yea: https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ They along

yea: https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/
They along Google and AWS were one of the ones that got hit by it, and disclosed it together

The Cloudflare Blog

HTTP/2 Zero-Day vulnerability results in record-breaking DDoS attacks

The “HTTP/2 Rapid Reset” attack exploits a weakness in the HTTP/2 protocol to generate enormous, hyper-volumetric DDoS attacks. Cloudflare has mitigated a barrage of these attacks in recent months, including an attack three times larger than any previous attack we’ve observed

ChaikaOP•10/12/23, 9:00 PM

If you're behind Cloudflare/proxied, you're safe: https://community.cloudflare.com/t/record-breaking-ddos-attacks/567340

KKashall I am behind a tunnel. I was looking into implementing the nginx recommendations ...

ChaikaOP•10/12/23, 9:03 PM

Tunnels use the normal proxy, unless you're talking about WARP Private Networking or arbitrary tcp with cloudflare accesscloudflare access locally

ChaikaOP•10/12/23, 9:03 PM

If you're using a simple public hostname, you're fine

tt2468•10/12/23, 10:38 PM

What's likely the most appropriate channel for cloudflare load balancing discussion?

Ddave ahhh, I have my answer, hotmail.com had a single `<result>temperror</result>` DM...

DarkDeviL•10/12/23, 11:19 PM

That temperror literally means that that the DKIM that (hopefully) would have caused perfect DKIM alignment under normal conditions, ... wasn't really (considered) valid at the time.

As such, that specific message was falling back to the proper SPF pass (and alignment), to cause the overall DMARC pass.

Ddave https://github.com/cloudflare/dmarc-email-worker/issues/10

DarkDeviL•10/12/23, 11:20 PM

257 / 258 * 100 = 99.6124031008

So the 100% DMARC pass, 100% SPF alignment, 99.61% DKIM alignment is actually true, for 257 out of 258 messages having proper DKIM alignment.

So considering the title, - how would you handle that?

And as for the content, how exactly would you show that result, in a less confusing way :)?

DDarkDeviL 257 / 258 * 100 = 99.6124031008 So the 100% DMARC pass, 100% SPF alignment, 99....

dave•10/12/23, 11:41 PM

So considering the title, - how would you handle that?

tbh I have no idea. I ran out of time to look into it more, only opened the ticket so I have it documented so I don't forget in the future lol.

Mmask Hey guys, I'm new to Cloudflare, trying to create an email worker and follow the...

asdfg.eth•10/12/23, 11:43 PM

I have the same issue

Ttt2468 What's likely the most appropriate channel for cloudflare load balancing discuss...

Cyb3r-Jak3•10/12/23, 11:46 PM

Here or #general-help

Saifulapm•10/13/23, 12:07 AM

https://developers.cloudflare.com/images/cloudflare-images/transform/flexible-variants/

I can see that I can add border to image. But I don’t how I can added border to images.

Flexible variants · Cloudflare Image Optimization docs

If you need more flexibility than regular variants allow, you can create flexible variants. Flexible variants allow you to create variants with …

Jordan2022•10/13/23, 12:27 AM

Hi everyone, I’ve got a question regarding ZeroTrust. I have setup ZeroTrust with WARP in my organisation. Some users they see in their connections tab in WARP connection:WARP+ and some they see connection:1.1.1.1. How I can ensure all staff are connecting to WARP+ Melbourne ?

Jordan2022•10/13/23, 12:30 AM

Aasdfg.eth I have the same issue

dave•10/13/23, 12:42 AM

which docs page are you talking about?

kian•10/13/23, 12:45 AM

probably https://developers.cloudflare.com/email-routing/email-workers/send-email-workers/#example-worker

kian•10/13/23, 12:45 AM

that error is esbuild so the Wrangler version is out of date, or they're doing custom builds and haven't marked

cloudflare:

cloudflare:

modules as external

CChaika yea: https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos...

dave•10/13/23, 12:48 AM

I wish there was bounties for these types of vulnerabilities.

Kkian that error is esbuild so the Wrangler version is out of date, or they're doing c...

asdfg.eth•10/13/23, 12:50 AM

but my wrangler version is latest

kian•10/13/23, 12:51 AM

Without seeing your code and what the exact error is, there isn't much help anyone can offer. You should make a thread in #workers-help

asdfg.eth•10/13/23, 12:54 AM

my code is the same with the example https://developers.cloudflare.com/email-routing/email-workers/send-email-workers/#example-worker

Send emails from Workers (beta) · Cloudflare Email Routing docs

You can send an email about your Worker’s activity from your Worker to an email address verified on Email Routing. This is useful for when you want to …

Aasdfg.eth I have the same issue

mask•10/13/23, 2:03 AM

so here how I resolved the issue @asdfg.eth

Issue:

✘ [ERROR] Could not resolve "cloudflare:email"

✘ [ERROR] Could not resolve "cloudflare:email"

1 . edit the

wrangler.toml

wrangler.toml

for email configuration like the code below

[[send_email]]
type = "send_email"
name = "SEB"
allowed_destination_addresses = ["your_email@gmail.com"]

[[send_email]]
type = "send_email"
name = "SEB"
allowed_destination_addresses = ["your_email@gmail.com"]

then edit your script to be like the bellow```wrangler dev --remote --config src/wrangler.toml```because `--local` is no longer required and will be removed in a future version.

hope its help.

islamkh122•10/13/23, 8:05 AM

hi i tried to follow create form with cloadflare pages but whene i submit form it redirect to /api/submit but return error "This page isn’t workingIf the problem continues, contact the site owner.
HTTP ERROR 405" anyone have idea ?

enricopolanski•10/13/23, 8:30 AM

Is there an api to get statistics of your workers such as how many times they have been called without accessing the ui?

enricopolanski•10/13/23, 8:31 AM

speaking of these stats:

islamkh122•10/13/23, 8:40 AM

islamkh122•10/13/23, 8:41 AM

why it return 405 ? while i followed structure in form tutorial

Iislamkh122 why it return 405 ? while i followed structure in form tutorial

Hello, I’m Allie!•10/13/23, 8:51 AM

Can you paste your Function code?

HHello, I’m Allie!Can you paste your Function code?

islamkh122•10/13/23, 8:52 AM

/**

POST /api/submit*/export async function onRequestPost({ request }) { try { let input = await request.formData(); // Convert FormData to JSON // NOTE: Allows mutliple values per key let tmp, output = {}; for (let [key, value] of input) { tmp = output[key]; if (tmp === undefined) { output[key] = value; } else { output[key] = [].concat(tmp, value); } } let pretty = JSON.stringify(output, null, 2); return new Response(pretty, { headers: { 'Content-Type': 'application/json;charset=utf-8' } }); } catch (err) { return new Response('Error parsing JSON content', { status: 400 }); }}

Iislamkh122 /** * POST /api/submit */ export async function onRequestPost({ request }) { ...

Hello, I’m Allie!•10/13/23, 8:53 AM

Does it work if you rename the file to

/functions/api/submit.js

/functions/api/submit.js

Hello, I’m Allie!•10/13/23, 8:53 AM

Wondering if it is something to do with the Wildcard

HHello, I’m Allie!Does it work if you rename the file to `/functions/api/submit.js`

islamkh122•10/13/23, 8:54 AM

i followed that /functions/api/submit.js

islamkh122•10/13/23, 9:07 AM

is functions only allowed for paid ?

Iislamkh122 is functions only allowed for paid ?

Hello, I’m Allie!•10/13/23, 9:10 AM

No, there is a free tier

Original message was deleted

islamkh122•10/13/23, 9:22 AM

i created CF page and linked to github rep

islamkh122•10/13/23, 9:26 AM

mayby someting wrong with that ?

Original message was deleted

islamkh122•10/13/23, 9:36 AM

Original message was deleted

islamkh122•10/13/23, 9:39 AM

islamkh122•10/13/23, 9:39 AM

should i put functions folder inside public folder ?

islamkh122•10/13/23, 9:42 AM

yes

islamkh122•10/13/23, 9:44 AM

Original message was deleted

islamkh122•10/13/23, 9:52 AM

thank you skye but whene i put functions folder inside public it works NotLikeThis

Original message was deleted

islamkh122•10/13/23, 9:58 AM

i did and working fine , thank you very much

Jordan2022•10/13/23, 10:27 AM

César•10/13/23, 2:25 PM

Hello, i have domain A (notify.domainA.com) that cnames to domain B (notify.domainB.com).I had to enable custom hostnames so that they can comunicate correctly, that is ok, but when domain B (notify.domainb.com) is a zero trust tunnel, the solution does not work. If I call notify.domainB.com it works, but when calling notifu.domainA.com it does not work and goes to another subdomain

César•10/13/23, 2:31 PM

César•10/13/23, 2:31 PM

The second case only works when invoqued directly to domainB

yea: https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ They along

Similar Threads

Similar Threads

Similar Threads