in Zero Trust what would the best practice be to allow everyone that has gateaway activated/enabled/

in Zero Trust what would the best practice be to allow everyone that has gateaway activated/enabled/enrolled. Do I use a bypass for that and block everything else or is there a better / correct approach to it ?

ﹺ

ﹺ•8/21/23, 5:27 PM

can someone check #Redirect Site

ﹺ

ﹺ•8/21/23, 5:27 PM

car•8/21/23, 5:34 PM

car•8/21/23, 5:34 PM

is this still a thing?

car•8/21/23, 5:34 PM

for cloudflare pages

car•8/21/23, 5:34 PM

to get faster builds

MattIPv4•8/21/23, 5:35 PM

Yes, the v2 image went live a while back that makes things way faster

car•8/21/23, 5:36 PM

we're considering switching to netlify because builds take really long. this is just a static site, react tailwind boilerplate

MMattIPv4 Yes, the v2 image went live a while back that makes things way faster

car•8/21/23, 5:37 PM

is there a way to get access to it?

car•8/21/23, 5:37 PM

or is it already in prod

MattIPv4•8/21/23, 5:38 PM

I believe its been live for everyone by default for a while now

Cyb3r-Jak3•8/21/23, 5:40 PM

^ they made it default but old projects need to change it under build configuration

CCyb3r-Jak3 ^ they made it default but old projects need to change it under build configurat...

car•8/21/23, 5:46 PM

how do I do this?

car•8/21/23, 5:49 PM

car•8/21/23, 5:49 PM

car•8/21/23, 5:49 PM

this is what i see

Ccar Click to see attachment

Chaika•8/21/23, 5:51 PM

you clipped it at the bottom of the screenshot there, "Build System Version", click configure, select version 2 (for preview and prod)

FF0rce in Zero Trust what would the best practice be to allow everyone that has gateawa...

F0rceOP•8/21/23, 6:09 PM

bump

BlaBla (Please tag or reply)•8/21/23, 7:31 PM

If I want to use cloudflare's website CDN, do I need to store my website in a specific place? or is it automatic?

BBlaBla (Please tag or reply)If I want to use cloudflare's website CDN, do I need to store my website in a sp...

Cyb3r-Jak3•8/21/23, 7:34 PM

As long as your DNS records are proxied then the CDN will be enabled for it

CCyb3r-Jak3 As long as your DNS records are proxied then the CDN will be enabled for it

BlaBla (Please tag or reply)•8/21/23, 7:35 PM

you mean add cloudflare's IP to my DNS settings?

BlaBla (Please tag or reply)•8/21/23, 7:35 PM

but where to store the website?

Picolé•8/21/23, 7:36 PM

can cloudflare tunnels be used for RTSP streaming? Been trying but wont work at all

BBlaBla (Please tag or reply)but where to store the website?

Cyb3r-Jak3•8/21/23, 7:41 PM

If you site is static then you can use pages. Otherwise you have it on a origin server with the IP being in Cloudflare DNS and being proxied

PPicolé can cloudflare tunnels be used for RTSP streaming? Been trying but wont work at ...

Cyb3r-Jak3•8/21/23, 7:42 PM

I forget RTSP but if it uses TCP and not HTTP then you’ll need to have cloudflared on the clients as well

CCyb3r-Jak3 If you site is static then you can use pages. Otherwise you have it on a origin ...

BlaBla (Please tag or reply)•8/21/23, 7:43 PM

what is a static website? One that does not fetch data from db to render pages? Yes it is that.

BlaBla (Please tag or reply)•8/21/23, 7:43 PM

Do I need to buy the domain from cloudflare?

BBlaBla (Please tag or reply)what is a static website? One that does not fetch data from db to render pages? ...

Cyb3r-Jak3•8/21/23, 7:44 PM

At static site is something that is just HTML doesn’t use something like go or python to render content.

BBlaBla (Please tag or reply)Do I need to buy the domain from cloudflare?

Cyb3r-Jak3•8/21/23, 7:44 PM

You do not need to buy a domain from Cloudflare but you need the nameservers of the domain to point to your assigned nameservers

ZZnuff Is there no way to get a metric on the time it takes Cloudflare to fetch the pag...

Erisa•8/21/23, 9:04 PM

I think there is some available in Instant Logs, but dont quote me on that

Cyb3r-Jak3•8/21/23, 9:07 PM

Logpush also has them

Frerduro•8/21/23, 9:09 PM

is obervatory broken? I am unable to check a website however 3rd pary websites work just fine for checking the website, google,hetrix, etc etc

Frerduro•8/21/23, 9:09 PM

loading the website in browser is fine too

CCyb3r-Jak3 I forget RTSP but if it uses TCP and not HTTP then you’ll need to have cloudflar...

Picolé•8/21/23, 9:28 PM

still didnt work in here. RTSP is basically TCP at 554 so yeah, I have no clue why it does not work at all
it works fine with ngrok tho

PPicolé still didnt work in here. RTSP is basically TCP at 554 so yeah, I have no clue w...

Cyb3r-Jak3•8/21/23, 9:34 PM

I believe ngrok proxies TCP without client side software. Cloudflared requires client software if you use anything other than HTTPS

Cyb3r-Jak3•8/21/23, 9:34 PM

?tunnel-tcp

Flare•8/21/23, 9:34 PM

Cloudflare Tunnels use Cloudflare's proxy, which only supports proxying HTTP Traffic. If you want to use non-http applications over your tunnel, Cloudflare has a few other options:

For a few specific protocols such as SSH, RDP, and SMB, Cloudflare has guides for them here:
https://developers.cloudflare.com/cloudflare-one/applications/non-http/

For Arbitrary TCP like Minecraft, MySQL, and any other tcp application, Cloudflare has a guide here: https://developers.cloudflare.com/cloudflare-one/applications/non-http/arbitrary-tcp/

For Arbitrary UDP like Minecraft Bedrock, SMTP, and any other udp application, you will need to use Private Networking with WARP: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/private-net/connect-private-networks/

Please note for all of these except SSH and VNC which can be browser-rendered, you will either need to use cloudflared (Cloudflare's tunnel daemon) on the client machine running in the background or Private Networking with WARP, and have WARP installed on the client machine logged into your Zero Trust Team.

CCyb3r-Jak3 I believe ngrok proxies TCP without client side software. Cloudflared requires c...

Picolé•8/21/23, 9:34 PM

I installed it on both ends, still nothing sadly

PPicolé I installed it on both ends, still nothing sadly

Cyb3r-Jak3•8/21/23, 9:35 PM

How are you accessing it from the client?

Picolé•8/21/23, 9:36 PM

both pcs logged into cloudflared same account
created the TCP on port 554 inside Tunnels panel
status is healthy in the panel

tried going into VLC and using the subdomain to check if it works but getting nothing in there

PPicolé both pcs logged into cloudflared same account created the TCP on port 554 inside...

Cyb3r-Jak3•8/21/23, 9:38 PM

From the client you are doing

cloudflared tunnel --hostname tcp.site.com --url tcp://localhost:7870

cloudflared tunnel --hostname tcp.site.com --url tcp://localhost:7870

then pointing the RTSP client to

localhost:7870

localhost:7870

CCyb3r-Jak3 From the client you are doing `cloudflared tunnel --hostname tcp.site.com --url ...

Picolé•8/21/23, 9:41 PM

exactly, just tried (port 554) but I just get

Your input can't be opened

Your input can't be opened

after a while

Ook So even if you set SPF, DKIM, DMARC & Domain Lockdown at cf workers, there's sti...

skoogeer•8/21/23, 10:29 PM

No, if you create a Domain Lockdown record, then we will not deliver any email for your domain except as you authorize it in your lockdown record.

Original message was deleted

skoogeer•8/21/23, 10:30 PM

This no longer works because you must have a Domain Lockdown record in place before you can send email using our API on Workers.

Original message was deleted

skoogeer•8/21/23, 10:31 PM

@nora This is not true. If you set up a Domain Lockdown record for your domain, then we will not deliver email for your domain except as you specifically authorize in the DNS.

Cchientrm.com I'm not sure, $80 then they can spoof but Idk how could they spoof DKIM.

skoogeer•8/21/23, 10:33 PM

To be abundantly clear, if you create a Domain Lockdown record, then even someone paying MailChannels $1M/mo cannot send email on behalf of your domain.

Unsmart•8/21/23, 10:45 PM

so $2M/mo is the lucky number /s

in Zero Trust what would the best practice be to allow everyone that has gateaway activated/enabled/

Similar Threads

Similar Threads

Similar Threads