Someone use the bug or something that use cloudflare traffic fordwarding for their own VPN and try to login the admin account in my three website. The IP is 22.214.171.124 and 126.96.36.199. So I think is the cloudflare company give them the service to attack my website.
You didn’t post a domain, so I can’t check. Is your site using Cloudflare services, either directly through Cloudflare, or through a hosting partner?
The domain is guguzimuzu and gugu-game.tk, another website didn’t use the cloudflare.
The only valid domain you listed, gugu-game.tk, is using Cloudflare. The reason you’re seeing Cloudflare IP addresses is because you’re using Cloudflare’s CDN for that site. Cloudflare is a reverse proxy, so all traffic to your site comes from Cloudflare IP addresses.
I mean there is someone trying to login in the admin account, and its IP is cloudflare’s. I think it is the way that someone use this bug to cover its real IP. and attack others website. You can check it out! https://youtu.be/pNsX6VofdyY
People and bots are always trying to log into admin. That’s why strong passwords are so important. You can also use Cloudflare Access to protect the login screen.
It’s not a bug. It’s a reverse proxy (as explained in the article I linked to), and it does not cover its real IP. It’s right there in the headers (x-forwarded-for and cf-connecting-ip). Your server just isn’t properly configured to use this service.
Ok, let me check it.