Hi, I had enabled 2fa roughly a week ago due to concerns with security. Although my concerns were unverified or even valid, I wanted to report something that was.
Today I logged into my cloud flare account to check the ip of my oracle server since I had been going through the ringer restting my password and even getting email properly.
I noticed that someone renamed my a record host to resume2 from resume and put a different ip on resume with a proxy behind it.
I knew this was not me because I don’t proxy my servers usually, and I surly didn’t rename my website with a 2 after it since I am looking for work and that is what I am giving to employers.
Coughs yep, pretty fuked… but on another part of my stupidity, I erased the ip that was broadcasting on my website and quickly replaced it with the proper one without recording.
No doubt there’s logs on cloud flare about this, but i would not rather spend an eternity and a half getting support to look into it.