How to hide Origin Server IP address from Reconnaissance tools

security ubuntu ddos digital-ocean ips

When it comes to web server security, I am a paranoid person.

On DigitalOcean, I'm running a server. They refer to it as a Droplet. Cloudflare is my DNS provider, and Cloudflare proxies and protects my server from DDoS attacks.

However, I tried to search my domain on ZoomEye.org's cybersecurity search engine, it found my Origin IP address. According to researchers, hackers just need to know the Origin IP address in order to DDoS a website. It makes no difference if the technique is L3 or L7.

How to avoid your server from revealing its IP address on these kinds of cybersecurity search engines?


Solution 1:

One can hide the origin server by tunneling traffic to the server via another server, and associating the tunnel server with the DNS entry.

Then you set up origin server firewall to block HTTP/HTTPS connections from all other IP addresses except the tunnel server.

Cloudflare's Argo Tunnel is one solution to this.

Related

CentOS Certificate Authority increase key strength
listen tcp 127.0.0.1:9090: bind: address already in use
Can't log into Centos SSH server after changing port
Conflict with dependency 'com.android.support:support-annotations'. Resolved versions for app (23.1.0) and test app (23.0.1) differ
64-bit version of Boost for 64-bit windows
Windows equivalent of the 'tail' command [duplicate]
Cron jobs and random times, within given hours
Cannot resolve symbol '?attr/actionBarSize' after updating Android Studio from 2.3 to 3.0 for buildToolsVersion '26.0.2'
Swift: How to get substring from start to last index of character
How do I import .sql files into SQLite 3?
How to hide status bar in Android
lodash: mapping array to object