Introduction:
Cloudflare offers DDoS mitigation and Internet security services by acting as an intermediary between website visitors and the server hosting the content. It is a leading provider of free CDN services.
1. Registration:
To use Cloudflare's services, you need to register on their platform. You can do this by visiting:
Cloudflare Registration
Enter the domain you wish to protect in the "Add your site" field and click the "Add site" button.
Select a suitable Cloudflare service plan (the free option is also sufficient). Proceed with the DNS record scan by clicking the "Continue" button.
2. DNS Change
Set the nameservers provided by Cloudflare (e.g., dane.ns.cloudflare.com and tegan.ns.cloudflare.com, though yours may differ). This change must be made through your domain registrar (the company where your domain is registered). Both nameservers are required. The update will take effect once the DNS servers' TTL has elapsed.
After making the change, you will need to wait for the process to complete. Cloudflare will automatically refresh the information. You can also manually initiate a check by clicking the "Re-check now" button. If you close the domain management panel, you can reopen it by selecting the "Overview" menu option and choosing your domain.
3. Changing the Attacked IP Address
Once Cloudflare is active, it should reflect the DNS records currently set on your existing servers. You can adjust these records now or wait until later, as updates will be required eventually. For guidance on managing DNS records in Cloudflare, visit this support article.
Verify that Cloudflare is fully protecting your domain. In the "Overview" section, you should see a confirmation message indicating that protection is active. When Cloudflare's protection is active, it will obscure your server's IP address, as shown in the image above, by routing traffic through Cloudflare's reverse proxy.
FROM THIS STEP, DO NOT TURN OFF CLOUDFARE PROTECTION THAT HIDES THE IP ADDRESS.
Cloudflare’s protection is crucial because the old IP address, which was previously attacked, is still associated with your server. To address this, you should order an additional IP address for your VPS.
Once you’ve paid for the new IP address, open a ticket from your client area requesting the replacement of the old IP address with the newly ordered one. This step is necessary to ensure that the old, attacked IP no longer directs harmful traffic to your server.
4. Final Changes for Domain DNS Zone Records
After the old IP address has been replaced, we will notify you through the ticket system. At this point, you need to update the domain DNS zone records in Cloudflare. Replace the old IP address with the new one using the DNS change guide provided earlier.
