Highest Voted 'cloudflare' Questions - IT Security Stack Exchange

2

votes

1 answer

Is there any way to pretend like we are routing our request via cloudflare?

There is this Web App which uses cloudflare and to bypass certain things I had to find a way to access the actual web server directly. I tried numerous things and finally I think I have found the actual server's IP but seems like direct access to IP…

asked Jan 02 '20 at 13:07

John

21
2

2

votes

4 answers

How do I configure Azure Web Apps so that the only access is via CloudFlare?

I have a Web Apps (Linux) application on Azure, and I added a custom domain which I have protected with CloudFlare. I added Azure Security Center to my subscription. At the moment one can access the application either directly via…

web-application azure cloudflare

asked Dec 03 '19 at 18:31

gordon613

271
2
7

2

votes

2 answers

Can't Cloudflare sniff sensitive login data from its users' websites?

So I recently started using the free Cloudflare plan for my website to provide any sort of protection. And I noticed that, given they do the whole "We'll accelerate your website by caching parts of your pages!" they need to MITM the connections to…

tls man-in-the-middle cloudflare

asked Apr 05 '19 at 13:59

TheFuzzyFish

25
2

2

votes

2 answers

How does Cloudflare track their client? Tor is not a workaround

I mirrored a ecommerce site using wget. This site seems to use Cloudflare to handle their web traffic. What's interesting is that after 90 % or so of the mirroring was done, wget started to produce/receive a lot of error messages. I then tried to…

tor fingerprinting os-fingerprinting cloudflare

asked Aug 30 '18 at 07:30

hensti

151
3

1

vote

2 answers

CloudFlare - prompted for "attention required"

I am getting a CloudFlare - attention required / security check prompt on most of the sites I visit through my Macbook running OS X Yosemite, these sites work perfectly on other devices (such as iPad, iPhone, Android and Windows based laptop)…

malware virus macos cloudflare

asked Oct 29 '14 at 05:22

Dipak G.

111
1
1
3

1

vote

1 answer

Any Cloudflare's DNS over TLS (DoT) check + DNSSEC test?

In my original question from 2020, I was unsuccessful in my effort to setup Cloudflare's (link to docs) DNS over TLS (DoT) (link to wiki) in my old, and now decomissioned, router: Does Cloudflare's DNS over TLS (DoT) implement DNSSEC too? Now,…

dns router dnssec cloudflare dot

asked Mar 23 '22 at 06:53

LinuxSecurityFreak

1,562
2
18
32

1

vote

0 answers

How are DDOS protection mechanisms setup when confidential data is involved?

Scenario: A hospital has the records of all patients. There is an online portal where patients can login to see their personal medical data. Since a hospital is an obvious target for any type of hack, the hospital decides to implement DDoS…

ddos sensitive-data-exposure cloudflare

asked Jan 07 '22 at 07:00

groundwine

11
1

1

vote

2 answers

Bypass WAF to perform XSS?

I am trying to find an XSS in website protected by Cloudflare. I use Burp to find which HTML tags allowed. Only the

Questions tagged [cloudflare]