Security Problems in the url "cdn-cgi"
Hello! I need some help with my website:
I am using ZAP to check my website's security, and it gives me those alerts: "Path Traversal", "SQL Injection", "SQL Injection - Oracle - Time Based", "SQL Injection - SQLite" affecting many files in the url mywebsite.com/cdn-cgi/challenge-platform/h/g/jsd/r/
I already checked some community answers, but they all ended saying that opening a ticket with cloudflare was advised. I did, they told me they cannot help me (free user) if it's not a problem related to billing or 2FA, and to ask to the community.
In case it might be helpful, some answers in the community said these might be some "leftovers" of the cloudflare apps that were installed and then uninstalled.
My other domain, that uses cloudflare too, isn't affected.
Would you be so kind to help me?
Thanks in advance!
Regards
1 Reply
That was easy! haha
So, why did it give those alerts? Is it normal?
I missed that, sorry
Oh I forgot to thank you for the quick answer
Perfect! Glad to hear that
Even if it might be off-topic, what's a good tool I might use to check (easily) for my website's security?
Given that it's just a personal portfolio website
Admin panel, plesk
Even if it's hosted in a service, I don't have a personal server