What is Cloudflare and does it leak your data online?

Cloudlare is a service used by many websites because of its benefits. But not Cloudflare 100% safe.

What is Cloudflare?

Cloudflare is a secure service and provides operational related features for the website. It acts as a reverse proxy - an intermediary between the user and the website. When accessing the page, you will be redirected to one of Cloudflare's servers instead of the real server of the site.

This helps Cloudflare ensure you are a valid user (protected from a denial of service attack), loads pages faster (because some pages of the page have been cached) and avoid dead time issues (due to There are many servers around the world and can switch to any server if there is a problem.

CloudFlare uses the same technology as CDN (Content Delivery Network), it handles all requests to a website. As a result, it can:

1. Stop attacks targeted at a website
2. Automatically modify content to improve performance
3. Insert applications into web pages
4. Provide rich analysis of all requirements for your site
5. Automatically identify static objects and cache memory on the side of the network without any user configuration
6. Provide a network gateway between protocols such as IPv6, IPv4
7. Flexible SSL settings and one-click ease
8. And many other things that a traditional CDN cannot provide .

In short: Cloudflare is used for the purpose of making the site faster and safer. This is currently a service used by many websites, including TipsMake.com.

1. CloudFlare has great DDoS attack unprecedented
2. Enhance the effectiveness and security of Website with CloudFlare

What happened? What is cloudbleed?

Unfortunately not all animals are 100% safe, even if your site uses Cloudflare, there is an error. In fact, Cloudflare has experienced security issues when an error in the intermediate proxy's code causes the server to leak memory content in certain circumstances. This leak is called Cloudbleed, named after Heartbleed, a security hole that also caused a stir in 2014.

What is Cloudflare and does it leak your data online? Picture 1
Cloudflare is not an impregnable wall

Leaked information can include usernames, passwords and personal messages, OAuth tokens. Worse, some of them are also indexed by search engines (Cloudflare says about 700 pages). ) means that if you search on Google, you will see sensitive information when users log in.

This error was not detected in about 5 months and was patched immediately after being detected. Cloudflare said 'the most affected period is February 13 to February 18 with about 1 out of 3.3 million HTTP requests via Cloudflare likely to leak. (equivalent to 0.00003%).

The number is small but with a popular service like Cloudflare, this is a significant number. Some people also list the list of Cloudflare sites with more than 4 million domain names, including Uber, Medium . (some mobile applications are also affected).

If you are a programmer or have knowledge of programming, you can read about this error at Cloudflare's blog page. Posts about Cloudbleed on Cloudflare's blog https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/

If you are using Cloudflare, you may also be interested in the newly released DNS 1.1.1.1 service, which not only increases security but also brings faster connection speeds.

See more:

1. Compare Internet speed of DNS 1.1.1.1 with other popular DNS
2. Introducing DNS Resolver 1.1.1.1
3. Cloudflare provides tools to reduce the effects of free DDoS attacks