Keeping original IP exposed makes attacker life easier to prepare for an attack directly on the server.
You might be using cloud-based security, but if you haven’t taken the necessary action to hide the actual server IP, then most probably hackers will find that and turn your website down and hurt the business and reputation. DDoS is dangerous for online businesses.
A recent study by CloudPiercer shows over 70% of cloud-based security protected websites is exposing their real IP address.
Let’s take a look at online tools, which will help you to test origin IP vulnerability.
CloudPiercer scans your website to discover the original IP using a various, methods including.
- IP history database
- DNS Records
- Sensitive files
To protect privacy, you need to verify the domain ownership by adding a TXT record, Uploading HTML file, or adding a <meta> tag on your homepage.
So go ahead and give a try! Scan results may take a few minutes. I got my report in 10 minutes.
Censys search engine helps you to find how websites are deployed and reveal the origin-IP (if found) of URL.
Crimeflare (Only for powered by Cloudflare)
Crimeflare may help you to find the original IP of a website powered by Cloudflare only.
And a few more I mentioned here.
How to possibly fix the “Origin IP” vulnerability?
There is no real answer, but one of the essential things you could do is to change the IP address once the CDN/Security/DNS provider protects the URL.
To make it simple, let’s say you have example.com hosted on XYZ Hosting. And you decide to protect with some DNS/Security Provider.
What you could do in this scenario is – Get your website protected by DNS/Security provider, and once you are all done with configuration. You need to request your hosting provider to provide a new IP so you can update the new IP in DNS/Security provider directly. By doing this, your new IP is not exposed to the Internet and potentially safe.
If you are using Cloudflare, then you may try their Argo Tunnel to protect the origin server.
I hope this helps you to find if your website origin IP is exposed or not. You may also consider implementing cloud-based DDoS protection from Cloudflare or SUCURI.
More great readings on Security
How to Scan and Fix Log4j Vulnerability?Amrita Pathak on May 10, 2022
How to Protect Your WordPress Site with iThemes Security ProHitesh Sant on May 7, 2022
11 Disaster Recovery Solutions for Small to Medium Businesses Tamal Das on May 7, 2022
8 Best Cloud Access Security Broker (CASB) SolutionsAmos Kingatua on May 11, 2022
12 Security Features Your Web Hosting Provider Should HaveAnkush Das on April 27, 2022
How to Use Nmap for Vulnerability Scan?Ashlin Jenifa on April 7, 2022
Join Geekflare Newsletter
Every week we share trending articles and tools in our newsletter. More than 10,000 people enjoy reading, and you will love it too.