Join Log in
Score:0
Frustrated Melly avatar Server

How to hide Origin Server IP address from Reconnaissance tools

cn flag
Frustrated Melly

When it comes to web server security, I am a paranoid person.

On DigitalOcean, I'm running a server. They refer to it as a Droplet. Cloudflare is my DNS provider, and Cloudflare proxies and protects my server from DDoS attacks.

However, I tried to search my domain on ZoomEye.org's cybersecurity search engine, it found my Origin IP address. According to researchers, hackers just need to know the Origin IP address in order to DDoS a website. It makes no difference if the technique is L3 or L7.

How to avoid your server from revealing its IP address on these kinds of cybersecurity search engines?

262
0 + 0
ips
Score:1
avatar Server
us flag
Tero Kilkanen

One can hide the origin server by tunneling traffic to the server via another server, and associating the tunnel server with the DNS entry.

Then you set up origin server firewall to block HTTP/HTTPS connections from all other IP addresses except the tunnel server.

Cloudflare's Argo Tunnel is one solution to this.

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.