Amber Signals Documentation
  • Welcome
  • API
  • Media
  • Tutorials
    • Create Asana Notification
    • Monitoring DNS Records
    • Zero Trust Application Protection for Cloudflare™
    • Github Releases
    • Monitor TLS Certificates Expiration
    • Create A Slack Webhook
    • Create a Discord Webhook
    • Bitcoin Balance Monitoring
    • Get Wargear API Key
Powered by GitBook
On this page
  • Introduction
  • Step 1
  1. Tutorials

Zero Trust Application Protection for Cloudflare™

PreviousMonitoring DNS RecordsNextGithub Releases

Last updated 8 months ago

Introduction

A Zero Trust Application by Cloudflare is an web application that is protected by Cloudflare Access. This application can be self hosted or is a third party provider. The important part is that it is protected by your Cloudflare account and you configured it that only specific users can access it with your identity provider.

Let's say you have a website that only certain people in your organization can access and it is reachable via secure.example.com. The website itself is running on a server and access is only possible via Cloudflare servers and its DNS proxy servers. With Cloudflare Access you have configured a Identity Provider (e.g. Google) and configured an Application in Zero Trust Cloudflare Portal to limit access to certain people. This works perfectly and users who are not authenticated will be prompted with a login page from Cloudflare.

Example page from the Cloudflare Blog.

Now the problem is, how do you know that the Access Application is not modified or removed and works as expected? Unfortunately it is very easy to change the configuration in the Cloudflare without even knowing that the protection is removed. There is no easy visible option that will indicate this.

With Amber Signals we are going to monitor the website from outside of the Cloudflare network and notify you when the protection was removed. This is possible for us without having any access to your Cloudflare account and can be done as seen from a intruder that might want to access your sensitive information.

Step 1

The website we want to monitor is secure.example.com and we just need to head over to the dashboard and select "Zero Trust Application".

The description should be something that you can identify this. The address is the URL where the website is reachable from.

Once selected the notification channel you can save it with confirming on "Add". Now we will keep you informed when the protection from Cloudflare is removed.

Once we detect a change, we will keep informing you until you fix it. If you do not monitor this, sensitive information could be exposed.

Stay safe!

Page cover image