Home > Uncategorized > Mistakes that can render your #CloudFlare protection obsolete

Mistakes that can render your #CloudFlare protection obsolete

download

Cloudflare is a service that can help keep your website safe from DDOS attacks, by taking the load of the attack without affecting your underlying server too badly.

However, assuming that your website is being specifically targeted, then it is obvious for an attacker to spot that your website is behind cloudflare, by simply checking the NS records on your domain. – So an attacker will look to find your underlying webserver, and attack it directly, rather than a “front door” attack via Cloudflare.

So, the first step, as a domain owner, is to make sure that your underlying werserver is not published anywhere on the web. Since, if you can find it – you can bet an attacker will too.

A first search is here: http://www.crimeflare.org:82/cfs.html – Scroll to the foot of the page, and enter your domain – if it’s there, make sure you change your IP address of your server, or ask the owner of this website to remove your listing from his database.

Next, check for historic A records of your domain here; https://securitytrails.com/domain/<your domain>/history/a – and make sure the IP address of the server you used before you moved to cloudFlare is no longer your production IP address.

In short, the general tip is – that if you used the same server IP before moving to CloudFlare, as you do now, – change it. Otherwise an attacker can bypass your CloudFlare protection.

 

Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: