Site Hacked


#1

Ukraine traffic using a vulnerability between Cloudflare and my host. They have been able to inject an old plug-in and now re-direct to their affiliate sites and sponsors. How to clean and how to close this vulnerability. It is impossible to get rid of Ukraine traffic with the current set-ups.


#2

Thats a question for your server administrator or - if there is none - for a more security-related forum, not this one I am afraid.

What do you mean by that? Using firewall rules you can block traffic from the Ukraine, if you want.


#3

The problem is you send anon data back to host. Host can not tell what traffic it is you are reporting. We have free accounts with cloudflare not paid. Best we can do is block IP by IP. It would be great if Cloudflare could send real IP data back to hosts so they can block bad IPs.


#4

Cloudflare does send the client IP, you simply need to rewrite it -> https://support.cloudflare.com/hc/en-us/sections/200805497-Restoring-Visitor-IPs

But you can simply block these requests on a Cloudflare level and that is what I was referring to.


#5

This topic was automatically closed after 30 days. New replies are no longer allowed.