penny
penny
CDCloudflare Developers
Created by penny on 1/31/2025 in #general-help
How can I protect my elastic beanstalk servers using zero trust?
Hello everyone, I have an elastic beanstalk managing my EC2 instances and I wanna use cloud flare zero trust to allow only authorized users to access my highly critical API. my question is, how do I do it?
4 replies
CDCloudflare Developers
Created by penny on 1/28/2025 in #general-help
turnstile vs hCAPTCHA
Hello everyone, I'm confused whether to use hCAPTCHA or cloudflare turnstile but there are no metrics of any on the internet... so I want to know which one is better according to your experience and why?
3 replies
CDCloudflare Developers
Created by penny on 1/13/2025 in #general-help
does cloudflare record every request made to it?
I was checking suspicious connections made yesterday, but some things my personal server recorded, did not show up in cloudflare after applying some filters. I just wanna be certain if cloudflare logs every single request!
2 replies
CDCloudflare Developers
Created by penny on 12/11/2024 in #general-help
How to block bad User Agents
I noticed some user agents like python-requests contacting my site, and I wanna make sure only legit browsers can contact it, how do I do that?
5 replies
CDCloudflare Developers
Created by penny on 12/10/2024 in #general-help
Turnstile vs bots
Hello everyone, I've been using reCAPTCHA v2 for the past year or so, but recently I wanted to checkout cloudflare's turnstile... after reading a bit I found out that cloudflare's turnstile is not very good. but I feared that this mught be fake news, so I want to ask you... how good is turnstile against bots (more specifically on mobile apps)
2 replies
CDCloudflare Developers
Created by penny on 11/25/2024 in #general-help
How to restrict API access further?
Hello everyone, I've recently found out that my site has been targeted by automated scripts, but I already have configured bot fight mode... are there other methods to detect automations?
2 replies
CDCloudflare Developers
Created by penny on 11/21/2024 in #general-help
DDOS attack mitigated
Hello everyone, my nodeJS app was recently attacked by DDOS, and luckily cloudflare has stopped this attack. after looking at the user IP I was able to pinpoint the culprit and took a look at the user's activity.. but I could not deduce anything, he looks clean. as if they did not do anything. I need your help educating me how I can make respond properly to this incident. they are a legit paying customer and it would not be fare to ban them after they've payed... can someone provide me with proper tips to respond to this?
7 replies
CDCloudflare Developers
Created by penny on 10/28/2024 in #general-help
How do reverse proxy my API and client urls?
Hello everyone, I use react for one of my sites and express on the backend and basically the client connects to the backend which is on a different subdomain. I wanna use cloudflare as a reverse proxy to connect both, as so many people told me that I should use one of it's feature but no one ever told me how. so I'm asking you, what should I do to connect my backend and frontend in the same url?
6 replies
CDCloudflare Developers
Created by penny on 10/10/2024 in #general-help
My website has cloudflare links
Hello everyone, while I was working on implementing helmetJS to my website. I wanted to implement Content-Security-Policy properly. and when looking at sources in my website, I noticed this: https://static.cloudflareinsights.com/etc... Where and when does cloudflare add this script?
3 replies
CDCloudflare Developers
Created by penny on 10/3/2024 in #general-help
Tracking malicious user
is there someway to track malicious users in cloudflare? like a report about all the requests they did or whatever?
2 replies
CDCloudflare Developers
Created by penny on 9/11/2024 in #general-help
how to check security event request body
Hello everyone, I noticed a sudden spike in my security tab, and I want to see the request body if possible. thank you.
2 replies
CDCloudflare Developers
Created by penny on 9/2/2024 in #pages-help
I don't think I'm switching to Automatic SSL/TLS
I received an email from cloudflare concerning the new SSL/TLS mode. and honestly I think it's pretty redundant and maybe harmful if you know what you are doing. since suppose you used this feature and it detected that full (strict) mode is the best option for you. and then you decided you wanted to use self signed certificates for whatever reason. it will take a bit of time until it switches to the correct mode full mode (not strict) (until the schedule is reached). which will mess up your service. I want to hear your opinion on this.
53 replies