Simulating test DDoS attacks
After onboarding to Cloudflare, you may want to simulate DDoS attacks against your Internet properties to test the protection, reporting, and alerting mechanisms. Follow the guidelines in this section to simulate a DDoS attack.
You can only launch DDoS attacks against your own Internet properties — your zone, Spectrum application, or IP range (depending on your Cloudflare services) — and provided that:
- The Internet properties are not shared with other organizations or individuals.
- The Internet properties have been onboarded to Cloudflare in an account under your name or ownership.
You do not have to obtain permission from Cloudflare to launch a DDoS attack simulation against your own Internet properties. However, before launching the simulated attack, you must open a Support ticket and provide the information below. All fields are mandatory.
- Attack origin region
- Attack duration
- Attack window (UTC)
- Attack method
- Traffic estimate in both requests per second (rps) and bandwidth (Gbps/Mbps/MBps)
- Target IPs, ports, ranges, zones, hostnames, full URLs
- Contact in case of emergency
- Attack origin region
- Attack duration
- Attack date & timeframe
- Attack method
- Target IPs, ports, ranges, zones, hostnames, full URLs
- Protocol
- Traffic estimate in both requests per second (rps) and bandwidth (Gbps/Mbps/MBps)
- Max packet/bit rate
- Contact in case of emergency