How to prevent "bad guys" from finding origin server?

I ask forgiveness because I only barely understand this and chances
are I will get it wrong?

Let us say I have an account at DreamHost.
www.myreallycoolwebsite.com → DreamHost Server

I sign up for CF to accelerate and protect my site
www.myreallycoolwebsite.com → Cloudflare → Dreamhost Server.

What prevents people from just skipping over CF and go directly
to the originating web server?

There are plenty of ways to prevent people going directly to your origin server. A good starting point is available here:

1 Like