Introduction

To ensure that Origin Server denies all IPs except the CloudFlare IP (this will need to be AT the server level, not cloudlfare). This will capture all the use cases where clients are DIRECTLY accessing the I.P. address of the website (instead of the URL, which CloudFlare will address)

How Attackers Can Discover the Real IP

Here are common methods:

1. Historical DNS Records: Services like SecurityTrails or Censys can expose past DNS records that pointed to your real IP.

2. Subdomain Leaks: A misconfigured subdomain (e.g., ftp.example.com) may resolve directly to the origin IP.

3. Direct SSL Certificate Scans: Your SSL cert may be associated with an IP exposed via services like Shodan.

4. Email Headers: If your mail server shares the same IP, outgoing emails might leak it.

5. Application-Level Leaks: Misconfigured apps may reference assets from the raw IP.

The post How attackers can bypass CloudFlare appeared first on Anuj Varma, Hands-On Technology Architect, Clean Air Activist.