Ethical Hacking: #4 Cloudflare
by asokawotulo on 26/06/2019Cloudflare is a Content Delivery Network (CDN), which is a phrase to describe a network of servers that enables files to be distributed to clients faster and more securely than ever. Furthermore Cloudflare is capable of protecting a server or web application from several forms of attacks such as Distributed Denial of Service (DDOS) attacks.
Cloudflare protects servers by hiding the real IP address of the server behind an IP address that Cloudflare provides. As a result whenever someone attempts to connect to a certain domain then all of the traffic going to that domain will go through Cloudflare instead of the real server. However, there are several steps that can be done in order to find the real IP address of a domain
Finding Real IP
1. Identify Cloudflare IP
If you try to ping a site that is protected by Cloudflare and attempt to access the site using the IP then you will be greeted with an error page
2. Find Server Info
Using Censys you can lookup the domain and potentially get the real IP of the server
3. Open the IP
Real site:
IP site:
Comments are closed.