When looking in the audit log there are 3 actions that I did NOT do, all with the User IP Address of 127.0.0.1. These three actions are ‘delete’, ‘delete’ and ‘purge’. Please see the attached image!
Has Cloudflare been hacked, since all of these requests come from 127.0.0.1? Please can you explain how this happened? The login on Jul 23, 2018 was me and has my IP address, however I confirm I certainly did not delete any zones, and there was no way I was still logged in over a month later.
When I try to add the deleted domain back I get the error “This zone is temporarily banned and cannot be added to Cloudflare at this time, please contact Cloudflare Support. (Code: 1098)”.
I contacted support, and they suggested that I wait for a few hours before trying to add the domain again, but after waiting a few days it still doesn’t work. The ticket number is 1567972, and it’s been open without reply for 7 days.
This is quite worrying and I would like to get to the bottom of it, as the cloudflare account I use at my job has several domains on the pro plan and one on the business plan, and it would cost them a lot of money if these were removed without explanation as has happened here! I don’t want to get in trouble if that one has problems