[dalbotex]

To me it looks like this tool (and cloudflair.py) can only ever find servers which are configured in a very specific way:

* The traffic between server and CDN is encrypted using a valid certificate

* The server's firewall is not properly configured

Apparently there are indeed servers with this configuration, but I just find it odd how someone would go through the trouble of setting up HTTPS (instead of terminating it at the CDN) and then not bother to block traffic from anywhere but the CDN.

[throwaway744678]

Imagine someone with a fully configured HTTPS web server (without a front CDN), that adds Cloudflare in front of it when the load gets higher, and does not bother configuring their firewall.

[dalbotex]

Yeah, that does sound plausible.

[rdl]

Could be a shared hosting platform behind the CDN where the user doesn't have the ability to ip-acl but does have https. Common among low-end users and in the particular case of a "hidden" site, easily purchased cheap VPSes which are de facto anonymous.

[CapacitorSet]

>I just find it odd how someone would go through the trouble of setting up HTTPS (instead of terminating it at the CDN)

At least wrt CloudFlare, it's actually recommended - for privacy reasons, at least so they claim - that you run SSL both between client and CDN, and between CDN and server: https://support.cloudflare.com/hc/en-us/articles/200170416-E...

[penagwin]

Uhh they recommend it so the traffic between your server and cloudflare isn't unencrypted over HTTP

[latchkey]

> then not bother to block traffic from anywhere but the CDN

How can you find that odd when there are so many mongodb instances on the open internet?

[dalbotex]

Because I imagine someone who would expose their mongodb instance to the web would also just terminate HTTPS at the CDN, rendering curryfinger/cloudflare.py useless.

[alexhornbake]

Someone wants to lower their cdn bill, so they serve static things on cdn, and dynamic things from origin.