A few days ago our company got blackmailed and we refused to pay. Today we woke up and about 180 websites that we host were exploited with the same bug. All 180 websites got offline (we use cloudflare on all of them). At that moment we didnt know the bug and because of our despair we ended up paying the “hacker” R$ 20.000,00 (about 5000 USD dolars) to tell us how to fix the problem. In his answer he told us the bug/exploit that he found out and we already provided a fix to that. BUT that alone wouldnt create us much problem. What created lots of problem to us is that this hacker said he got all websites we host using the DNS provided by cloudflare. This is a serious problem with Cloudflare: any domain that we add to our panel gets the same exactly DNS to our entire account. This started happening 2 or 3 years ago. Before that the DNS’s informed by CloudFlare were “random”. I know that only with the DNS this “hacker” should have discovered milions of domains that has no relation to us. But he told that what he did was to narrow the list of the websites that used the same DNS filtering first the ones that use “.com.br” (90% the websites we host are “.com.br”) and he said he used other things to narrow the list and after that he automated a tool to exploit the bug on all the domains left on his list (some were ours, others were not) and surely all the domains that were ours got the bug exploited and the websites got offline. So I ask you: is it possible to you start assigning random DNS to newly added domains to our CloudFlare account? This way it would be much harder to narrow all the domains are hosted with us.