1. Seems like all the registrations are made from AS45727 (PT Hutchison CP Telecommunications), - if

Seems like all the registrations are made from AS45727 (PT Hutchison CP Telecommunications), - if you're not otherwise seeing legitimate traffic from that ISP, you could filter on the AS number.
A quick glance makes all the IP addresses appear to be from Indonesia, if you're not otherwise seeing (or expecting) legitimate traffic from Indonesia, you could filter traffic from Indonesia away.
Searching
```
"fextemp.com"
```
"fextemp.com"
```
"fextemp.com"
```
"fextemp.com"
(including the quotes), on Google, leads to various sites confirming as you say, that they (
```
@fextemp.com
```
@fextemp.com
```
@fextemp.com
```
@fextemp.com
) are disposable emails.
One result that search is bringing, would be https://github.com/MISP/misp-warninglists/blob/main/lists/disposable-email/list.json, which seem to contain a few thousand domains, that are apparently disposable email address domains.

Such as through the link from #3, you can pick up such lists of disposable email address domains, and block them from registering in your system. How you can do that would be a problem between you, and your registration system (in other words, not something you can do directly through Cloudflare).

Original message was deleted

DarkDeviLOP•3/9/24, 5:39 PM

Strange way.

However, assuming that the initial attachment(s) are still intact for the final message, it might still be worth a try.

fernvenue•3/9/24, 6:33 PM

Does Cloudflare Status RSS has filters option?

fernvenue•3/9/24, 6:34 PM

For example...I just wanna subscribe status notification about HKG.

daniel•3/9/24, 10:35 PM

is there a way to create dynamic dns records? resolve 1.1.1.1.myzone.com1.1.1.1.myzone.com to 1.1.1.11.1.1.1 through Cloudflare?

shadyharby.•3/9/24, 10:46 PM

Is it possible to create an API to register a domain through Cloudflare?

Erisa•3/9/24, 10:47 PM

The API for Registrar is only available for Enterprise customers

shadyharby.•3/9/24, 10:49 PM

okay thanks

EErisa The API for Registrar is only available for Enterprise customers

zach•3/10/24, 3:40 AM

you aren't able to use the undocumented dashboard api routes on the public api with the exact same parameters, without enterprise?

zach•3/10/24, 3:42 AM

ig if you need that functionality you might actually use an enterprise plan

DDarkDeviL 1. Seems like all the registrations are made from AS45727 (PT Hutchison CP Telec...

Vikash•3/10/24, 5:24 AM

I was expecting a browser fingerprint id in CF header to better check if request is coming from same device instead IP address(which can be proxied) or managing a list of disposable email(which is always incomplete).

Anyway, thanks for your suggestions. It seems we'd need to build a layer on our API itself.

slayerduck•3/10/24, 7:45 AM

does anyone have a paid plan and the WAF suddendly went back to free plan? I'm getting exceeded the maximum number of rules in the phase http_request_firewall_custom: 19 out of 5 (Code: 50001) exceeded the maximum number of rules in the phase http_request_firewall_custom: 19 out of 5 (Code: 50001) but i have had pro for 5 years or so

slayerduck•3/10/24, 7:46 AM

ok its not just WAF, i completly lost all pro functionality even though its paid for yearly in dec 2023 and the site itself says pro

Flare•3/10/24, 9:43 AM

To contact Cloudflare Support about an issue, please visit the Support Portal and fill in the form on the portal. After submission, you will receive confirmation over email.

Some issues, such as Account or Billing related issues, cannot be solved by the community.
Any plan level (including Free plans) can open tickets for Account, Billing or Registrar ticket categories. Make sure to select the correct category to ensure it goes to the right place.
For more information on the methods by which you can contact Support for your plan level, see Contacting Cloudflare Support - Cloudflare Docs

slayerduck•3/10/24, 10:10 AM

yah, looking forward to get a response monday evening https://community.cloudflare.com/t/pro-site-missing-pro-features/626329/5

slayerduck•3/10/24, 11:15 AM

https://www.cloudflarestatus.com/incidents/txm1wtb3q75b

Issues with Cloudflare's Pay-as-you-Go Plans

az•3/10/24, 11:25 AM

can i transfer data to r2 from a url ?

az•3/10/24, 11:25 AM

i want to import my gcp bucket

Original message was deleted

slayerduck•3/10/24, 11:38 AM

i'm pretty sure my own custom rules still work, but the 'managed rules' to protect against certain exploits are gone

slayerduck•3/10/24, 11:38 AM

i can however, not edit any of them because free accounts only have 5, and i have more then 5 so it errors out when i try to change one

VVikash I was expecting a browser fingerprint id in CF header to better check if request...

DarkDeviLOP•3/10/24, 12:22 PM

Yeah, I understood that much, but unfortunately, no, that kind of stuff be on the Enterprise plan as Leo said above. IIRC, I even believe it's an add-on to the Enterprise plan.

I don't know where, or if your budget is limiting you somehow at all, but personally though, I doubt you will ever see any fingerprinting (or similar thing), on any free or perhaps ~ $20/month (Pro-price) plans anywhere, that you can actually rely on, so that you wouldn't have to do other things to secure your infrastructure.

My own personal opinion though, I also wouldn't rely on putting everything on the shoulders of any external third party (be it on Cloudflare or whatever), and expecting the third party to always be "magically" taking care of 100% of your issues all the time.

DarkDeviLOP•3/10/24, 12:24 PM

Your screenshot above were showing 10 accounts in ~14 minutes, from AS45727 (PT Hutchison CP Telecommunications), - you could also use these variables, and through the Cloudflare API adjust things and temporarily block networks for some time, if there have been too many registrations within a short time interval.

One account per ~ 1 minute from the same iSP? Whether that would be 'legitimate', or not, would depend on both yours and my network, in your network it might be unlikely (and likely illegitimate), but in my network, it could be necessary, and so forth.

(But that one would also require some sort of maintenance from your own end).

Original message was deleted

DarkDeviLOP•3/10/24, 12:25 PM

Thanks for the confirmation!

User4675•3/10/24, 12:31 PM

any idea how long changing ssl encryption mode takes to come into effect?

Original message was deleted

User4675•3/10/24, 12:32 PM

ive been waiting 7 mins so might be having an issue with something else then

User4675•3/10/24, 12:33 PM

i keep getting ERR_TOO_MANY_REDIRECTS which seems to predominantly be a cf ssl issue

Original message was deleted

DarkDeviLOP•3/10/24, 12:38 PM

"As usual", indeed.

I would personally just go with your own customised WAF rules that are tailored and regularly adjusted to meet your demands and expectations, instead of these [super] bot fight modes.

UUser4675 i keep getting ERR_TOO_MANY_REDIRECTS which seems to predominantly be a cf ssl i...

DarkDeviLOP•3/10/24, 12:40 PM

Did you purge the Cloudflare edge cache, to ensure the redirects aren't cached there?

https://dash.cloudflare.com/?to=/:account/:zone/caching/configuration

DDarkDeviL Did you purge the Cloudflare edge cache, to ensure the redirects aren't cached t...

User4675•3/10/24, 12:41 PM

I'll try that now thanks

DarkDeviLOP•3/10/24, 12:41 PM

There is also the possibility that your browser(s) may have cached the redirect(s).

DDarkDeviL There is also the possibility that your browser(s) may have cached the redirect(...

User4675•3/10/24, 12:42 PM

I've tried on an emulated browser as well and it still wasn't working so I don't think it is that

DarkDeviLOP•3/10/24, 12:46 PM

It might not be the case, but redirects could theoretically be cached everywhere in the chain, where there is an option for caching.

DDarkDeviL It might not be the case, but redirects could theoretically be cached everywhere...

User4675•3/10/24, 12:48 PM

I see. I'll have a look into the caching.

User4675•3/10/24, 12:49 PM

I turned on development mode so it should be bypassing caching but still experiencing the redirect issue.

UUser4675 I turned on development mode so it should be bypassing caching but still experie...

DarkDeviLOP•3/10/24, 12:51 PM

With development mode on, I'd lean a bit more towards taking a look at your server, rather than Cloudflare.

DarkDeviLOP•3/10/24, 12:52 PM

... assuming you have actually set the proper Full (STRICT) mode.

User4675•3/10/24, 12:52 PM

omg I was setting the ssl rule on the wrong domain

User4675•3/10/24, 12:52 PM

It works now

loneranger4978•3/10/24, 2:55 PM

Help please. Unable to add a custom domain to Worker & Pages. The domain is 备.com and the error I receive is "Please enter a valid domain."

Lloneranger4978 Help please. Unable to add a custom domain to Worker & Pages. The domain is 备.co...

Cyb3r-Jak3•3/10/24, 2:57 PM

Try adding the IDN domain as a custom domain

CCyb3r-Jak3 Try adding the IDN domain as a custom domain

loneranger4978•3/10/24, 2:59 PM

Worked. Thanks

GustyCube•3/10/24, 3:06 PM

Hey! I’ve seen certain cloudfare websites say things like “verifying your a human” when the page first loads, does anyone know how to do that and any other measures to make the site more secure against bots?

dave•3/10/24, 5:19 PM

Is there any response header that a server can send to a client to tell it that it should ignore the query string for caching?

satzkr•3/10/24, 5:40 PM

Hi is it possible to use Joi schemas as part of itty-router-openapiitty-router-openapi routers in workers ? If so can someone give me an example of how to use joi schema for requestBody schemas & use the same for swagger documentation ?

Chaika•3/10/24, 8:07 PM

they update really quickly yea, currently within 10s or so. I'd dig yourself and see if you can see it, otherwise I blame microsoft for not rechecking/cache

Chaika•3/10/24, 8:10 PM

make sure you don't have cname flattening enabled for the entire zone (is only an option to be enabled if you had pro or higher only though)

Chaika•3/10/24, 8:11 PM

yes

Chaika•3/10/24, 8:11 PM

flatten only apex

Chaika•3/10/24, 8:11 PM

no, it's exactly the opposite, it only applies for dns-only

Chaika•3/10/24, 8:11 PM

Proxied CName Records are always flattened due to the nature of how CF works

1. Seems like all the registrations are made from AS45727 (PT Hutchison CP Telecommunications), - if

Similar Threads