Cloudflare Tunnels Security Question
I run several services through Cloudflare tunnels. I'd like to know whether Cloudflare log or know my origin server. Additionally I'm interested to know whether they can (or if they were hacked server side) see traffic encrypted via HTTPS as they issue the certificates. It would also be good to know how traffic is encrypted between the tunnel and the origin server and who owns the encryption keys. Thank you!
4 Replies
What do you mean by log or know your origin server?
Yes they do see the traffic decrypted as they need to get the host header to be able to route traffic correctly
Traffic between tunnels is encrypted using TLS
Thank you. Presumably the encrypted traffic is ephemeral
By log I mean, go they know my actual server IP address and do they log this
I mean given the address is viewable in the Zero Trust dashboard, I would say so
😂
Thank you
It doesn't really get any more conclusive than that
!close
/close