Comment by itscrush

Comment by itscrush a day ago

0 replies

View on Hacker News

Load Balancing && WAF or CDN enablement usually suggests at least a decrypt step or two in the HTTP(s) chain. WAF for layer7 payload inspection, or the default wildcard cert'ing your Cloudflare site for instance.

There's also significant aggregation of traffic at handfuls of service providers amongst service categories, all generally HTTP(s) type services too ... Mail, CDN, Video, Voice, Chat, Social, etc. Each of these are still likely to employ Load Balancing & WAF.

Most WAF/Load Balancing providers have documentation about when/where to perform decrypt in your architecture.

How many Cloudflare sites are just using the Cloudflare wildcard cert?

From there, plenty of 3 letter agency space to start whiteboarding how they might continue to evolve their attack chain.