Jump to content

Security Issues with CloudFlare


Akkarin

Recommended Posts


  • Group:  Forum Manager
  • Topic Count:  282
  • Topics Per Day:  0.06
  • Content Count:  3122
  • Reputation:   1614
  • Joined:  03/26/12
  • Last Seen:  

This week Google's Project Zero team reported a bug to CloudFlare pertaining to memory leaks within their parser software.

What does this mean? In a nutshell, it means that various parts of a page could be cached with search engines that shouldn't be. This affected a large number of high profile websites across the internet.

What data was leaked? CloudFlare estimate that 0.00003% of all page requests had the potential to disclose sensitive data in the http response. With the thousands of sites using CloudFlare all culminating to that 0.00003%, the risk of anything dangerous to you or this project being leaked is absurdly small.

How does this affect rAthena? Generally speaking, it has low impact. The bug was identified in their parser chain for the email obfuscation, server-side excludes and automatic https rewrites, none of which we use but the html still goes through the parser regardless. 

What do we need to do? Firstly, stop worrying. If you want to change your password you can find this in your account setting. You could enable 2FA. Personally, I already have 2FA enabled for my forum account.

You can read the full report from CloudFlare here.

Link to comment
Share on other sites


  • Group:  Forum Moderator
  • Topic Count:  33
  • Topics Per Day:  0.01
  • Content Count:  1268
  • Reputation:   381
  • Joined:  02/03/12
  • Last Seen:  

I did hear about this and was slightly concerned. Thanks for clearing that up.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...