Hacker News new | ask | show | jobs
by theunixbeard 1396 days ago
Presumably if your site is behind Cloudflare then this strategy won't work, right? Since the IP addresses that Security Trails sees are just of Cloudflare rather than your actual Heroku IPs...?

Or is it possible in the Cloudflare dashboard there is somewhere to see your Heroku server's IP address?
4 comments
bfirsh 1396 days ago
You need to put in the herokudns.com address that the CNAME is pointing at – e.g. stark-wisteria-rnbgkawldfk6gq7m8308ytts.herokudns.com in our case.
link
iuliu 1396 days ago
For me the securitytrails.com website just crashes. I put my DNS target: "stark-horse-mrp4jeowu9yvwpnnma32x6hd.herokudns.com", clicked "Run Check" and it seems to redirect to a failed (no CSS) webpage. Anyone else experiencing this?

EDIT: I MANAGED to make it work with this:

https://www.nslookup.io/

Make sure to go through all the tabs at the top (Cloudflare DNS, Google DNS) - for me they were all "no A records found". Only "Authoritative" gave me 3 A records which I successfully managed to use.

link
eappleby 1396 days ago
That seems to happen when you put in a DNS target that doesn't have any records in SecurityTrails. In that case, it is best to use nslookup
link
jonathanreinink 1396 days ago
Yeah securitytrails.com was working for me, but went down about 10 mins ago.
link
jplehmann 1396 days ago
Thanks so much, it worked for us.
link
rsweeney21 1396 days ago
We use cloudflare. If you look up the IP address for your public domain name, you will get the cloudflare IP, yes. If you lookup the IP address of the CNAME target, you will get the heroku IP.
link
estafaa 1396 days ago
on Cloudflare do you create A records (with found IPs) with name "www" or "mydomain.com"? also do you make that A record proxied or no? Thank you!
link
alexpoof 1396 days ago
For my domain (https://www.poof.io), it's www.

If you just use something like https://poof.io, then it would be @. Depends on your site.

There should be a few historical IP addresses, but you would create an A record for each of them.

link
rickyc091 1396 days ago
Use an A record and type in @. Proxied is fine.
link
ladybro 1396 days ago
Worked for us on Cloudflare
link
tdehnke 1396 days ago
We use Cloudflare + Heroku and it worked for us.
link