CD
Cloudflare Developers2mo ago
Fred

workers.dev spam

My workers are receiving a lot of spam lately on the workers.dev routes. Should they be disabled or is there a better way to handle it?
5 Replies
Cyb3r-Jak3
Cyb3r-Jak32mo ago
Disabling is the best way. It is because bots scrape the certification issue list so they see the ones issued to your dev domain
Fred
Fred2mo ago
Ok, thanks. That was my guess. I could not see the FQDN in the TLS certificate. But maybe I looked in the wrong place. The TLS certificate does not contain the FQDN. So somebody thought about this but then something happend.
Chaika
Chaika2mo ago
what are you talking about? There's a unique wildcard cert for every worker, here's a few examples: https://crt.sh/?q=tylerobrien.workers.dev
crt.sh | tylerobrien.workers.dev
Free CT Log Certificate Search Tool from Sectigo (formerly Comodo CA)
Chaika
Chaika2mo ago
No description
Fred
Fred2mo ago
Yes, that is my conclusion too. So, the FQDN is not in the public certificate. But then there is an ordering process... Maybe the theory is a wild goosechase but somehow bots are finding the FQDN for my workers. I think the certificate idea is wrong since the same certificate is used across different workers on the same subdomain. Not great that the workers.dev urls are enabled by default when there is no way to secure them from bots.
Want results from more Discord servers?
Add your server
More Posts
Ipv6is ther a way to block any ipv6 adress that requestes[Solved] Simulate DDoS attack on my Cloudflare serverI'm using my own server, but I'm working on a school project where I have to simulate a D/DoS attackProblems with wrangler when developing worker in RustI have a worker that's written in Rust and I'm trying to run it locally with `npx wrangler dev`. DuTail Worker Error HandlingHi all, If tail worker fails while sending logs to remote endpoint, what happens? Is it retried? Or Wrangler CLI to push build for Git linked pages projectBasically I want to understand is there a way to link the Wrangler CLI to an existing git linked proCopy&Pasting Pages secrets from .dev.vars does not work for long valuesHi, when pasting variables from a .dev.vars file (or .env, doesn't matter), it works fine as long asHaving a lot of Invalid Traffic on my Cloudflare pages app. Any solution?I am having a lot of IVT on my CF pages app. I am not sure what is going on. Is there any CF servicePreview builds "No deploy available"When building on our preview branches, the command responds saying it is successful. but when lookinAmazing, @Frederik — thanks forAmazing, @Frederik — thanks for confirming it's an issue on your end, and we're looking forward to a[Solved] Error while running get started code using Browser Render API - ScreenshotI'm trying to run the get started screenshot code - link But I get the error > Cannot read properti