I am getting a lot of suspicious traffic recently, and i want to block it. I thought it would be good idea to block all traffic coming outside of cloudflare (all of my websites using CF Proxy and Origin Certs) which documented here.
But i have few questions in mind. I need to include Cleavr’s IPs as well as time to time i need to allow some IP addresses to access to server. I don’t have static IP address, so scared to lock myself out of the server.
What are you looking to block exactly? You could configure NGINX to filter out the traffic outside of the Cloudflare IPs, however, are the source of the suspicious traffic trying to hit the servers by some other means outside of the site hostnames that are routing through Cloudflare?
It seems it directly hits the IP address with or without targeting hostnames. I am now custom to firewall usage on cleavr where i add IP addresses for database access from local and such, that is the same thing i want with the iptables as well. Time to time i want the ability to give access to myself or any of my teammates’ IP addresses. Cleavr has static IP so i wonder if it can help me with it just like firewall config (I believe iptables works before the firewall?).
I don’t really have much of a knowladge on this topic, but this is my concerns. If i lost access to the server probably i have go to hetzner’s dashboard and access to the console there, but not all server providers has this feature. Little bit lost in thoughts, and don’t want to risk it while trying. I have enough work to do );
But doing it on nginx scope seems better in my case? Will take a look at it.
Note: Those requests also makes server’s cpu usage 100%