How to hide Origin Server IP address from Reconnaissance tools

When it comes to web server security, I am a paranoid person.

On DigitalOcean, I'm running a server. They refer to it as a Droplet. Cloudflare is my DNS provider, and Cloudflare proxies and protects my server from DDoS attacks.

However, I tried to search my domain on ZoomEye.org's cybersecurity search engine, it found my Origin IP address. According to researchers, hackers just need to know the Origin IP address in order to DDoS a website. It makes no difference if the technique is L3 or L7.

How to avoid your server from revealing its IP address on these kinds of cybersecurity search engines?


Solution 1:

One can hide the origin server by tunneling traffic to the server via another server, and associating the tunnel server with the DNS entry.

Then you set up origin server firewall to block HTTP/HTTPS connections from all other IP addresses except the tunnel server.

Cloudflare's Argo Tunnel is one solution to this.