Short Introduction: Cloudflare is a Content Delivery Network(CDN) which builds up a wall between the website and the visitor. Due to miss config in CloudFlare settings, The Cloudflare wall can be bypassed. Today we’re gonna learn how to configure Cloudflare properly to avoid getting it bypassed.
What is Cloudflare? What does Cloudflare do with my website after I activate my website on Cloudflare?
Cloudflare is a Content Delivery Network which builds up a wall between the website and the visitor. Only visitors are allowed to go through Cloudflare and even search engine crawlers are allowed but not attackers. Cloudflare covers the real IP address of the website with their IP address. Mostly CloudFlare IP(s) starts with 104.x.x.x. So a hacker bypasses it by brute-forcing the DNS of subdomains.
How do CloudFlare works?
The chart above explains how the attacker gets the access to the website when the website is not under Cloudflare protection and at the right side, you can see how does Cloudflare protects the website from the attacker.
How Does Hackers Bypass The Cloudflare’s Proxy?
When you register your domain to Cloudflare, they automatically fetch all the IP addresses on the DNS server. Once it is fetched, the user is asked to select what IPs are to be proxified(kept under Cloudflare DNS routing). As a default, Cloudflare marks the A record for “www” and root-domain as protected under Cloudflare DNS. But other subdomains are not marked, a user has to manually do it. Mostly newbies leave it as default and never puts it back to the orange-mark(mark it as Cloudflare DNS protected). The hacker in this scenario runs a subdomain brute force and pings every IP and checks for the ISP. If it is not Cloudflare’s IP, it is most likely to be origin IP. This is how it is bypassed.
Setting up Cloudflare to avoid getting it bypassed.
Cloudflare needs to be configured properly so that no one can bypass it. You may think that after adding your website to Cloudflare, you are protected. But you are wrong. Ever heard of that quote? “With great powers, comes great responsibility“. Yes, you need to configure its DNS. Now you are thinking, how to do that? Let’s start.
Step one 1. Login to your Cloudflare account by going to the Cloudflare login portal.
Now you will see your subdomain which is protected. Go to your origin web hosting provider’s control panel and go to “DNS Settings” and check for all the sub names which are put up in the domain with their records. Example, cname.example.com. Record = CNAME. And now, as per the record, set it up with Cloudflare.
Putting The Protection Online & Configuring It
And you’re all done! Make sure all the Orange tick are done. Check the screenshot below.
When the website is not under CloudFlare’s protection, it will look like this :
And when it is under Cloudflare DNS setting then it will be in orange like the below one.
Now check for the upper screenshot. You will see how it looks when the website is under Cloudflare.
To enable the DNS, check to click the grey cloud and when it turns to orange that means the website is under Cloudflare!
Note:- If you put SMTP record(MX alias) under Cloudflare, then you won’t be able to send email from your Web app or cPanel. You need to get another email server which is totally different from the host.
Now it will be a lot difficult for the hacker to bypass the Cloudflare protection and grab the origin IP.
In the next article, we’ll learn how can one bypass Cloudflare protection step by step.
(Hey! If you found any mistake then please suggest in the comment box below!. We’re pleased with your feedback and suggestions! Thank you!)
Why worry about hiding your IP if you can get just exclusively strong and powerful OVH powered DDoS protection at Shadow Hosting? Purchase a hosting package with coupon “NEW10” to get 10% OFF on any new order for the first month or first year(if 1 year at once). Order DDoS protected Linux web hosting.