I get subdomains from
fusionbd.com pointed to our domain earthfightsback.org. For the moment I have blocked 3 subdomains, m.fusionbd.com, mtube.fusionbd.com, radioprograms.fusionbd.com. All point to our ip 220.127.116.11. They use cloudflare dns. How do I stop this?
5 minutes A 18.104.22.168
Why is this
your IP? It will simply be an address which your host also assigned to you.
It would seem as if that address is properly configured to redirect to the naked domain, which suggests that it was (possibly still is) used for the domain in question.
You might want to discuss this with your host.
Why should I discuss it with my host?
I see it as MY ip because it is assigned to MY server. The IP is shared between 5 of MY domains. How can it be that cloudflare dont bother about what ip subdomains are pointed at in the cloudflare dns. Does it mean that I can point my domains to any IP? If so its high time to leave cloudflare. I have no time to block new subdomains every hour of the day
Because your server responds to that domain.
So you have a
dedicated server just for yourself and that’s where that IP has been assigned to?
Then you should check why your server responds to that domain.
$ curl -I --resolve radioprograms.fusionbd.com:80:22.214.171.124 http://radioprograms.fusionbd.com
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
that is what I try to find out. Someone register subdomain and point them to that IP. The host mean its not a datacenter problem
But to stop it I will add an IP, proxy it with Cloudflare and see if it stops. As I understand it there should not be any possibility to find out the real IP of my server
That’s something you need to check on your server, Cloudflare is not involved here.
That can always happen is nothing “illegal” either. Just make sure your server does not respond for that domain respectively returns an appropriate error message when a request for it comes in.
Ok I will find out how. For the moment I just redirect them in htaccess back to the motherdomain.
That’s exactly what I meant. I wouldn’t redirect but rather rather send an error response.
You could also restrict requests only to Cloudflare addresses and enable Cloudflare’s client certificate authentication (Origin Pulls). That would guarantee that only Cloudflare can connect.
Hi! Can you point at some info on how I do that? It would be a good solution for all different like this
Do what? There’s plenty in the documentation and search though, I’d use that first.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.