: Does using the same mail and web server increases risk of DDos due to IP exposure? I use the same server for sending my emails and web hosting.I send user registration and support forum mails
I use the same server for sending my emails and web hosting.I send user registration and support forum mails from my server and occasional marketing mails or newsletters.
I read on a cloudflare blog that if I use the same server for email and web hosting the headers of the mails sent will contain my IP which will make me exposes to DDos attacks but my hosting providers says that there is no such threat with IP's in mail headers.
I am confused if it's okay to use the same server for both web and mail and does having my server's IP in the mail header really does increase the risk of DDos.
Here is the cloudflare link
More posts by @Kimberly868
3 Comments
Sorted by latest first Latest Oldest Best
Cloudflare suggest the right thing. Here is good article worth to read.
Hope you already setup MX record for your site let's say support@yoursite.com, and you already protecting it with their server. So whenever any guys sent you email to that address, and your server reply back automatically or manually, then attacker check Show original message and find receive from line to check IP address of mail server. So here Cloudflare protecting you, because you are hiding that Mail server with cloudflare.
But, if attacker sent gmail mail to bogus email address like hey@yoursite.com, then Gmail gives error about, mail sent to that server is failed and here attackers get your real IP address, because your origin mail server sent information to Google SMTP and Google SMTP sent information to recipient/attacker.
Does using the same mail and web server increases risk of DDos due to IP exposure?
Probably. The Cloudflare blogpost explains this pretty well. Cloudlares DDoS protection can be bypassed if you expose the IP address of your server, as attackers can now directly attack your server. They couldn't do that before, because all they had was an IP address that pointed to Cloudflare (which - unlike your server - does have DDoS protection).
We can't really say if you specifically are affected by this, but to be safe, the easiest way would be to just follow Cloudflares advice. Otherwise, check if emails from your server indeed do disclose the servers IP address.
Of course, an attacker might gain your IP addresses via many different means. Cloudflare mentions some others: Server allows outbound connections, general information disclosure, old DNS records, etc.
So if you do want Cloudflares DDoS protection, you will have to make sure that your IP address is not disclosed via any of these channels.
I do not know what CloudFlare is thinking. IP addresses are always exposed. Afterall, that is how the Internet works!
As well, DoS/DDoS is always a targeted and intentional act. It does not just happen because one day a hacker woke up and decided to ping the snot out of your site. They may hate Target and ping the snot out of their site, but not you who they do not even know. Besides, DoS/DDoS is not as much fun as it used to be. That is so beyond yesterday, it makes hacking into Paris Hilton's phone seem like the stone age. Hackers are into espionage these days. Think Snowden. Everyone wants the notoriety without the hassle of going to the Kremlin.
Do not worry about it. It is done every day far more times than not.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.