Comment by phaed
8 years ago
They are well past deserving the benefit of the doubt.
I would also advise you notify your cloud-based services' customers how they might be affected (yes really), trust erosion tends to be contagious.
8 years ago
They are well past deserving the benefit of the doubt.
I would also advise you notify your cloud-based services' customers how they might be affected (yes really), trust erosion tends to be contagious.
Agreed. The condescending downplaying tones displayed just aren't acceptable.
We only host our static corporate sites (not apps) and furthermore never used CF email obfuscation, server-side excludes or automatic https rewrites thus not vulnerable.
Hi,
I think you have misunderstood the issue. Just because YOU did not use those services does not mean your data was not leaked. It means that other peoples data was not leaked on YOUR site, but YOUR data could be leaked on other sites that were using these services.
We only host our static corporate sites (not apps)
If this part is true, they're not vulnerable. Only data that was sent to CloudFlare's nginx proxy could have leaked, so if they only proxy their static content, then that's the only content that would leak.
The rest of their comment gives the wrong impression though, yeah.
1 reply →
Thanks for clarifying. You are absolutely right.