Hi, I have a Cloudflare hosted website (wordpress built). Looking at doing a company audit, so the question came up about how to scan our own company website for vulnerabilities. It’s obvious I can’t just point a scanner at my host IP as that is IRL Cloudflares front end IP- so how do I scan or vulnerability check my webserver that sits behind the Cloudflare IP?
As I understand, you have a website which is hosted at your hosting provider/server. The Website is also using a CMS WordPress and you are using Cloudflare service for your domain/website, correct? Kindly, correct me if I am wrong.
Regarding WordPress, I recommend using Cloudflare service, while the best would be Pro plan, but in some cases a WAF plugin like WordFence or some other is also recommended to have:
May I ask will you perform those scans over Cloudflare IP addresses (your domain being proxied via Cloudflare, DNS records being cloud), or directly on your origin IP address (DNS records being cloud) while performing the scan, if so?
There are either some online tools, free and some paid to do that.
Therefore, I would strongly recommend hiring an expert or a company who is actually allowed to do the testing and audit, either to prepare your company for ISO 27xxx family certification process or a GDPR compilance, or even a Risk Analysis/Audit.
While you are using Cloudflare service, you have many security options available to you, even on a Free plan like Security Level, Firewall Rules, User-Agent blocking, DDoS mode, Browser Integrity Check, SSL/HTTPS, HSTS, Bot Management, IP Access Rules, Country blocking, Rate limiting and more.
At DNS tab, the Website/domain should have DNS records which are pointed to your hosting provider IP address.
Or not, if you are using a CNAME type record(s)?
You can also Pause Cloudflare for your domain and do your audit and tests.
In case if you do not have the Pause Cloudflare on Site option available to you in the lower right corner of your Cloudflare dashboard for your Website, you can achieve this by setting all your DNS entries to cloud instead of being one.
If so, to temporarly disable proxying via Cloudflare for your domain (the records), click on the cloud to switch to cloud next to the needed DNS records at DNS tab.