Question about DDOS protection, IP etc

Question about DDOS protection, IP etc

Greetings!

My question will be a bit specific, I hope some of you will give their opinion.

We have been asked by the owner of a quite large website under WP (50.000 articles, 1.500.000 comments, growing every day) to do some specific work. Normally, a guy Mr.X is in charge of all hosting tasks but for some reasons the owner asked me to do some tasks.

According to the site owner, and according to what Mr.X told him, the server is hosted in the US for “freedom of speech” reason and there is a protection against DDOS.

A Whois on the domain shows a Cloudflare IP address.

Name Servers:
LOLA.NS.CLOUDFLARE.COM (has 21,361,528 domains)
TOM.NS.CLOUDFLARE.COM (has 21,361,528 domains)

IP Address 104.21.234.106 – 74 other sites hosted on this server

So far, so good. But…

To do my work on the website I installed a WP plugin and what I discovered got me in trouble. The plugin is “Wp system info” by Nurl Amin (No advertizing here, just explaining). And what did I see there? In “Server IP address” I saw … an IP address Cloud Computing Services

Making a Whois on this IP I discovered that it is located in Europe, and not in the USA. Hosting company name XXX, city, in Europe.

Typing the IP address directly (in http, so) in the browser doesn’t give anything.

BUT typing the IP address in https sends me directly …to the website that is supposed to be hosted in the US.

My logical deduction is that the server itself where the website is hosted on this IP address, is located in Europe.

I told this to the site owner as this question is critical for him due to the website’s content, he doesn’t want to believe me, but doedn’t want to ask Mr.X about this. Seems he worries that Mr.X, who has full access to server and domain name, decides to do some naughty things…

Moreover, the site owner in fact has TWO websites. I asked the admin access on the second site: Same result, and SAME IP address! Plugin WP File manager allowed me to see full paths of both sites:

Site 1 = /home/client1/web/
Site 2 = /home/client2/web/

For me things are crystal clear: both sites are on the SAME SERVER, share the SAME IP address in Europe, and so are located in Europe, in company XXX, and their traffics are routed through Cloudflare for cleaning.

For the site owner “I know Mr.X a few years, he is a good guy, etc”. And he pays him 6000 euro a year for the 2 sites…!!

What do you think?! Am I right about this?

I will then send the sites owner to this forum to check your replies.

Thank you!

Clickbank Products

Tags: , , , , , , ,
Previous Post
Resurgent FluBot malware targets German and Polish banks
Web Hosting News

Resurgent FluBot malware targets German and Polish banks

Next Post
shockhosting review
Web Hosting News

shockhosting review

Leave a Reply

Your email address will not be published. Required fields are marked *