An American e-commerce entrepreneur found on February 20, 2022, that some hackers had attacked his website, causing the website’s database server to go down. At that time, he started receiving more orders and became very frustrated due to this problem.
The client then thought that the security issue needed to be reviewed. He started looking for an expert who could easily protect his website from this problem.
Then he contacted Abdullah and said that his website’s database server was down, so his customers were not able to order any products. Abdullah then reviewed his website and found that it was built with PHP without any framework. Abdullah analyzed and found some weaknesses in the website, such as the server IP being exposed and direct IP access being enabled, which the client was unaware of.
Abdullah also discovered that although Cloudflare was being used, the IP address of the server was publicly available. The client had obtained the server from a company called Rackspace. Abdullah then explained how to secure a website with Cloudflare.
Abdullah checked the following things:
Whether there was any proxy enabled in the DNS settings on the client’s website or if DNS-only mode was enabled.To get Cloudflare’s firewall protection, it must be proxied.The whitelist IP addresses in Cloudflare must be enabled on the server side.
The client then opened a support ticket with Rackspace to enable these settings. Then his site was back online.
After a few days, the client’s website went down again. Further analysis showed that the website was being crawled continuously from one or two IP addresses. It turned out to be a Pinterest bot visiting the website for one hour every day, generating millions of hits, causing the server to be overloaded.
The two specific IP addresses were blocked. The Pinterest bot was also banned. Attacks coming from some countries were blocked using Cloudflare’s country block option. Additionally, they checked for any issues in the SSL configuration and made sure there were no conflicts between Cloudflare’s firewall system and the server’s firewall. After analyzing and resolving these issues, the client’s problems were solved.
Finally, Abdullah explained that Cloudflare is a layer of security in front of your web server. Cloudflare is not the ultimate solution; it protects your web server 99% or more than 90%, but not 100%. Since Cloudflare works on the application layer of the OSI model, if there is a drawback with Cloudflare, it cannot protect your website completely.
Therefore, to work with Cloudflare on a website, many things have to be taken into consideration.
In conclusion, Abdullah’s experience working with the client was that he was able to ensure the client’s server security using Cloudflare. As a result, the client was happy with him, and Abdullah received positive feedback from the client.