What should I do with Apache WAF or Fail2ban if a DDoS attacker does 15-20 requests per IP attack. And the attacker keeps doing IP rotation, I'm already using cloudflare, so when using Apache WAF it detects a Proxy from Cloudflare. Meanwhile, if I use Fail2ban, I am confused about what kind of configuration I should have, because my website also has a REST API (which of course has a lot of requests).
Is there a workaround for the configuration I need to do?
I'm currently using:
- Apache 2.4
- PHP 8.0
- MariaDB 10.6