Hi is there any way to protect from hacker combine ip address . for example i create rule to allow only selected ip address . my ip are suppose to 126.96.36.199
but hacker hacked ip and access too . in my web server access logs i saw hacker ip address recorded like 188.8.131.52,184.108.40.206
means hacker attacked own ip with already white listed ip . what is this case can some one help me to understand and guide me how to protect my domain from this types of hackers .
It might depend on the web server configuration as far as you can combine the output to the log files as you want
For example, you could have your web server configured to log the client IP and some other headers like X-Forwarded-For, which would result seeing a “combined IP” separated by the comma , string or some other kind of type.
Are these maybe the crawlers or bots? Did you analyze your web traffic?
Are the naked domain and www DNS records proxied? ( cloud)
Bypassing, does this mean like comming directly to your server IP address?
Nevertheless, depending on the attack type and using Cloudflare security options like Firewall Rules, etc., consider blocking some of the known “bad user-agents”, “crawlers” or “bad ASNs” using below posts:
Make sure to protect your admin / login page, if you have one. We can use Cloudflare Access / Zero Trust (Teams):