http firewalls webserver cdn: Updated Thu, 04 Aug 2022 08:36:54 GMT

How to know if the response is from the CDN and not the origin?

I am doing some bug hunting. I inserted a malicious payload into a request. But I am not sure if the response is from CloudFlare or the origin. Are there special headers which help me to distinguish the origin from the CDN? I always see the HTTP header Server: CloudFlare even if the response came from the origin. Why don't I see Server: Nginx?

Solution

I'm not sure how you're accessing the origin directly unless you're accessing the origin by using its IP. Once you point your domain name at Cloudflare, all requests go through Cloudflare.

Assuming you're accessing the domain name, the content itself did come from your origin even if Cloudflare is currently returning a cached response. You can see if it's a cached response based 'cf-cache-status' header (hit = Cloudflare cache, miss = Cloudflare had to make a request to your origin because it didn't have anything in cache).

You can also turn on Development Mode so Cloudflare bypasses cache.

Temporarily bypass our cache. See changes to your origin server in realtime.

Cheers.

References

https://security.stackexchange.com/questions/242483