I have an web app that responds for several domains, these domains are controlled by my clients that want to access de app with the URL for their company. This means that for all these domains the response comes from the same servers.
Some times one (or more than one) of these domains is flooded with a lot of requests and this impacts all the clients in this structure. Dividing clients in different containers is being discussed. But right now the faster option seems to be update our apache servers with mod_evasive.
Most of our clients use CloudFlare proxy for SSL on their domains.
Will mod_evasive be able to prevent DDoS in this setup with Cloudflare proxy + multiple domains?
Plus there are a lot of requests searching for wordpress URLs, attempting logins etc. How can I block these types of requests?
Are there alternatives for this?
I've setup remoteip so apache can see the actual origin IP, but will this play nicely with mod_evasive?