One of our sites has been under continued DDOS attack for a week. We moved the DNS over to cloudflare which initially helped but the attackers have flooded the site again with millions of requests overwhelming the JS challenge and causing the site to go offline on and off.
We are not experienced enough to analyse the data in Cloudflare and setup more rules and blocks to try and stop these attacks or at least minimise the damage they are causing.
The website is wordpress/woocommerce hosted on Kinsta and now on a personal Cloudflare plan.
Looking for someone with experience in this area to step in here and put best practises in place in Cloudflare after analysing the situation and open to any other recommendations.
Thanks
Success story sharing