I was also curious about all this...
Bottom line... You can't completely protect your server IP? Only stop the skids from using public tutorials to find them out?
[quote='labrocca' pid='950196' dateline='1355796161']
Quote:To be honest, you shouldn't be using CloudFlare as a service to hide your server IP. That's not what it's meant for, nor will it help to much extent.
"Originally that may not have been there intent but that's changed."
We do not position ourselves as an IP protection service at all & this has never changed. While basic lookups will terminate on our IPs, we can only proxy web traffic record types. Someone that is really interested in finding out your server IP can probably find it.
Most of the attack types we see are actually web traffic attacks (botnets), so that's where we are effective in helping mitigate DDoS attacks.
Cloudflare actually stopped giving out IPs, mainly the host now with the range of the dedicated server.
But, still you can get the IP easily enough with that.
With cloudflare, it is fine to me.
@ Jesse, any example scripts of that around to block the avatar IP thing?
HF still does not have this patched i don't think.
(2013-01-14, 01:40 AM)norradjer99 Wrote: [ -> ]Cloudflare actually stopped giving out IPs, mainly the host now with the range of the dedicated server.
But, still you can get the IP easily enough with that.
With cloudflare, it is fine to me.
@ Jesse, any example scripts of that around to block the avatar IP thing?
HF still does not have this patched i don't think.
In inc/functions.php, around line 5584 (unmodified, may be different if using google seo urls plugin), you'll find a function called fetch_remote_file. This function allows for an attacker to get the real IP address of the website. This piece of code eliminates this vulnerability.
This is within the section that says if(function_exists("curl_init")) for those who have modified their functions.php file. Insert the following at or near the beginning of this block.
curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1");
curl_setopt($ch, CURLOPT_PROXYPORT, "8080");
curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
Replace the IP address and port with the corresponding ones of your proxy. If it's an HTTP proxy, replace CURLPROXY_SOCKS5 with CURLPROXY_HTTP .
Credits: Don't remember, this was in my notepad.
P.S: I never tried this even though I had this for over a month.
would I use like a proxy I find on the web? or set my own up?
(2013-08-14, 07:35 PM)damoncloudflare Wrote: [ -> ]The Website Security Guidelines post we have will greatly reduce the probability of someone finding your IP address easily.
yes but what about the above post?
(2013-01-14, 04:53 AM)Adobe Wrote: [ -> ] (2013-01-14, 01:40 AM)norradjer99 Wrote: [ -> ]Cloudflare actually stopped giving out IPs, mainly the host now with the range of the dedicated server.
But, still you can get the IP easily enough with that.
With cloudflare, it is fine to me.
@ Jesse, any example scripts of that around to block the avatar IP thing?
HF still does not have this patched i don't think.
In inc/functions.php, around line 5584 (unmodified, may be different if using google seo urls plugin), you'll find a function called fetch_remote_file. This function allows for an attacker to get the real IP address of the website. This piece of code eliminates this vulnerability.
This is within the section that says if(function_exists("curl_init")) for those who have modified their functions.php file. Insert the following at or near the beginning of this block.
curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1");
curl_setopt($ch, CURLOPT_PROXYPORT, "8080");
curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
Replace the IP address and port with the corresponding ones of your proxy. If it's an HTTP proxy, replace CURLPROXY_SOCKS5 with CURLPROXY_HTTP .
Credits: Don't remember, this was in my notepad.
P.S: I never tried this even though I had this for over a month.
(2013-08-14, 08:07 PM)sn4g Wrote: [ -> ] (2013-08-14, 07:35 PM)damoncloudflare Wrote: [ -> ]The Website Security Guidelines post we have will greatly reduce the probability of someone finding your IP address easily.
yes but what about the above post?
(2013-01-14, 04:53 AM)Adobe Wrote: [ -> ] (2013-01-14, 01:40 AM)norradjer99 Wrote: [ -> ]Cloudflare actually stopped giving out IPs, mainly the host now with the range of the dedicated server.
But, still you can get the IP easily enough with that.
With cloudflare, it is fine to me.
@ Jesse, any example scripts of that around to block the avatar IP thing?
HF still does not have this patched i don't think.
In inc/functions.php, around line 5584 (unmodified, may be different if using google seo urls plugin), you'll find a function called fetch_remote_file. This function allows for an attacker to get the real IP address of the website. This piece of code eliminates this vulnerability.
This is within the section that says if(function_exists("curl_init")) for those who have modified their functions.php file. Insert the following at or near the beginning of this block.
curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1");
curl_setopt($ch, CURLOPT_PROXYPORT, "8080");
curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
Replace the IP address and port with the corresponding ones of your proxy. If it's an HTTP proxy, replace CURLPROXY_SOCKS5 with CURLPROXY_HTTP .
Credits: Don't remember, this was in my notepad.
P.S: I never tried this even though I had this for over a month.
Can't think of any way we could stop that. We don't position ourselves as an IP protection service & someone that really wants to find your IP address probably can, with our without CloudFlare. We're really only going to help with basic lookups against the domain.
Note: I'm not sure where the whole "CloudFlare hides my IP address" came from. We can only proxy certain web traffic records, so we're only going to really help with people doing lookups using ping, dig, etc.