Improved Cloudflare support increases accuracy of system alerts from Joomla dashboard

cloudflare-logo-horizontal

Today we are excited to share a small but useful feature for your Joomla dashboard — improved support for CloudFlare.

The new feature dramatically reduces the number of Watchful-generated false-positive alerts that the IP Address of your CloudFlare-enhanced website(s) server has changed.

By whitelisting CloudFlare IP Addresses, Watchers can now re-enable notifications for IP Address changes without worrying about a constant flood of email notifications.

What is CloudFlare?

CloudFlare is a popular service that improves the performance of your website while protecting it from intruders and malicious scripts.

To deliver these services, the traffic to and from CloudFlare-enhanced websites is routed through specialized servers. In other words, CloudFlare serves as a reverse proxy.

CloudFlare requires updating the domain name servers for your website. Thus, domain-related lookups such as ping and traceroute return CloudFlare IP Addresses.

Importantly, the CloudFlare IP Address returned from these lookups will rotate regularly.

So what’s the problem with an IP Address change?

Since IP address changes are relatively rare in production environments, this can be a soft/early indicator of an intruder or perhaps even a compromised account at the domain name registrar.

Thus, monitoring the IP Address of your website should be included in any Joomla security policy. For this reason, IP Address monitoring is one of the original features of Watchful.

Unfortunately, most Watchers who use CloudFlare disable notifications related to IP Address. Disabling these notices in your account settings stops the near-continuous number of alerts generated by the rotating nature of the CloudFlare addresses (see above).

So ... you fixed it, right?

To prevent these notifications, we created a notification whitelist for the CloudFlare IP Addresses. Thus, these IP Addresses no longer generate alerts.

This feature was quietly released a few weeks ago.

What if I don’t use CloudFlare?

If you are not using CloudFlare, then this feature will likely go unnoticed to you.

However, we encourage all site owners to try this free service and see if it provides benefits and enhances security for your website.

Testimonial

Sander Potjer
Thanks to the built in support for the ACL Manager Download Key, users of Watchful.li can update ACL Manager on all their sites with just a single click. Sander Potjer / aclmanager.net