Hide real IP behind CloudFlare DNS

Virtual private server discussion and vps hosting solutions. Review VPS hosting providers and offer advice on virtual web hosting solutions.
Post Reply
stewart
Newbie
Posts: 5
Joined: Mon Oct 02, 2017 10:25 am

Mon Oct 02, 2017 10:27 am

Hello Friends,

I have CloudFlare's business plan on my site but apparently attacks are coming directly to the actual IP of the VPS Bypassing CloudFlare. What proceeds in these cases so that the IP is never visible?

I'll be investigating, Regards.


User avatar
Larry
Junior Member
Posts: 15
Joined: Wed Sep 17, 2014 10:22 am

Mon Oct 02, 2017 10:36 am

If the server has been exposed for a long time, the attackers would have your IP and would give you a little equal. To avoid exposing the IP, make sure you do not have any domain / subdomain that points directly to the server. Also if you have a configured mail server you probably have SPF headers with the IP or host so they will not be filtered by the anti-spam filters. You would have to use a separate mail server.

On the other hand, once configured CloudFlare, I recommend that you do DROP to all traffic that does not come from your IP's. That is, an exclusive whitelist to these:

Code: Select all

 https://www.cloudflare.com/ips/
(Or https://www.cloudflare.com/ips-v6 and https://www.cloudflare.com/ips-v4 if you prefer to update them using scripts)  
regards
stewart
Newbie
Posts: 5
Joined: Mon Oct 02, 2017 10:25 am

Mon Oct 02, 2017 10:39 am

Thanks for the quick reply :)
aspirationhosting
Newbie
Posts: 2
Joined: Thu Oct 19, 2017 1:00 pm

Thu Oct 19, 2017 1:04 pm

Upvote on that.  Also, you should contact CloudFlare for some additional suggestions.  Perhaps change the IP so the old IP is obsolete.
Inviosolutions
Newbie
Posts: 7
Joined: Thu May 31, 2018 12:35 pm

Sun Jun 03, 2018 2:49 pm

Just to increase the security of this further, you can do two more things.

1. Enable Authenticated Origin Pulls
https[:]//support.cloudflare.com/hc/en-us/articles/204899617-Authenticated-Origin-Pulls

2. Enable Argo Tunnel
This does cost money, but it's not that expensive. It's currently a new feature though, which I believe you still need to request it.
Magnite
Newbie
Posts: 7
Joined: Wed Jun 13, 2018 9:14 am

Wed Jun 13, 2018 9:19 am

CloudFlare is absolutely useless if the attacker is attacking directly to your server's IP. What you would want is get network-level protection.
SpryServers
Newbie
Posts: 1
Joined: Tue Jul 03, 2018 7:12 am

Tue Jul 03, 2018 7:16 am

I'd change the IP if you can. Additionally, maybe find a host that offers DDoS protection. As @"Magnite" said, if they have your server's IP CloudFlare won't do much good. It's always good to have an external firewall and DDoS protection in addition.
Infinity-Hosting
Newbie
Posts: 1
Joined: Thu Jul 05, 2018 4:38 pm

Thu Jul 05, 2018 4:40 pm

Allow only Traffic to your web server from Cloudflare IPs.
Post Reply
  • Information
  • Who is online

    Users browsing this forum: No registered users and 0 guests