I installed Discourse forum on VPS and added cloudflare in front of VPS. But I didn’t quite succeed in hiding my server’s real IP address.
dnshistory.org (everything is correct when I look here - successful)
Shodan.io (When I look here I see the VPS real IP address - fail)
Censys.io (When I look here I see the VPS real IP address - fail)
I don’t know where I went wrong. Maybe there is a very simple solution, but my research has not led me to any conclusions. I want your help. Thanks in advance to those who help.
The history of an IP address is what it is. Does the current DNS lookup return a Cloudflare IP? If so it is working as expected.
So censys and shodah just show DNS history? If so, I would be very embarrassed. I hope that’s the only reason.
Yes, the DNS lookup currently returns a Cloudflare IP.
You might wish to look at blocking non-Cloudflare IPs.
Its not this easy, but the only way that you could prevent it is from blocking all non Cloudflare IPs how @anon9246926 mentioned. The Way that Censys and Shodan work is that they scan the Complete (at least they claimed this in the Past) Public IPv4 Spectrum. Even when its not every IPv4 anymore its still a lot. They Scan every IP Address in their Database for open Ports. When they knock at the Webserver Port from your Webserver the Server accepts the Connection and hands them the TLS Certificate. Because your Lets Encrypt TLS Certificate has your Domain Name in it you find the Server IP Address when you filter after the Name. Only way to Block this would to drop the Connection from Every IP that is not Cloudflare
It also seems like your Webserver redirects Requests to the IP Address with a 301 HTTP Redirect to your URL. Thats another way for Censys and Shodan to find the IP behind the URL. But this Problem will be aswell gone when you block non Cloudflare IPs from accessing Port 80 and 443
Thank you very much for your answers.
Thank you for your help.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.