A note on Cloudflare’s security issue
Around 4 days ago, a security issue was found in Cloudflare’s reverse proxy servers by a Google employee. This is a quick summary of what it is and what it means for our customers.
What’s the issue?
Based on a blog post by Cloudflare, their CDN uses a custom HTML parser to intercept web traffic. A bug in this parser caused an overflow of a buffer that can cause content of web traffic passing through Cloudflare CDN to leak onto the cache and possibly distributed across the internet to all of their edge servers.
Is Cloud 66 affected?
No. None of Cloud 66 websites including our main application dashboard, our API, our documentation knowledgebase, Community forum, RealScale or Birdseye use Cloudflare services and run no traffic through their service. Cloud 66 does not run any part of your code or data passes through Cloudflare’s network.
We are enquiring our customer support ticketing system service provider Intercom to see if they are affected by this issue.
Am I affected?
If you rely on Cloudflare for your website, API or mobile backend then you are most probably affected.
What should I do?
If you are affected by this issue, you need to contact Cloudflare and seek advice for more details and specific instructions on what you need to do to ensure your and your customer’s online security.
Originally published at blog.cloud66.com on February 24, 2017.