Akkarin

Security Issues with CloudFlare

Recommended Posts

This week Google's Project Zero team reported a bug to CloudFlare pertaining to memory leaks within their parser software.

What does this mean? In a nutshell, it means that various parts of a page could be cached with search engines that shouldn't be. This affected a large number of high profile websites across the internet.

What data was leaked? CloudFlare estimate that 0.00003% of all page requests had the potential to disclose sensitive data in the http response. With the thousands of sites using CloudFlare all culminating to that 0.00003%, the risk of anything dangerous to you or this project being leaked is absurdly small.

How does this affect rAthena? Generally speaking, it has low impact. The bug was identified in their parser chain for the email obfuscation, server-side excludes and automatic https rewrites, none of which we use but the html still goes through the parser regardless. 

What do we need to do? Firstly, stop worrying. If you want to change your password you can find this in your account setting. You could enable 2FA. Personally, I already have 2FA enabled for my forum account.

You can read the full report from CloudFlare here.

Share this post


Link to post
Share on other sites

I did hear about this and was slightly concerned. Thanks for clearing that up.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now