I got DOS attacked. Why? I'm just a little unknown website. Took me a long while to figure out that I was attacked, partly because I don't expect my tiny little website would get DOS. Or maybe someone is doing a Penetration Test by trying all sorts of tricks rapidly. Tough luck bro!
So for the past 24 hours, I noticed that my tiny little unknown blog just got DOS attack by a somewhat single IP address. And this attacker was attacking direct to my server instead of going through cloudflare. That got me thinking.
If the attacker knows my server's IP address, they could access it directly instead of going through cloudflare, which is capable of mitigating attacks like these. Why not I block all direct access accept through CloudFlare only? Thankfully, it is possible. I just set the firewall on Amazon to the list of IP address from CloudFlare and I got no more downtimes.
Well, my uptime 99.xx% instead of the previous 100%. Oh well, I guess this is the price to pay for a big learning lesson. Honestly, a small price to pay. It's my own website anyway.