So i have a domain that I have been using solely for homelab and VPS services (domain.example).
I have my A and AAAA record for my VPS proxying through cloudflare (proxy.domain.example) and a DNS A record pointing towards my homelab for my home Wireguard (wg.domain.example) with no other records pointing home or anywhere. I have a couple of services at home with certificates for example (proxmox.domain.example, nas.domain.example, router.domain.example) that are using cloudflares API token but they do not have records listed at cloudflare
Now my issue is I specifically setup a Cloudflare WAF to block every continent/country except my own and this is now showing in the events that a crawler is attempting to access router.domain.example, nas.domain.example, homeassistant.domain.example. Do I have any reason to be concerned and also how would this web crawler only be searching for my home lab domains. None of these services are public facing.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
[Thread #613 for this sub, first seen 19th Mar 2024, 10:35] [FAQ] [Full list] [Contact] [Source code]