Questions tagged [cloudflare]
Cloudflare is a Content Delivery Network (CDN).
58
questions
0
votes
1
answer
49
views
Where to host custom catch-page Cloudflare?
Cloudflare offers the option to show your own custom catchpa-validation page instead of the standard page with the Cloudflare logo. You do this by making a HTML file with the ::CATCHPA_BOX:: ...
- 2,916
1
vote
0
answers
63
views
ECDSA certificates not impacted by Let’s Encrypt certificate chain change?
We received an email from Cloudflare about the upcoming Let’s Encrypt certificate chain change.
At some point, it states that "Additionally, this change only impacts RSA certificates. It does not ...
0
votes
1
answer
334
views
Why can't we encrypt twice instead of having Cloudflare MITM half the internet?
First of all I want to address a thought I had which is that they might market their ability to read the encrypted code being sent so they can spot "bots" and such, and that this is why they ...
- 11
0
votes
2
answers
243
views
Why does turning on encrypted DNS unblock some geo locked websites?
When I turn on Warp provided by Cloudflare or use 1.1.1.1, it unlocks some of the websites which are geo locked. How does it unblock the websites which are blocked by ISP?
- 11
0
votes
0
answers
103
views
2 network tunnels from 2 providers to 1 machine running docker, will this expose all containers on both tunnels?
I have a server running multiple docker containers, accessible through tunneling.
I want to create a new tunnel that is separate from the one I already have. Will the new tunnel service interfere or ...
- 1
21
votes
2
answers
5k
views
Which IP address would be most safe and suitable to use as a placeholder in a live system?
Is there a best practice IP address that is safe to use as a placeholder in a live public system on the Internet?
e.g. In a similar capacity, the domain name example.com is reserved and can be safely ...
- 385
2
votes
0
answers
1k
views
Checking IP's reputation on CloudFlare and Google [closed]
Google and CloudFlare have recently indicated that my home IP address is contributing to a DDoS or spam network.
I am frequently being checked (What is the website checking about my browser to protect ...
- 125
0
votes
1
answer
549
views
Cloudflare not hide VPS IP (ngnix)
I have a problem with hiding the VPS IP using Cloudflare. My IP can be found on search.censys.io. I don't have any DNS leaks. I'm using nginx to reverse proxy a node.js server. Is it possible to hide ...
- 1
0
votes
0
answers
64
views
"needs to review the security of your connection before proceeding.": What security check is that? [duplicate]
From time to time, when browsing a website I see the following message:
[Webpage URL] needs to review the security of your connection before proceeding.
What kind of security check on my connection ...
1
vote
2
answers
2k
views
How bad it is to open qBittorrent web UI port
I have small home server that runs a qBittorrent in docker container, and I was wondering how bad/risky it is if I'd forward the port for the web UI so I can access it from outside my network.
I know ...
- 111
0
votes
1
answer
1k
views
What happens if both DoH and DoT are enabled?
If I have DNS over HTTPS and DNS over TLS activated simultaneously (router has DoT activated and smartphone browser has DoH activated, so I see on https://1.1.1.1/help DoH: yes and DoT: yes), which ...
- 181
1
vote
1
answer
10k
views
Any Cloudflare's DNS over TLS (DoT) check + DNSSEC test?
In my original question from 2020, I was unsuccessful in my effort to setup Cloudflare's (link to docs) DNS over TLS (DoT) (link to wiki) in my old, and now decomissioned, router:
Does Cloudflare'...
- 1,717
0
votes
1
answer
1k
views
Cloudflare SQLinjection protection
I'm testing for vulnerabilities for a specific site using sqlmap. However, the site has a cloudflare firewall which blocks queries including for example *, ANY or OR. I sort of found a bypass while ...
- 1
1
vote
0
answers
104
views
How are DDOS protection mechanisms setup when confidential data is involved?
Scenario:
A hospital has the records of all patients. There is an online portal where patients can login to see their personal medical data.
Since a hospital is an obvious target for any type of hack, ...
- 11
1
vote
2
answers
2k
views
Bypass WAF to perform XSS?
I am trying to find an XSS in website protected by Cloudflare. I use Burp to find which HTML tags allowed.
Only the <script/> is tag disallowed. I tested multiple payloads to pass the WAF and ...
- 111