Cloudflare Tunnels Security Question
I run several services through Cloudflare tunnels. I'd like to know whether Cloudflare log or know my origin server. Additionally I'm interested to know whether they can (or if they were hacked server side) see traffic encrypted via HTTPS as they issue the certificates. It would also be good to know how traffic is encrypted between the tunnel and the origin server and who owns the encryption keys. Thank you!
1 Reply
What do you mean by log or know your origin server?
Yes they do see the traffic decrypted as they need to get the host header to be able to route traffic correctly
Traffic between tunnels is encrypted using TLS