Hi. I saw a bulletin from Cnet about a new bug called Cloudbleed: When I went to an app to see if any websites I use are on Cloudflare, I discovered that BigSoccer uses Cloudflare: http://www.doesitusecloudflare.com/?url=BigSoccer.com Is that app correct, and if so, what risk are we at? What steps have been/are being taken to mitigate such risk? Thanks for your help. Winoman
@dark knight @Janet H http://forums.bigsoccer.com/threads/bad-gateway.2008697/ and http://forums.bigsoccer.com/threads/bad-gateway-error-cloudflare-related.2017286/ are old topics about Cloudfare.
The old threads are about gateway errors, 2-3 years ago. This is a recent problem, involving the theft of passwords, and personal data. Can you or another tech person check to see if there has been any breach in security? Thanks, Winoman
As we understand the cloudflare bug we beleive there should be no issue with site passwords. We use cloudflare to protect against DDoS attacks and to help with site stability. The Cloudflare issue affected non-secure pages (http) but the login page for Big Soccer (where passwords and account login info are passed) is encrypted. The login pages are behind an https url. This page and pages where you change your account info are are encrypted. Here's the login page: https://forums.bigsoccer.com/login/