Cloudflare’s team of security analysts monitor for upcoming threats and vulnerabilities and where possible put protection in place for upcoming threats before they compromise our customers.
Cloudflare is adding Drupal WAF Rule to Mitigate Critical Drupal Exploit
Drupal has recently announced an update to fix a critical remote code execution exploit (SA-CORE-2018-002/CVE-2018-7600). This patch is to disallow forms and form fields from starting with the “#” character.
Automatic protection for common web platforms
If you are a CloudFlare Pro or above customer you enjoy the protection of the CloudFlare WAF. If you use one of the common web platforms, such as WordPress, Drupal, Plone, WHMCS, or Joomla, then it's worth checking if the relevant CloudFlare WAF ruleset is enabled. That's because CloudFlare pushes
The CloudFlare Drupal Extension
A Drupal developer, Brian Stevenson, recently created a CloudFlare Drupal extension that will help Drupal site owners get the original visitor IP at the Drupal level. Some common FAQs about the CloudFlare Drupal Extension.