TLS Community Forums
[SECURITY] CloudFlare Security Risk - Printable Version

+- TLS Community Forums (
+-- Forum: Site Info (
+--- Forum: News (
+--- Thread: [SECURITY] CloudFlare Security Risk (/showthread.php?tid=4)

CloudFlare Security Risk - Thunder - 02-24-2017

Hello all,

Recently a bug with CloudFlare was found and patched very quickly, this bug would accidentally show private data such as HTTP cookies, authentication tokens, HTTP POST bodies, and other sensitive data.
I would advise you to change passwords on websites which use CloudFlare as a security precaution. You won't have to change it on this website as we were not affected.

Read more on CloudFlare's blog here.

RE: CloudFlare Security Risk - Joe - 02-24-2017

Yeah, it's quite the bug

RE: CloudFlare Security Risk - iC - 02-25-2017 uses CloudFlare though.....

RE: CloudFlare Security Risk - Thunder - 02-25-2017

(02-25-2017, 03:15 AM)iC Wrote: uses CloudFlare though.....

Only for DNS. We don't use their caching or anything else.

RE: CloudFlare Security Risk - Admissionpro123 - 04-12-2017

Oh. Good thing that the bug was fixed early. Otherwise it could be dangerous.