Cloudflare-watch is a group of security researchers that defeat cloudflare protection rather often by exposing the IP addresses of said sites.
Not 100% sure how they go about it, but they scan the internet for sites that are cloudflared to find IP's, checking each one with the cURL host option. it works very well, except for one thing. You can add subdomains that bypass cloudflare, for direct access.
The way cloudflare resolvers work is they check prefixes and sometimes suffixes in order to find direct connect addresses, which makes it sound like that's a bad thing and they should never be used. However, you can point these to any address you'd like. It stops not only skids, but cloudflare watch, too, because it saves them server resources.
Step 1:
Login to cloudflare. Manage the DNS entries for your site.
Step 2:
Add a subdomain named direct or ftp. Point it to any address, cloudflare-watch give you page titles upon requesting info about a site, but if you have access to hosting somewhere separate you can add your domain there and upload a duplicate of your site, if you'd like to go that far.
Step 3:
Wait for cloudflare-watch to crawl your shit, they'll get the IP for the subdomain.
Step 4:
f***ing profit. Bonus points if you used hackforums' IP, or a governement IP address so fuckheads get V&.
