learn why your account was suspended, to get your account reactivated, or to request a backup, please submit a support ticket using the button below.

I am opening a request because the DDOS attacks is what has caused this issue…


Bummer! At this point, I’d be submitting a ticket that explains what’s going on, what you’re going to do to stop it and prevent it from happening again, and I’d also attach this.


Definitely I will :slight_smile:


The user that I spoke to on Discord explained more and he is using Trojan. So this is me making you aware that Cloudflare DOES NOT block Trojan…