2012-09-11, 08:26 PM
1. You're not protected from DDOS/DOS with cloudflare. It takes two seconds to resolve the real IP address. Also, even if you can't resolve the real IP from a cloudflare resolves there are new sneeky methods of attacking. (Layer-7 attacks) What a Layer-7 attack can do is:
Rudy
Get
Head
Post
Slowloris
The most dangerous I've seen/tried on my own web server is Rudy, Head, Post attacks. Those will just bypass cloudflare protection and still cause a Denial of Service attack. See, free version of cloudflare does not protect you from Layer-7 attacks. They charge you to be protected from Layer-7.
Just as a example you are not protected. Let's take a simple website like ubers.org, now the cloudflare IP resolves to 108.162.196.112 but if your resolve the cloudflare it goes to *************.ubers.org resolves to 178.***.**.*** (ip censored). So, it proves to point you are never really safe.
This is just a security tip.
ubers is a example due to its big and nice. If you are owner of ubers and viewing this, I can notify you how I was able to resolve the IP address and you can fix it.
Rudy
Get
Head
Post
Slowloris
The most dangerous I've seen/tried on my own web server is Rudy, Head, Post attacks. Those will just bypass cloudflare protection and still cause a Denial of Service attack. See, free version of cloudflare does not protect you from Layer-7 attacks. They charge you to be protected from Layer-7.
Just as a example you are not protected. Let's take a simple website like ubers.org, now the cloudflare IP resolves to 108.162.196.112 but if your resolve the cloudflare it goes to *************.ubers.org resolves to 178.***.**.*** (ip censored). So, it proves to point you are never really safe.
This is just a security tip.
ubers is a example due to its big and nice. If you are owner of ubers and viewing this, I can notify you how I was able to resolve the IP address and you can fix it.