I received a notification from Cloudflare about a new domain added to my Cloudflare account.
The domain is indexfreedom.fund
This is not my domain.
My account has 2FA setup with Authy and I don’t have any member assigned to handle my account.
How can someone else add a domain to my account without such access?
Have you shared your Global API key with someone or over some 3rd-party integrator, or in some plugin like WordPress, etc.?
Kindly, navigate to the Audit Log from Cloudflare dashboard and take a look for an events, I believe you this could help you to find out what happened with the domain name
May I ask have you used Cloudflare for that particular domain withing some 3rd-party partner/integrator since before?
I have not consciously shared my Global API key with anyone or any 3rd party integrator.
As for the API key being used in Wordpress plugin, I’m not 100% sure.
This domain is not mine. So I have never used Cloudflare with it before.
Looking at the Audit Log, it looks like the domain was added on the 4th, which was when I received the alert.
I don’t really know how to interpret the log information but apparently my username was used to add the domain (from User IP Address: 220.127.116.11) and subsequently Cloudflare added some Records.
This is the screenshot of the Audit log:
And this is the dashboard:
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.