The world's favourite MITM!
Is there even a way to use a service like this without creating a gaping hole in security?
Cloudflare made its name proxying traffic for web servers, on network ports 80 (HTTP) and 443 (HTTPS), as a defense against denial of service attacks and their ilk. On Thursday, the online security biz broadened its ambitions by extending its watch over the remaining possible TCP/IP network ports under IPv4. Cloudflare …
Extra point of failure for internet services, especially for big sites. Should Cloudflare goes TITSUP* for whatever reason, a lot of sites may be inaccessible or open to attack.
On the other hand, if Cloudflare uses best practice, and keeps Mr Murphy far and away, then it will work.
But we have seen too much Fun Things Happening of late.
*Total Inability To Support Usual Protection
and keeps Mr Murphy far and away, then it will work.
Not really. There are regular issues if you try to access the reg from the Deepest Darkest Eastern Europe. It mis-detects multiple connections coming from a single CGNAT IP address for a DDOS attack on a regular basis and starts asking stupid questions followed by failing the connection.
Biting the hand that feeds IT © 1998–2019