Case Study: CARS24 achieves uninterrupted transactions and blocks DDoS, scrapers, and appointment‑hoarding bots with Cloudflare

Cloudflare helps the CARS24 ecommerce platform stay one step ahead of DDoS attacks, data scrapers, and appointment hoarding bots

CARS24 is a fast-growing Indian ecommerce platform for pre-owned cars that combines C2B and B2C operations across hundreds of branches and international markets. Facing limited SecOps resources, the company struggled with frequent DDoS attacks, data scrapers, appointment‑hoarding bots that blocked inspection slots, and cumbersome certificate and load‑balancing management as its web properties multiplied — all of which threatened availability, customer trust, and revenue.

By adopting Cloudflare, CARS24 deployed a Web Application Firewall, Managed Rulesets and OWASP protections, country‑based IP blocking, Bot Management and advanced rate limiting, plus Cloudflare Workers for edge serverless routing. The result was faster configuration (what previously took three days now takes about an hour), continuous DDoS mitigation (tens of thousands of threats blocked), elimination of false bookings, reduced infrastructure costs and cleaner analytics, and the ability to migrate legacy code with minimal disruption.

Cars24

Marut Singh

Chief Technology Officer