CNAME redirect bypasses Zone lockdown and WAF?

Hi! I have a site that i keep under a zone lockdown, as it's still under development. However i can bypass the zone lockdown, as well as any WAF rules configured on my site, by adding a CNAME record at a different domain's apex, that has my site as the target.
1 Reply
Idle
IdleOPā€¢5mo ago
how would i go about preventing other sites from redirecting to my domain like that? the zone lockdown is only temporary, but i do care about my WAF rules being bypassed... šŸ˜… that's a relief, thanks! i assume the reason that the WAF rules are bypassed too is to avoid abuse of the cloudflare paid plans? ah, that makes sense too šŸ‘
Want results from more Discord servers?
Add your server