Want more timely Centmin Mod News Updates?
Become a Member

Cloudflare Find origin servers of websites behind by CloudFlare using Internet-wide scan data from Censys

Discussion in 'Domains, DNS, Email & SSL Certificates' started by RoldanLT, Jan 26, 2018.

  1. RoldanLT

    RoldanLT Well-Known Member

    4,157
    1,007
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,421
    Local Time:
    11:04 AM
    1.11
    10.2
  2. eva2000

    eva2000 Administrator Staff Member

    33,695
    7,459
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,470
    Local Time:
    1:04 PM
    Nginx 1.13.x
    MariaDB 5.5
    Actually that's very old news :) But guess Cloudflare ain't happy about it!

    As outlined in those articles to protect yourself you can either use firewall to block all traffic other than Cloudflare from your server or setup a Cloudflare Authenticated Origin Pull certificate on your Cloudflare Full SSL enabled site. The latter is easier to do as blocking all traffic might cause problems for other non-visitor access/communications to your server. I wrote a guide for the latter at Cloudflare - Setting Up Cloudflare Authenticated Origin Pulls Protecting IP Leaks
     
  3. BamaStangGuy

    BamaStangGuy Active Member

    511
    147
    43
    May 25, 2014
    Ratings:
    +195
    Local Time:
    10:04 PM
    We have been using Auth Orgin Pulls for quite a while now. :)
     
    • Like Like x 2
  4. eva2000

    eva2000 Administrator Staff Member

    33,695
    7,459
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,470
    Local Time:
    1:04 PM
    Nginx 1.13.x
    MariaDB 5.5
..