Zero Trust Application Protection for Cloudflare™

Introduction

A by Cloudflare is an web application that is protected by Cloudflare Access. This application can be self hosted or is a third party provider. The important part is that it is protected by your Cloudflare account and you configured it that only specific users can access it with your identity provider.

Let's say you have a website that only certain people in your organization can access and it is reachable via secure.example.com. The website itself is running on a server and access is only possible via Cloudflare servers and its DNS proxy servers. With Cloudflare Access you have configured a Identity Provider (e.g. Google) and configured an Application in Zero Trust Cloudflare Portal to limit access to certain people. This works perfectly and users who are not authenticated will be prompted with a login page from Cloudflare.

Now the problem is, how do you know that the Access Application is not modified or removed and works as expected? Unfortunately it is very easy to change the configuration in the Cloudflare without even knowing that the protection is removed. There is no easy visible option that will indicate this.

With Amber Signals we are going to monitor the website from outside of the Cloudflare network and notify you when the protection was removed. This is possible for us without having any access to your Cloudflare account and can be done as seen from a intruder that might want to access your sensitive information.

Step 1

The description should be something that you can identify this. The address is the URL where the website is reachable from.

Once selected the notification channel you can save it with confirming on "Add". Now we will keep you informed when the protection from Cloudflare is removed.

Once we detect a change, we will keep informing you until you fix it. If you do not monitor this, sensitive information could be exposed.

Stay safe!