Whilst Cloudflare doesn’t recommend enforcing any kind of security policy solely by trusting their IP addresses, it is worth noting that if you are whitelisting their IP addresses, they’re due to change shortly. To be more precise, by 7th May 2021 the change will need to be made, and it’s safe to do so straight…
Tag: cloudflare
Cloudflare limits
Just a short one today, but I discovered just today something that I didn’t know about Cloudflare, and one that could certainly turn out to be costly! The maximum file size Cloudflare’s CDN caches is 512MB for Free, Pro, and Business customers and 5GB for Enterprise customers (although Enterprise customers can request caching of larger files).…
Cloudflare CSAM Scanning Tool
A couple of weeks ago, Cloudflare announced their new CSAM scanning tool, and the fact that there were making it available to all customers, even those on the Free tier. For those who the acronym is not familiar to, it’s Child Sexual Assault Material. If you host a site that allows users to upload images (such…
HSTS preloading (again)
It was recently pointed out to me that the HSTS preloading doesn’t work on my website, and upon further investigation, there were two reasons for that. Firstly; despite setting up HSTS preloading on my website when it was at https://www.rik.onl and writing a pretty detailed blog post about it, I neglected to re-do this when I moved…
Cloudflare Workers KV security notice
If you are a user of Cloudflare Workers KV, like me, then you will have received an email alerting you to a vulnerability that has recently been discovered and fixed, on 14th October. They’d actually deployed a fix within 4 hours of being notified via their bug bounty program on HackerOne, which is impressive to…
Cloudflare full page caching – part 3
In part one I discussed the benefits of using Cloudflare to cache our generated HTML and in part two we set the Cloudflare Worker and got it working. However, I’ve found that there’s one particular tweak to the example Worker which helps things run a little smoother for some setups. I’ve talked before about WordPress cron jobs,…