DDoS protection with PrivateFlare

You can reduce the strength of a DDoS attack and keep some of your resources running with a combination of PrivateFlare and CloudFlare services. Protection can be launched at the moment of attack, no preparation is required.

We will need

  1. The main domain that is parked on CloudFlare.
  2. PrivateFlare account at the minimum rate.
  3. Nearly 3-5 PrivateFlare nodes.

Step 0. Create a PrivateFlare account

Register yourself or contact our salespeople. For one attack on one domain, you won't even need a paid account. We recommend that you create and activate an account in advance so that it waits in the wings in an emergency.

Step 1. Prepare nodes

Get a VPS from the most quality and fast providers. Hetzner and Inferno are recommended. Ideally, take VPS in different locations. Use a plan with 4 GB of RAM or more.

You need to add 3-5 nodes. The process from preparation and addition is described in quick start guide. There are no subtleties of customization.

Step 2. Add a domain

Add a domain following the instructions in "Quick Start". Enter the address of your main server as the target IP. Don't enable certificate generation and switching to HTTPS.

After adding, go to the domain settings section and check all the configs:

Step 3. Set up a domain in CloudFlare

Go to your domain's DNS section in CloudFlare.

  1. Remove all IPv6 (AAAA) domain records, they won't help you.
  2. Remove the existing domain A-records.
  3. Add a new A-record with the address of the first node. Make sure the node is added in proxy mode.
  4. Add another A-record with the same name and address of the second node, third node, and so on.

We will get automatic load distribution across multiple nodes.

Step 4. Fine-tuning CloudFlare

These settings will be useful to all sites under attack, even without PrivateFlare as a traffic divider.

These measures will help you significantly reduce the load even at the level of CloudFlare filters. It doesn't make much sense to buy a paid solution from CloudFlare.


We have divided the traffic from the CloudFlare servers into several dampers, which will take on the role of additional caching servers and will be able to deliver much more content to visitors. When using static pages on sites, they will be delivered to users even if the site crashes.