Urgent: Malicious Script Injection Only on HTTPS (Cloudflare Issue?)
Hey everyone, I'm facing a serious issue with my website, and I need help identifying the cause.
- My website is https://americadelsurtours.com and it's behind Cloudflare.
- When accessing the site over HTTPS, a malicious script is injected into the page.
- The script attempts to fetch data from data-seed-prebsc-1-s1.bnbchain.org and runs obfuscated JavaScript.
- However, when accessing http://americadelsurtours.com (without HTTPS), the script does not appear.
- I have checked my Nginx configuration, SSL certificates, and server files (/var/www/html/index.html), and the script is not present on my server.
- Running curl -s -k https://americadelsurtours.com | grep -i "data-seed-prebsc-1-s1.bnbchain.org" confirms that the script is being injected only when using Cloudflare HTTPS.
This makes me suspect that either Cloudflare is compromised, or there is an unknown misconfiguration. Has anyone encountered this issue before? Any ideas on how to fully debug and fix this?
- My website is https://americadelsurtours.com and it's behind Cloudflare.
- When accessing the site over HTTPS, a malicious script is injected into the page.
- The script attempts to fetch data from data-seed-prebsc-1-s1.bnbchain.org and runs obfuscated JavaScript.
- However, when accessing http://americadelsurtours.com (without HTTPS), the script does not appear.
- I have checked my Nginx configuration, SSL certificates, and server files (/var/www/html/index.html), and the script is not present on my server.
- Running curl -s -k https://americadelsurtours.com | grep -i "data-seed-prebsc-1-s1.bnbchain.org" confirms that the script is being injected only when using Cloudflare HTTPS.
This makes me suspect that either Cloudflare is compromised, or there is an unknown misconfiguration. Has anyone encountered this issue before? Any ideas on how to fully debug and fix this?
Welcome to the official Cloudflare Developers server. Here you can ask for help and stay updated with the latest news
85,042Members
Resources
Similar Threads
Was this page helpful?
