Why having server’s ip address exposed on the internet is a bad thing?
Imagine having a site where IP address of server corresponds to the IP of the website. It would take attacker less than a minute to get ip address of the server, it’s location and on which hosting provider it’s being hosted on.
DDoSing is probably the biggest problem when it comes to security problems on sites. Even non-expert users are able to initiate DDoS attacks on sites, which means even everyday users are able to bring your site down if you don’t have proper protection.
Most of the hosting providers don’t have included DDoS protection and that means having your IP address exposed is a big risk and basically anyone could bring it down.
Imagine being in e-commerce business, like plenty of companies are, and there’s a high competition in the field. As an example, let’s now imagine two very similar sites, and both of them are selling branded t-shirts. Both of the sites would greatly benefit if they had no competition, and without DDOS protection, one could bring the other site down which would refer some customers to their site.
User can find your site (server) location if he has real IP address
Not that important, but still, why would you show the location of your server to end-user if you don’t have to?
If IP address is not hidden, site’s like iplocation.com would be able to tell exact or near exact location of your servers.
Protection against DoS/DDoS
Protection would have to include getting new IP address from hosting provider (since this one is already exposed to public), and using 3rd party services like Cloudflare.
All DDoS attacks would go through cloudflare then, and we’d be able to mitigate attacks.
Example of site with DDoS Cloudflare protection:
Other options are to use hosting that supports DDoS protection and has it integrated within a hosting.
Some of the companies that offer everything included are: ovh.com, photonvps.com, softsyshosting.com…