tencent cloud

Anti-DDoS

Release Notes and Announcements
Release Notes
Announcements
Product Introduction
Overview
Strengths
Use Cases
Concepts
Blocking Policies
Relevant Products
Comparison of Anti-DDoS Solutions
Purchase Guide
Billing Overview
Purchase Directions
Getting Started
Anti-DDoS Pro
Anti-DDoS Advanced
Operation Guide
Operation Overview
Protection Overview
Usage Limits
Asset Center
Business Connection
Smart Scheduling
Protection Configuration
Security Operations
Service Management
Practical Tutorial
Remote Protection Scheme with Anti-DDoS Pro
Using Anti-DDoS Pro Together with WFA
Suggestions on Stress Tests
Solutions to Real Server IP Exposure
Creating an Anti-DDoS EIP
Configuration Directions and Notes on CC Protection Policies
Syncing Forwarding Rules to New Anti-DDoS Advanced Instances
‌Smart Scheduling of CTCC/CUCC/CMCC Traffic
Troubleshooting
Business IPs Blocked Due to High-traffic Attacks
‌Business IPs Blocked When DDoS Attack Traffic Doesn't Reach the Threshold
How to Fix a 502 Bad Gateway Error
"No ICP filing" Prompted During Domain Name Connection
A public IP suffered DDoS attacks
API Documentation
History
Introduction
API Category
Making API Requests
Anti-DDoS Advanced Instance APIs
Resource List APIs
Protection Configuration APIs
Other APIs
Alarm Notification APIs
Connection Configuration APIs
Intelligent Scheduling APIs
Black hole unblocking APIs
Statistical Report APIs
Data Types
Error Codes
FAQs
Blocking
Attacks
Features
Billing
Service Level Agreement
Product Policy
Privacy Policy
Data Processing And Security Agreement
Glossary
Documentation Anti-DDoSPractical TutorialSolutions to Real Server IP Exposure

Solutions to Real Server IP Exposure

PDF
Focus Mode
Font Size
Last updated: 2024-07-01 11:38:27
Some attackers may record real server IP history, and the exposed IPs allow them to bypass Anti-DDoS Pro and directly attack your real server. In this case, we recommend that you change the real server IP. Before changing the real server IP, you can refer to this document to check the risk factors to prevent the new IP from disclosure.

Checklist

Checking DNS records

Check all DNS records of the attacked real server IP, including the DNS records of subdomain names, MX (Mail Exchanger) records, and NS (Name Server) records. Make sure all these records are configured to point to the Anti-DDoS Advanced IP, so that the DNS is not resolving to the new real server IP directly.

Checking for information disclosure and command execution vulnerabilities

Check websites or business systems for possible information disclosure vulnerabilities, such as phpinfo() disclosure and sensitive information leakage on Github.
Check websites or business systems for command execution vulnerabilities.

Checking for trojans and backdoors

Check the real server for potential trojans, backdoors, and other hidden dangers.

Other suggestions

To prevent attackers from scanning the C range or other similar IP ranges, do not use the same IP or an IP similar to the old IP as the new real server IP.
We recommend you prepare the backup linkage and the backup IP in advance.
We recommend you set the scope of access sources to prevent malicious scanning.
Previous Topic: Suggestions on Stress TestsNext Topic: Creating an Anti-DDoS EIP

Help and Support

Was this page helpful?

Help us improve! Rate your documentation experience in 5 mins.

Feedback