Portal Home > Knowledgebase > Articles Database > Stopping cloudflare bypass
Stopping cloudflare bypass
Posted by israr, 09-03-2015, 06:20 AM |
Hi all,
I am using cloudflare WAF, however it can be very easily bypassed using the IP or editing the hosts file on a local system if you have the server IP.
So is there any setting in apache or at the network where we can detect if the request is coming through cloudflare or directly through IP. I know there is a way of hiding IP but that is not feasible for me right now.
Any advise?
Thanks a lot!
|
Posted by CooliceHost, 09-03-2015, 06:36 AM |
block everything in firewall except cloudflare IPs
https://www.cloudflare.com/ips
P.S do not forget to allow your own ip or you will lock yourself from the server
|
Posted by DWS2006, 09-03-2015, 07:27 AM |
You could also do this on a site by site basis via .htaccess.
|
Posted by creativexbits, 09-03-2015, 08:19 AM |
Enable "Authenticated Origin Pulls"
More information can found here https://support.cloudflare.com/hc/en...cles/204899617
|
Posted by Srv24x7, 09-03-2015, 09:48 AM |
Hi,
One way you can do is you can actually stop the ICMP request, so finding out your IP gets even tougher for someone searching it.
|
Add to Favourites Print this Article
Also Read