Dealing with the Cloudbleed Aftermath: How to Quickly and Safely Switch WAF Services

Home / Cybersecurity / Dealing with the Cloudbleed Aftermath: How to Quickly and Safely Switch WAF Services

Cloudbleed critical security flaw

While the word “cloud” has been growing in popularity and the “IT-trend” in virtual circles everywhere, the past couple of weeks have been a tough one for the Cloud. The term “Cloudbleed” has been tossed around the IT and Cloud communities as a critical security flaw in Cloudflare’s CDN was recently discovered. It is ironic how catastrophic this flaw has been, and it all pointed to one character. An instance of “==” (which allowed for the buffer to be overrun) should have actually been “>=”.

/* generated code */
if ( ++p == pe )
goto _test_eof;

This small, but serious, flaw allowed for computers to obtain random chunks of others’ private information. Tavis Ormandy, who found the flaw, listed things that he had found: private messages from dating sites, full messages from chat services, online password manager data, hotel bookings – and so much more. Depending on which portions of companies’ traffic ran through Cloudflare, https requests, IPs, cookies, passwords, keys have all been compromised.

The issue is exacerbated, because not only was private data compromised, it was also leaked and taken up by search engine caches. And while major search engines have cooperated in order to scrub this from their caches, the vulnerability went unnoticed for months with the period of largest damage done between February 13 and 18. It’s understandable that companies and individuals alike are in panic mode and many have made the decision to change their services, utilizing similar services like Cloudbric which allows for a quick switch that can address a concern that many anxious users may have at this time. To help you out, here are some quick and easy measures to take to clean up the Cloudbleed mess if you’re going to change service providers.

Cloudbleed Clean Up: How to Change to Cloudbric

After checking which of your accounts may have been compromised, change your passwords to a strong one: a minimum of eight characters, both upper and lowercase. Additionally, you should use a mix of letters, numbers, and symbols. Then you can get started on changing over to Cloudbric’s full-service website security.

STEP ONE: Sign Up For an Account and Add Your Site

Cloudbric signup step one

Yes, it’s as simple as it sounds. Sign up for an account with your email address, password, and simply input your domain. You can also add your subdomains once your register your main domain.

STEP TWO: Configure your settings

Cloudbric signup step two

Cloudbric has Internet Data Centers (IDCs) all over the world, so choose the closest IDC and confirm your website’s SSL status. With Cloudbric, SSL certificates are free and automatically renewed, making it just a bit easier for you.

STEP THREE: Change Your DNS Settings to Cloudbric

Cloudbric signup step three

Whatever service you’re currently using, you’ll be asked to simply re-route traffic through Cloudbric’s network so that we can properly secure your site.

That’s it. Three steps.

What about the steps you need to take after to manage your website security? There’s no need to worry because we use a logic analysis engine developed by Penta Security, which requires no signature updates. Signature-free means that we use 26 search parameters to monitor your traffic and block threats logically. The result is extremely low false positives, and increased security at an affordable price (free up to 4GB of traffic monthly).

Cloudbleed shows that even the smallest of flaws can be catastrophic for users and companies all over the world (Cloudflare is used by over 5 million websites). But, the silver lining is that this can be an opportunity to find out alternatives that might be a better fit for your website. Make sure to put security first and always do research on what you may be utilizing for your site. For more information on Cloudbric, check out www.cloudbric.com or drop us a line at cloudbric@pentasecurity.com.

Cloudbric Support
Cloudbric Support
Cloudbric is a cloud-based web security service, offering a Web Application Firewall (WAF), DDoS protection, SSL, and CDN, all in a full-service package. For guest blog inquires please email karen.cruz@cloudbric.com.
Related Posts

Leave a Comment