Hi, hopefully i can get some help with my issue.
I did a security check on my site, and i notice that it’s possible to view all kinds of information on
shodan.io & censys.io such as:
Obviously i wish to block shodan & censys from being able to scan my domain.
Im still new to security on webservers and sites but it was my understanding that cloudflare would block most of this information.
So i must have missed to configure something. I would like some help to fix this.
I asked scott helme for advice and he told me,
" You’d need to configure your server to only answer requests from Cloudflare.
It’s likely becuse your servers are accepting traffic on your IP address from anywhere. If your server is behind Cloudflare, or any CDN, you should restrict it to only answer requests that come from a Cloudflare IP address. "
So i have been trying to do as scott suggested but i’ve gotten nowhere.
He also told me that he had been using iptables in the past but as i understand that is only available for linux. And as i use windows as a server os, how would i configure this on windows?
I have HTTP Proxy (CDN) active
Thx in advance