Recently, on October 15-16th, the hosting load has spiked up to 5-6 times its usual amount. The hoster has sent a message suggesting that there are numerous requests coming in from foreign IP-addresses. To fix this problem, they recommend activating access to the site solely from within the country through the control panel.

Unfortunately, the requests seem to come from different IP-addresses and URLs, and there is no common parameter to filter them out selectively. One solution could be to connect the domain to Cloudflare; this may help to filter out such requests.

I have already activated the tool to restrict access only from my country, but it's not a long-term solution since 13% of traffic comes from abroad. I don't have much experience solving such issues, so I would appreciate some straightforward advice. Do you have any recommendations for someone unfamiliar with this type of problem?

Let's implement an anti-bot measure. It could be located somewhere in -DM-.

Is it possible that the hosting service does not keep track of website traffic?

I have encountered a situation before where my hoster notified me of a significant attack on my site. However, the attack was actually just visits from Googlebots, Bing, and Robot Sapa.

Quote from: Newport on Oct 19, 2022, 02:34 PMSet the anti-bot. At -DM- somewhere it was.

and cloudflare by these rules wmsn.biz/m.php?p=143697

Cloud Flare FirewallRule setup from the 3 rules, which will work for many, but not all.
I try to set up all my sites this way now. For me, it's convenient.

Start by enabling forced redirect from http to https, you can find it in: SSL/TLS | Edge_Certificates | Always_Use_HTTPS.
Then in Firewall - Firewall_Rules create rules (they should be in this order):

1) Allow access to white bots. Who CloudFlare considers white listed here.
If the bots get to http - will have a 301 redirect https.
The rule looks like this: (cf.client.bot)
You cannot view this attachment.
2) Those who got to http - make 5-second JS check (if there are attackers), let them suffer, after that they will get redirect to https.
If you do not make this rule, then http will not be available at all because of rule number 3.
The rule looks like this: (not ssl)
You cannot view this attachment.
3) Deny access to everyone who visits not via HTTP2 protocol, dhdos-bots, shitbots, and other stuff that goes mainly via HTTP/1.0 and HTTP/1.1.
The rule looks like this:
You cannot view this attachment.
And a little bit about the sad part. HTTP2 is not supported by a couple percent of browsers, mostly these
old abandoned mobile browsers, but they are as good as milk, these browsers are not convenient to use and
the hell to do with them on the site, no goods to order, or advertising to click, or comments to shit. Although,
those who are still optimizing sites for ie7, - for these webmasters is probably a loss.

These settings do not obviate the need to use antibots, as Ahrefs, Archive, baidubots and other unnecessary bots
for CloudFlare are considered white and they pass. Also, many hotbots use HTTP2, which abuzayut, etc.
are negative activity against sites, from them will save only cloud antibot.

By the way, I also in tech support recently recommended to block IP....Google, Bing, Yandex, and ArchiveOrg   
Well, morons, no words, only emotions, bordering on hysteria...

Quote from: Newport on Oct 19, 2022, 02:34 PMby a serious attack meant the visits of googlebots, bing, and robot sapa )).

Now most of the "shared" started tightening the screws, the crisis, the equipment is getting more expensive, so they include all sorts of "protections" that harm the site, but the server loads less to the hoster.

Quote from: Newport on Oct 19, 2022, 02:34 PMI once had a hoster wrote that there was a serious attack on the site, by a serious attack meant the visits of googlebots, bing, and robot sapa )).

Hoster, I wrote myself with a request to advise the causes of such a sudden jump in load, which I noticed in the control panel.
Observed it for 2 days, before that everything was normal. Attendance is at the same level.
There are several days in a year when the traffic is increasing. But even on those days the load is much less than the current values.

Quote from: -DM- on Oct 20, 2022, 09:27 PMand cloudflare by these rules wmsn.biz/m.php?p=143697

That is, only your anti-bot will not be enough?

Quote from: Ronny on Oct 21, 2022, 06:12 AMThat is, only your anti-bot will not be enough?

Antibot works on your server, culling primitive bots by claudflare outside your server is a significant resource saver.
I do not know how to live without claudflare, it's awesome, convenient dns, saving traffic and server resources, ssl, and much more.

Quote from: -DM- on Oct 21, 2022, 06:39 AMAntibot works on your server, culling primitive bots by claudflare outside your server is a significant resource saver.
I do not know how to live without claudflare, it's awesome, convenient dns, saving traffic and server resources, ssl, and much more.

Maybe, I do not argue. I just never got into the subject of bots because I didn't have that problem. It all seems complicated and convoluted to me.
Any step by step instructions on how to properly connect and configure it all?

Yeah, had the same problem this summer. A very uncomplicated and inexpensive way, is to move all sites to work through cloudflare. Turn on high security mode.
It's likely that requests from bots can go not only to the sites, but also to the server IP. You need to close access for requests that are not coming through CF.
Cloudflare is also useful in that it spoofs the true IP address of the host, which will help avoid problems in the future.

You can establish a CF and utilize the five free rules available. Once you set it up, you'll realize that a large portion of bots come from Amazon.com, DigitalOcean, Hetzner, and OVH.

These bots will be subjected to a captcha, which should resolve most of your issues. This could potentially put an end to your entire problem.