So i have a domain that I have been using solely for homelab and VPS services (domain.example).

I have my A and AAAA record for my VPS proxying through cloudflare (proxy.domain.example) and a DNS A record pointing towards my homelab for my home Wireguard (wg.domain.example) with no other records pointing home or anywhere. I have a couple of services at home with certificates for example (proxmox.domain.example, nas.domain.example, router.domain.example) that are using cloudflares API token but they do not have records listed at cloudflare

Now my issue is I specifically setup a Cloudflare WAF to block every continent/country except my own and this is now showing in the events that a crawler is attempting to access router.domain.example, nas.domain.example, homeassistant.domain.example. Do I have any reason to be concerned and also how would this web crawler only be searching for my home lab domains. None of these services are public facing.

  • RegalPotoo@lemmy.world
    link
    fedilink
    English
    arrow-up
    17
    ·
    8 months ago

    It’s not just let’s encrypt - the common names of any SSL cert issued by a public CA have to be recorded in a public certificate transparency log. You can use tools like https://crt.sh to search the logs