Welcome to Centmin Mod Community
Register Now

Cloudflare Find origin servers of websites behind by CloudFlare using Internet-wide scan data from Censys

Discussion in 'Domains, DNS, Email & SSL Certificates' started by rdan, Jan 26, 2018.

  1. rdan

    rdan Premium Member Premium Member

    4,255
    1,034
    113
    May 25, 2014
    Ratings:
    +1,486
    Local Time:
    2:01 PM
    Mainline
    10.2
  2. eva2000

    eva2000 Administrator Staff Member

    36,021
    7,901
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,183
    Local Time:
    4:01 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Actually that's very old news :) But guess Cloudflare ain't happy about it!

    As outlined in those articles to protect yourself you can either use firewall to block all traffic other than Cloudflare from your server or setup a Cloudflare Authenticated Origin Pull certificate on your Cloudflare Full SSL enabled site. The latter is easier to do as blocking all traffic might cause problems for other non-visitor access/communications to your server. I wrote a guide for the latter at Cloudflare - Setting Up Cloudflare Authenticated Origin Pulls Protecting IP Leaks
     
  3. BamaStangGuy

    BamaStangGuy Active Member

    531
    161
    43
    May 25, 2014
    Ratings:
    +214
    Local Time:
    1:01 AM
    We have been using Auth Orgin Pulls for quite a while now. :)
     
    • Like Like x 2
  4. eva2000

    eva2000 Administrator Staff Member

    36,021
    7,901
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,183
    Local Time:
    4:01 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
..