top | item 16182853

(no title)

hughesey | 8 years ago

You can also potentially view the historical DNS A records for the domain to view the pre-Cloudflare IP at http://viewdns.info/iphistory/.

discuss

tyingq|8 years ago

If you're determimed, though, you just null route, or block, etc, everything other than Cloudflare inbound.

pheldagryph|8 years ago

For many, many DDoS scenarios this does not work. The spurious packets may saturate an upstream ISP, causing that ISP to unilaterally apply a null route or block for all packets for the targeted origin IP. No CloudFlare packets would arrive at all.

If one is concerned about DDoS, one should work with their ISPs on the plan of action for various scenarios. Finding out their procedures when ones' hair is on fire is not fun.

bdibs|8 years ago

It’s easier than you might think, I used to blackhole anything non-Cloudflare and they offer a list of their IP’s:

https://www.cloudflare.com/ips/