-
Notifications
You must be signed in to change notification settings - Fork 321
Some sites may be using the CloudFlare SSL proxy without using CloudFlare DNS #42
Comments
This might not be as easy as it sounds, CF will probably start to rate-limit the source IP if someone decides to curl every page on that list, providing inaccurate/incomplete results |
As long as you're requesting I could probably write up a little node.js script to automate the process. |
I don't think the request / response size matters. What i think is that CF starts to throttle or bail out completely if you bombard them with requests. In those scenarios, most often quantity matters - not size |
Possibly by showing those "Checking your browser... Please Wait" pages |
Now if only we could distribute this process... 😁 |
I wrote a Go script to check a list of domains for the CF-Ray header: https://github.com/youngj/sites-using-cloudflare/blob/master/check_domains.go . I don't have time to actually filter the list of domains now, but perhaps someone else can use it. |
Domains using cloudflare's reverse proxy should resolve to a cloudflare IP because the proxy's front end is owned by cloudflare. You'll probably get really accurate results by just resolving the domain names and checking them against ASN blocks to see if they're cloudflare ip's. |
@jrruwe that works, but unfortunately lots of people might be turning off cloudflare today, so the data will soon be out of date. |
I wonder if reverse dnsing the ip would return the old dns name even after the forward dns records have been changed?? |
that's not how reverse dns works |
I wrote my own Node.js shellscript and will begin testing all the domains that start with |
"Also there are some sites that are using the CloudFlare SSL proxy without using CloudFlare DNS -- for example betterment.com is using Amazon Route 53 and is not in sorted_unique_cf.txt . Basically I think you just have to make HTTPS requests and look for the CF-Ray or Server: cloudflare-nginx header. It probably would be useful for someone to write a script to make requests to the domains in sorted_unique_cf.txt and update it to remove the ones that aren't using the SSL proxy." @youngj
The text was updated successfully, but these errors were encountered: