| > This is obviously a huge threat to CloudFlare’s entire business model I disagree. There are plenty of ways to hide your origin server, for example: 1. IPv6 only, since there are too many addresses to scan 2. Accepting connections only from cloudflare IPs (probably not enough on its own, since features like workers might allow an attacker to trigger requests from a cloudflare server) 3. Mutual TLS authentication 4. Authentication headers (since mTLS might be difficult to integrate in your application) 5. Responding only if the right host is requested, which could even be different from the public domain (not enough on its own, but prevents untargeted scans) 6. Using tunnels (as frizlab pointed out) I think cloudflare already supports all of these out of the box. They just need to push their customers to apply such mitigations via documentation, displaying warnings if the origin server can be accessed directly, etc. So I consider this an inconvenience for cloudflare, but not a huge threat. |