កាល​សង្រ្កាន្ត​

Hi, ALS TEAM I'm writing to flag a configuration issue I noticed with als.social. It looks like your origin server's IP address is publicly resolvable and reachable directly, which means traffic can bypass Cloudflare and hit the origin without going through your WAF, rate limiting, or DDoS protection. This is a common oversight and is straightforward to fix. The usual remediation is: 1. At your cloud provider's firewall/security group, restrict inbound traffic on ports 80 and 443 so it only accepts connections from Cloudflare's published IP ranges (https://www.cloudflare.com/ips/). 2. Make sure no DNS records (A, AAAA, MX, or historical records) point at the origin IP directly. 3. If the IP has been exposed for a while, consider rotating to a new origin IP after locking down the firewall, since the old one may already be cached in scanning databases. I'm sharing this in good faith and haven't probed further. If you have a security contact or a security.txt, feel free to point me there for any future reports. Best regards

💙