New Magento WAF Rule – RCE Vulnerability Protection

Published on by Peter Dumanian.

Today the Magento Security Team created a new ModSecurity rule and added it to our WAF rules to mitigate an important RCE (remote code execution) vulnerability in the Magento web e-commerce platform. Any customer using the WAF needs to click the ON button next to the “CloudFlare Magento” Group in the WAF Settings to enable protection immediately. Both Magento version 1.9.1.0 CE and 1.14.…

Of Phishing Attacks and WordPress 0days

Published on by Marc Rogers.

Proxying around 5% of the Internet’s requests gives us an interesting vantage point from which to observe malicious behavior. However, it also makes us a target. Aside from the many and varied denial of service (DDoS) attacks that break against our defenses, we also see huge number of phishing campaigns. In this blog post I'll dissect a recent phishing attack that we detected and neutralized with the…

Contributing back to the security community

Published on by Ryan Lackey.

This Friday at the RSA Conference in San Francisco, along with Marc Rogers, Principal Security Researcher at CloudFlare, I'm speaking about a version of The Grugq's PORTAL, an open source network security device designed to make life easier and safer for anyone traveling, especially internationally, with phones, tablets, laptops, and other network-connected devices. Portal uses open-source software and services to take inexpensive, commodity travel routers and turn them…

Protection against critical Windows vulnerability (CVE-2015-1635)

Published on by Ben Cartwright-Cox.

A few hours ago, more details surfaced about the MS15-034 vulnerability. Simple PoC code has been widely published that will hang a Windows web server if sent a request with an HTTP Range header containing large byte offsets. We have rolled out a WAF rule that blocks these requests. Customers on a paid plan and who have the WAF enabled are automatically protected against this problem. It is…