Cloudflare - Unauthorized Access Possible?

neurokrish

My Cloudron server is behind Cloudflare. I recently got an email from Cloudron saying that there is a new login to my a/c from this IP - 172.70.178.75. This happens to be that of Cloudflare. Has someone gained unauthorized access to my a/c or am I simply paranoid here?

Of course, I have now changed the password and enabled 2FA.

Thanks!

robi

@neurokrish Generally no, as the API key is only good for managing the DNS records, not logging in.

girish

Could just be you re-logging into your dashboard? The email message is for your Cloudron dashboard logins and not for usage of Cloudflare keys. Currently, we just track the last IPs that a person logged in from. I guess Cloudflare has a bunch of IPs, so I suspect the warning can be ignored.

neurokrish

@girish I suspect the same as well. Yes, I logged on to the dashboard. I will ignore this for now as I am not too worried with the 2FA enabled now.

robi

You can also check to see if that is your current IP

I think CF changed their security to notify on all logins..

neurokrish

@robi I checked my IP. It's not the one I posted. The IP probably changes as @girish mentioned.