sites-using-cloudflare icon indicating copy to clipboard operation
sites-using-cloudflare copied to clipboard

Published 20 hours ago verified publisher icon pirate

Some sites may be using the CloudFlare SSL proxy without using CloudFlare DNS

Open pirate opened this issue 8 years ago • 11 comments

"Also there are some sites that are using the CloudFlare SSL proxy without using CloudFlare DNS -- for example betterment.com is using Amazon Route 53 and is not in sorted_unique_cf.txt . Basically I think you just have to make HTTPS requests and look for the CF-Ray or Server: cloudflare-nginx header. It probably would be useful for someone to write a script to make requests to the domains in sorted_unique_cf.txt and update it to remove the ones that aren't using the SSL proxy." @youngj

pirate avatar Feb 24 '17 06:02 pirate

This might not be as easy as it sounds, CF will probably start to rate-limit the source IP if someone decides to curl every page on that list, providing inaccurate/incomplete results

coderobe avatar Feb 24 '17 06:02 coderobe

As long as you're requesting HEAD only (aka curl -I) with a throttled pool it shouldn't be an issue.

I could probably write up a little node.js script to automate the process.

Xaekai avatar Feb 24 '17 07:02 Xaekai

I don't think the request / response size matters. What i think is that CF starts to throttle or bail out completely if you bombard them with requests. In those scenarios, most often quantity matters - not size

coderobe avatar Feb 24 '17 07:02 coderobe

Possibly by showing those "Checking your browser... Please Wait" pages

coderobe avatar Feb 24 '17 07:02 coderobe

Now if only we could distribute this process... 😁

pirate avatar Feb 24 '17 07:02 pirate

I wrote a Go script to check a list of domains for the CF-Ray header: https://github.com/youngj/sites-using-cloudflare/blob/master/check_domains.go . I don't have time to actually filter the list of domains now, but perhaps someone else can use it.

youngj avatar Feb 24 '17 07:02 youngj

Domains using cloudflare's reverse proxy should resolve to a cloudflare IP because the proxy's front end is owned by cloudflare. You'll probably get really accurate results by just resolving the domain names and checking them against ASN blocks to see if they're cloudflare ip's.

jrruwe avatar Feb 24 '17 08:02 jrruwe

@jrruwe that works, but unfortunately lots of people might be turning off cloudflare today, so the data will soon be out of date.

pirate avatar Feb 24 '17 08:02 pirate

I wonder if reverse dnsing the ip would return the old dns name even after the forward dns records have been changed??

jrruwe avatar Feb 24 '17 08:02 jrruwe

that's not how reverse dns works

coderobe avatar Feb 24 '17 08:02 coderobe

I wrote my own Node.js shellscript and will begin testing all the domains that start with 8 as a preliminary run, since there is only 11599 of them.

Xaekai avatar Feb 24 '17 15:02 Xaekai