New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
How to hide Webserver IP?
I'm running Wordpress blog, I want to hide webserver IP, here they way i do:
Visitor --> Cloudflare --> Nginx reverse proxy --> Webserver
Mail is disabled, use external SMTP
It looks nice, but i have a question: Can someone leak real IP when I allow them upload media in Wordpress?
Comments
One more question, is it posible to build wordpress blog with external editor panel (wp-admin) ?
I know one wordpress which has external wp-admin , ex:
Main site: domain.com/wp-admin
Editor site: editor.domain.com/wp-admin
Contributor can post, edit from editor site and post will appear in main site
P/S: sorry for my bad English
The NSA knows everything
Might as well be just a simple vHost setup (http://stackoverflow.com/questions/3367581/how-to-run-wordpress-admin-on-a-different-subdomain), but otherwise I think this could be achieved with some tinkering and an common/external database.
Additional ressources might be:
well done
My site is small news site and i'm happy if NSA want to see my data )
I just want to hide my IP from hackers
Plugin in this link isnt updated 2 years and not work with new WP version
I believe just cloudflare will be sufficient if done right , about uploading , cloudflare allows you to upload files of upto 10MB or something around that size via their network .
Also , for mail you could use mandrill (free 12k emails per month) instead of using SMTP ,it will also lower the chances of emails from your server to be flagged as spam.
You could also give Hide my wp a shot as well.
Can contributor know real IP if i allow them upload image to WP gallery?
Your setup is sufficient - they won't know the server's IP.
Cloudflare on the other hand can and will forward abuse emails to your host, and any other government services can request the server's IP from CloudFlare. You are only hidden from your visitors and/or website contributors.
No.
Just want to hide from hackers
Just be sure that any wildcard subdomains or any other subdomains such as ftp, mail etc. doesn't show the real ip. Or your own name servers.
I'm going to disagree with you, it can leak IF you allow wordpress to fetch from remote locations, you can end up leaking it.
However, if it's wordpress, unless you're hosting something incredibly illegal, then why try to hide?
He just wants to hide from hackers as mentioned above.
I want to hide real IP from hackers, they may ddos real IP if they know. I have filtered IP act as nginx proxy at front end.
When contributor post a post with image hosted on their own site, is my IP leaked
Once the ip is seen by robots you cant hide it.
I stand corrected. I was thinking of the "media" section where you can only upload, but you are right - adding media from inside a post has an "insert from url" feature. Thank you for pointing this and my apologies to the OP for misleading him.
Then how to disable remote function in WP
rm -rf /directory/to/Wordpress
Or
Disable updates and Disable XML-RPC API.
^ There may be more to disable, but I haven't used WP in a long time.
A smtp server usually leaks the backend IP aswell.
Use a provider that hides the backend IP.
To deal with outgoing ip , you could either force your editor(s) to download the image on their device first and then upload it your server or hook a proxy function when fetching any external resource(s) (get a few dirt cheap proxies for a few bucks per month and use them)
Also i should point that if your server was without cloudflare for a while and you have not changed your servers ip address then your servers reall ip address is probably logged in many whois web directories, if that is the case , you should change your servers ip address.
"hook a proxy function when fetching any external resource(s)" < ___ how to do?
I have nginx reverse proxy front of my webserver, and CF front of nginx proxy, is it OK?
About adding a proxy function to wp_remote_get , you will have to look that up , i have never really done it , but i am pretty sure you can hook a proxy function to wp_remote_get.
You can read more about it here -- https://codex.wordpress.org/Function_Reference/wp_remote_get
You will be fine , don't overthink ...
Requests initiating from the server won't pass through the reverse proxy ....
i can confirm this, they usually forward your real server ip in the header
Mandrill leaks server IP. There some that don't, such as Mailjet.
Use Amazon SES as SMTP
Ensure Cloudflare is enabled (check the cloud colors).
You should be fine
Thanks for the heads up, i was thinking of using mandrill ..Looking into mailjet