Update 'instructions.md'

This commit is contained in:
writecommit 2019-11-12 06:11:14 +01:00
parent 9bcc7beaad
commit ec8b499c7b
1 changed files with 35 additions and 1 deletions

View File

@ -32,6 +32,7 @@ There are many ways to detect it:
- [These add-ons](what-to-do.md) will help your Cloudflare collection. - [These add-ons](what-to-do.md) will help your Cloudflare collection.
- Visit a website via Tor or VPN, and you will be greeted by "Attention Required! Cloudflare" webpage. - Visit a website via Tor or VPN, and you will be greeted by "Attention Required! Cloudflare" webpage.
- Use "[Is MITM?](https://searxes.eu.org/collab/sxes/tool_ismitm.php)" webpage.
- Dig "[NS record](https://www.digwebinterface.com/?hostnames=emsisoft.com&type=NS&ns=resolver&useresolver=8.8.4.4&nameservers=)" of the domain. - Dig "[NS record](https://www.digwebinterface.com/?hostnames=emsisoft.com&type=NS&ns=resolver&useresolver=8.8.4.4&nameservers=)" of the domain.
``` ```
@ -50,13 +51,19 @@ Route 104.18.224.0/20
``` ```
2) How to add your data 2) How to add your data (A or B)
Type A: Push to Codeberg.org
1. Log in to *Codeberg.org*. 1. Log in to *Codeberg.org*.
2. Click "*Fork*" button. (top-left corner) 2. Click "*Fork*" button. (top-left corner)
3. Edit text file. 3. Edit text file.
4. Click *Double-arrow* button to create a *new pull request*. 4. Click *Double-arrow* button to create a *new pull request*.
Type B: Just scan the FQDN on "[Is MITM?](https://searxes.eu.org/collab/sxes/tool_ismitm.php)" webpage.
``` ```
IMPORTANT: Please add only "Base Domain" IMPORTANT: Please add only "Base Domain"
@ -190,3 +197,30 @@ to codeberg are automatically over Tor with this configuration
(because the `url` in `.git/config` references the virtual host (because the `url` in `.git/config` references the virtual host
`codeberg-snowden` in `~/.ssh/config`). `codeberg-snowden` in `~/.ssh/config`).
# About Cloudflare `base domain` list
Our mission is clear - `stay away from Cloudflare`.
If the `subdomain.example.com` is cloudflared, we add `example.com` to the database. (`subdomain.example.com` is the sub-domain of `example.com`. Only `the owner` of `example.com` can create sub-domain)
Even if `whatever.example.com` is _not_ behind cloudflare we _will_ raise a warning, because the base domain `example.com` is `cloudflare user`.
`The owner` of `example.com` can enable Cloudflare to `whatever.example.com` at any time without user's notice. It can be done from `dash.cloudflare.com` webpage or hitting `Cloudflare API`. `The owner` is supporting `Cloudflare` and this is severe `security risk`.
Until `the owner` completely stop using Cloudflare service for `example.com`, we _do not_ remove `example.com` from the database.
There is `no exception`.
If `the owner` moved away from `cloudflare` **completely**, you are welcome to add `example.com` to the "[ex_cloudflare_users.txt](cloudflare_users/ex_cloudflare_users.txt)" - after checking `example.com` with online tool below.
1. Open "[Is MITM?](https://searxes.eu.org/collab/sxes/tool_ismitm.php)" webpage.
2. Input `gitlab.com` and click `Skanu`.
3. Click `testo` for detailed scan.
4. If you got `---Finish---`, the domain might stopped using Cloudflare. We'll investigate and remove it - or not. (wait some days and scan again to see whether the domain is removed)
`Only a few Cloudflare user leave Cloudflare. False positive is uncommon.`