TestomatoBot and DDoS protection

What is DDoS (Denial-of-service attack)

Denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. DDoS attacks achieve effectiveness by utilizing multiple compromised computer systems as sources of attack traffic.

False DDoS attack by Testomato

TestomatoBot accesses checked websites very frequently (e.g. every minute) and according to the Project settings TestomatoBot try download multiple URLs from same website at once that can be taken as attempt to DDoS attack.

note

Read more information about TestomatoBot

All Testomato servers always use same IP addresses, these addresses can by whitelisted on your Firewall.

info

Get list of all TestomatoBot IP addresses: https://www.testomato.com/bot

Advanced DDoS Protection by Cloudflare

Cloudflare aims to block bots and crawlers like TestomatoBot. They assume that TestomatoBot is used by data scrapers so they are blocking it and response by Access denied (Error: 1020).

Access denied (Error: 1020) indicates that TestomatoBot violated a Firewall Rule.

How to fix that?

1. Login to Cloudflare Dashboard
2. Temporarily pause Cloudflare on Site
3. Go to Firewall page
4. Search for the RAY ID or Testomato IP addresses in the Firewall Events
5. Once we find the exact, the next step is to make changes to the rule to make the website accessible.

Getting more information

• What is a Firewall?
• What is a DDoS Attack?
• What is Web Application Firewall (WAF)
• What is Data Scraping?
• Cloudflare Bot Management