I am a PHP coder but not a server expert so I wondered if anyone could answer the following query.
Is there a way that a bot can determine the IP of my server when it runs through Cloudflare?
Someone suggested that folk could try ftp.domain.com and things like that. I do not have that setup on my server although Cloudflare do set this up automatically for you when you register a domain.
If you are a server expert and wanted to determine the actual IP of a server, how would you go about it?
Thanks.
PS: I do not want my IP public, hence the question.
Someone that really wants to find your server IP address probably can. We're only going to really stop basic lookups from returning your IPs, but we can only proxy web traffic & some records on your domain (mail, for example) may still return your server IP.
We do have some tips on minimizing the probability that someone could find it easily with these guidelines.
Related
So I have a VPS (Cent Os 7) and using openvpn I created VPN having an address of 10.0.8.1 now on my front end I connected to VPN using openvpn after connecting I get access to websocket on 10.0.8.1 but its not secure I want access to wss on the same address. I have also tried using a secure domain name to connect but it still fails I can only connect it with either http or ws and not with https or wss
This is very trivial as far as a question but all in all, without telling you how to perform anything in details - the question is WWAAAYYY too broad to even consider answering without unevitably creating more questions than solving a problem or helping you.
You need to add cryptography to your websocket server, same as a web server is able to run in HTTPS mode rather than unencrypted. I'm sure you can see the similarity between both abreviations of the respective protocols and how they are different from their original, unencrypted/vulnerable default configuration.
http -> https
ws -> wss
Start reading on adding a SSL certificate to your websocket server config and then you will have a WSS connection - if all goes well of course!
I believe in you
p.s. - this is not the type of question that is very well received by the majority of the community. It is too broad to be of any interrest to anyone.A complete, well-built, comprehensive answer isn't something that fits within the boudaries of most community members as there is WAY too many variables and unknowns here. Anything will most likely create more questions (of this quality) than help you or anyone else. You lack basic knowledge in order to construct a question that doesn't sound anything other than 'i need a full tutorial'. Community doesn't provide tutorials, custom solutions or anything that resssembles a full product/service. We rather help solve smaller, more precise and clear issues that pop up day to day in the field. Generally, when someone "talks the talk", it implies that the bases are covered and an issue arose. For now, you must learn to "walk the walk" i suppose.
Everyone wore the same shoes at some point or another and good memory comes from remembering such stuff from when we started playing with the wall socket angry pixies!
Cheers!
How it's possible that Cloudflare proxy has always US IP address or Google, Netflix and etc when i access on their websites from Asia, why i don't see some Asia IP (I expected the most close server to me and not in US).
Why i connect like first to US IP, ok, they will have some kind of load balancer server, but for the most low latency for TTFB why it's works like that or is the US IP address associated to some Asia server?? What is the trick?
I tried find some info how it's works but it's always same answer and doesn't explain anything for me..it's just saying that it's in power of DNS..I know about GEO DNS, but there is my end, but simple GEO DNS will always show different IP then is there another layer of something?
I'm just lost..
As far as I know, the "proxy" feature of Cloudflare will always display and "use" an US based IP-Address.
Your request is still sent to the nearest Cloudflare data center (somewhere in Asia, in your case).
But the "proxy" IP (which is static), is always the same.
Not entirely sure though, might as well be worth contacting their support team and asking for exact information on this.
I am trying to set up what is possibly a webserver that can detect the IP addresses of the clients that try to access the webpage. In the simplest terms.
1)Let there be a table on the website.
2)Each time a client requests the website, its IP address gets added to the entry of the table.
I have made a webserver before using apache tomcat and even nodejs. But I have no idea how to detect IP adresses. I would also like to know if its possible to set this up online, in the cheapest possible way.
Perhaps nodejs would work using request.connection.remoteAddress, as in this example.
I was developping an app, and running a server from home on a private IP on port 8080 (This is the only port coming from my IP that is exposed to the internet). Its just a simple java IO socket.
But I constantly have random people trying to connect from random IPs coming from the virgin islands etc.
Not sure if this is normal?
I did register at no-ip...because I have a dynamic IP, not sure if that might be exposing my home IP to some bots scanning things?
If anyone can shed some more light on this, that would be great.
I am running the socket server in sandboxie so that might mitigate attacks somewhat..I just hope its not anything like that. I also implemented some basic authentication now, and it will drop connections if they fail to authenticate..but before that, those random IPs would stay connected for many hours...its so weird.
As pointed out in the comments. These are indeed people scanning the internet.
Many of the observed IPs can be found in lists like this: http://global-threat.rmjconsulting.net/?op=prv_idstableLimit&limit=5000
I guess that proves again how important network security is and making sure no vulnerable apps are facing the internet.
Was kind of suprised by the frequency that this happens..
I am aware of how many times this has been asked based on searching StackOverflow, but I am still hoping someone could tell me whether I am wrong...
I am creating a peer-to-peer chat app for the iPhone. My initial idea was to avoid using a server, so Bonjour came to mind. I was happy coding for quite a while and implemented a lot of fancy features, but two days ago I started testing with two clients from different subnets and found that the clients couldn't connect to each other! I suddenly realized that Bonjour is meant for local networks and that a DNS server is necessary for wide area service broadcasting. Do I really need a server for Internet peer-to-peer chat? Are there any other options that do not involve using a server on the iOS platform?
I am wondering how you can do a chat app without using a server. There are many cheap solutions out there, Amazon has its own service, Google does as well. You can try first without even having to pay a cent.
I found the following from apple developer guide. This should answer your question -
Does Bonjour work between multiple subnets?
Yes. The first release of DNS Service Discovery (DNS-SD) for Mac OS X concentrated on Multicast DNS (mDNS) for single-link networks because this was the environment worst served by IP software. Starting in Mac OS X 10.4, Bonjour now uses Dynamic DNS Update (RFC 2316) and unicast DNS queries to enable wide-area service discovery.
To answer the question, the only way is for you to carry a list of all possible participants, and their current IP address, and for each possible participant to report to all others each time their IP Address changes. So, if you have 100 possible participants, then you must tell 99 others when your IP Address changes, and those 99 must tell you when their IP Address changes.
Bonjour may work on a LAN, a WAN or even a WAN, but it will never work on the internet.
The role of the server is so that each end point only need to tell one end point (the server) when it changes. My advice is get a cheap internet host, with a basic PHP / MySQL capabilities, and write yourself a very simple script to post and get user identities.