From ec8b499c7b86fe6a12fc260bab43702d6f801b6f Mon Sep 17 00:00:00 2001 From: writecommit Date: Tue, 12 Nov 2019 06:11:14 +0100 Subject: [PATCH] Update 'instructions.md' --- instructions.md | 36 +++++++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/instructions.md b/instructions.md index 574ef8d3..0d2ea91d 100644 --- a/instructions.md +++ b/instructions.md @@ -32,6 +32,7 @@ There are many ways to detect it: - [These add-ons](what-to-do.md) will help your Cloudflare collection. - Visit a website via Tor or VPN, and you will be greeted by "Attention Required! Cloudflare" webpage. +- Use "[Is MITM?](https://searxes.eu.org/collab/sxes/tool_ismitm.php)" webpage. - Dig "[NS record](https://www.digwebinterface.com/?hostnames=emsisoft.com&type=NS&ns=resolver&useresolver=8.8.4.4&nameservers=)" of the domain. ``` @@ -50,13 +51,19 @@ Route 104.18.224.0/20 ``` -2) How to add your data +2) How to add your data (A or B) + +Type A: Push to Codeberg.org 1. Log in to *Codeberg.org*. 2. Click "*Fork*" button. (top-left corner) 3. Edit text file. 4. Click *Double-arrow* button to create a *new pull request*. + +Type B: Just scan the FQDN on "[Is MITM?](https://searxes.eu.org/collab/sxes/tool_ismitm.php)" webpage. + + ``` IMPORTANT: Please add only "Base Domain" @@ -190,3 +197,30 @@ to codeberg are automatically over Tor with this configuration (because the `url` in `.git/config` references the virtual host `codeberg-snowden` in `~/.ssh/config`). + +# About Cloudflare `base domain` list + +Our mission is clear - `stay away from Cloudflare`. + +If the `subdomain.example.com` is cloudflared, we add `example.com` to the database. (`subdomain.example.com` is the sub-domain of `example.com`. Only `the owner` of `example.com` can create sub-domain) + +Even if `whatever.example.com` is _not_ behind cloudflare we _will_ raise a warning, because the base domain `example.com` is `cloudflare user`. + +`The owner` of `example.com` can enable Cloudflare to `whatever.example.com` at any time without user's notice. It can be done from `dash.cloudflare.com` webpage or hitting `Cloudflare API`. `The owner` is supporting `Cloudflare` and this is severe `security risk`. + +Until `the owner` completely stop using Cloudflare service for `example.com`, we _do not_ remove `example.com` from the database. + +There is `no exception`. + +If `the owner` moved away from `cloudflare` **completely**, you are welcome to add `example.com` to the "[ex_cloudflare_users.txt](cloudflare_users/ex_cloudflare_users.txt)" - after checking `example.com` with online tool below. + + +1. Open "[Is MITM?](https://searxes.eu.org/collab/sxes/tool_ismitm.php)" webpage. + +2. Input `gitlab.com` and click `Skanu`. + +3. Click `testo` for detailed scan. + +4. If you got `---Finish---`, the domain might stopped using Cloudflare. We'll investigate and remove it - or not. (wait some days and scan again to see whether the domain is removed) + +`Only a few Cloudflare user leave Cloudflare. False positive is uncommon.` \ No newline at end of file