Starting out with cloudflare

HI! Just starting my Cloudflare journey,

my site, has been hit with a few DOS attacks, mostly NTP amplication attacks.

I was thinking I should change my server public IP. Does this seem prudent? NTP attacks I think are done using the servers IP as a spoof, not the URL, so just using Cloudflare, wont stop this attack.

I think I need to change my server IP address to be protected. or am I being silly.

Actually, it would. As Cloudflare would proxy your site your IP address would not be public any longer, hence nobody can attack it.

But yes, you obviously would need to change your IP address (and keep it well hidden, so ensure you have no leaks → MX records or outgoing connections for example) as they would otherwise simply continue attacking the address they already know of. Also, make sure you only accept connections from Cloudflare.

I believe I misunderstood your question. Yes, “just using Cloudflare” wont help in that case, as they will still go for your IP address. You could (and should) block all non-Cloudflare connections, however if this is only done on your machine itself, they will still be able to saturate your link/bandwidth. A change of IP address would be advisable in this case.

This topic was automatically closed after 31 days. New replies are no longer allowed.