I’m running a game server on port 51000. Somehow, someone is spamming our server application listening on that port on TCP with connections coming from IP’s owned by Cloudflare.
How is this possible? Cloudflare doesn’t forward requests to non-HTTP ports, I even checked if he did it with Workers, but raw TCP isn’t allowed there either.
So does he have a Enterprise account with this ability, or what? Because from what I can see only Enterprise allows something like this.
The Cloudflare IP’s that are attacking me are the one’s that start with “8.”. Apparently these are not the ones that are used in normal website traffic (see that list here: https://www.cloudflare.com/ips/ )
A few of the Cloudflare-owned IP’s that attacked me:
It’s way more, it kept changing, so I had to blocked the whole cloudflare ASN in firewall.
Total list of Cloudflare IP’s: https://ipinfo.io/AS13335
So yeah, how does he do it?
Thank you for reading.