How To Bypass Cloudflare Protected Website And Find Origin IP?

Cloudflare is a layer of protection against malicious attacks and DDoS packets. It is also used as a Content Delivery Network or CDN to deliver content from the nearest server of the visitor. However,  Cloudflare is mostly used as a “DDoS Protection layer” as it brings multiple checkups and strong servers protecting it from such attacks. Cloudflare is used as a proxy to hide origin IPs and protect it from getting attacked as if the attacker doesn’t know the IP, he/she won’t be able to attack the server. In this article, we’re going to learn how to bypass the Cloudflare layer and get origin IP.

How To Bypass Cloudflare?

Before we begin, let’s learn what actually Cloudflare is, according to Wikipedia.

Cloudflare, Inc. is a U.S. company that provides content delivery network services, DDoS mitigation, Internet security and distributed domain name server services. Cloudflare’s services sit between the visitor and the Cloudflare user’s hosting provider, acting as a reverse proxy for websites.

How do Cloudflare works?

Image result for cloudflare
Credits:- Cloudflare Support Blog

As shown in the above figure, Cloudflare acts as a wall between malicious traffic, safe traffic, hacker’s traffic, and your website. It allows only safe traffic and necessary search engine crawlers. Other fake crawlers and spiders are rejected and shown a captcha which one cannot easily bypass(as a robot).

It also provides a built-in WAF or web application firewall which can protect your website against malicious codes being injected into it.

How To Bypass It?

Okay, now so we’ll begin to learn how to bypass Cloudflare protection. This can be used as a method of pentesting your website if it can be hacked/bypassed or not. There are multiple methods to bypass it but we’ll list down easy ones.

Pinging

When you enable Cloudflare on your website, it protects your subdomains and your main domain. However, as default, to avoid any API based issues which are probably in your website, Cloudflare doesn’t enable its proxy on all sub-domains. You have to manually choose which one has to be enabled. However, newbies on Cloudflare often forget to enable the proxy on their sub-domains which are not in use. Hackers ping those sub-domains and get the real IP. For example, if your website is running on cPanel based panel then it would have the subdomain “cpanel” enabled on. If you forget the proxy, it can be pinged and real IP can be found.

Bypassing Cloudflare with CMD Prompt

Using 3rd party Cloudflare resolvers

There are many Cloudflare resolvers available in the market. Some come as paid, some cost bucks. For free, I would recommend you to use ShadowCrypt.net resolver.

Resolving An Example Cloudflare Protected Website
Resolving An Example Cloudflare Protected Website

 

It will differentiate the real IP and the Cloudflare IP for you automatically so that you can copy the real IP. To find the resolver, go to Google and search for “Shadowcrypt Cloudflare resolver”.. Comparatively, ShadowCrypt Cloudflare resolver is a lot better than the above ways with a higher probability to get the origin IP.

IP History

If you’re not much into Cloudflare and you found it later on how it works and how beneficial it is, you might want to move. Until then, your website was naked without Cloudflare, thus resolving real or origin IP. Let’s say if you enable Cloudflare before hacker tries to invade you, but there can be another method of doing that so. The hacker may give a chance to find out the IP history of the domain name where the list shows the previous IP used but that particular domain name.

IP History of domain name

However, this method can be lesser accurate because the webmaster might have moved to some other hosting or IP address after moving to Cloudflare. This migration can be done without changing nameservers by just changing IP addresses in the DNS section of the website.

How To Protect It From Getting Bypassed?

We have a separate article for that. Please refer to “Configuring Your Cloudflare Website To Avoid Getting It Bypassed“.


Conclusion

Thank you for reading out our article. If you find this interesting, please give it a share and don’t hesitate to comment down your thoughts on this article. If you’re searching for a web hosting which is to be less worried about getting bypassed or DDoS’ed, grab one with us! We provide Anti-DDoS enabled Web Hosting at the most affordable price!

Also check out our affordable DDoS protected VPS hosting plans.

About Manal Shaikh 22 Articles
Manal Shaikh, the Founder of Shadow Networks International and CEO/Chairman of Shadow Hosting International. A cybersecurity analyst, network analyst and a web administrator.

1 Comment

  1. Cloudflare is causing a host of problems on chat & blog sites I login to, mainly Errors 500, 504, 524.
    I am not a spammer, I do have a dynamic browser name, changes with every launch.
    I do delete EXPIRED Certificates. I see Cloudflare as a Tool of Global Censorship & Control.

Leave a Reply

Your email address will not be published.


*


CommentLuv badge