My websites are behind cloudflare but i’m getting attacks on IP, actually attacks are coming on ports that are closed.
My UFW is blocking these but how to secure more, i’m getting 502 errors and site stop working and when i check free RAM it all get sucked so i have to schedule a RAM cleaner bash script.
Although CPU % is fine.
I also tried to change IP address but still getting these messages/attacks
You’re probably leaking the IP through a DNS record, or you havent configured your server to only allow traffic from Cloudflare
Yes few DNS entries are leaking origin IP address
how to allow only cloudflare IP’s ?
and UFW is already blocking will allowing specific IP i get rid of these ?
You can do it through firewall software like iptables, this article describes the method
Also, you’ll have to get rid of those DNS records that leak the ip address
Sounds like an attack, you should enable IUAM (I’m Under Attack Mode) and follow these steps
Also, what is the domain?
cloudflare only protects on port 80 & 443 not whole ports of ip address
Ok, what about your DNS record settings? Maybe it’s misconfigured? (Send me a screenshot of your DNS settings)
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.