Welcome to Web Hosting Forum - Net Hosting Talk

Register now and be part of our community! When you register with the Net Hosting Talk you can join in with topics, start new topics, and generally be a part of the first level of our community. It's also quick and totally free, so what are you waiting for?

Hide real IP behind CloudFlare DNS

stewart

Newbie
Messages
7
Reaction score
0
Hello Friends,

I have CloudFlare's business plan on my site but apparently attacks are coming directly to the actual IP of the VPS Bypassing CloudFlare. What proceeds in these cases so that the IP is never visible?

I'll be investigating, Regards.
 

Larry

Newbie
Messages
15
Reaction score
0
If the server has been exposed for a long time, the attackers would have your IP and would give you a little equal. To avoid exposing the IP, make sure you do not have any domain/subdomain that points directly to the server. Also if you have a configured mail server you probably have SPF headers with the IP or host so they will not be filtered by the anti-spam filters. You would have to use a separate mail server.

On the other hand, once configured CloudFlare, I recommend that you do DROP to all traffic that does not come from your IP's. That is, an exclusive whitelist to these:
You don't have permission to view the spoiler content. Log in or register now.

regards
 
Messages
7
Reaction score
0
Just to increase the security of this further, you can do two more things.

1. Enable Authenticated Origin Pulls
You don't have permission to view the spoiler content. Log in or register now.

2. Enable Argo Tunnel
This does cost money, but it's not that expensive. It's currently a new feature though, which I believe you still need to request it.
 
M

Magnite

CloudFlare is absolutely useless if the attacker is attacking directly to your server's IP. What you would want is get network-level protection.
 

SpryServers

Newbie
Messages
1
Reaction score
0
I'd change the IP if you can. Additionally, maybe find a host that offers DDoS protection. As @Magnite said, if they have your server's IP CloudFlare won't do much good. It's always good to have an external firewall and DDoS protection in addition.
 

Advertisement

Top