Stop Credential Stuffing on Login with Cloudflare WAF Rules
A 3am login endpoint meltdown taught us why IP-based rate limiting fails against Cloudflare WAF credential stuffing โ here's the fix.
Terraform Cloudflare DNS Checklist Before Every Apply
A practical terraform cloudflare dns checklist to catch drift, proxied flag mistakes, and state issues before they hit prod.
Secure Kubernetes Dashboard with Cloudflare Zero Trust Tunnel
A practical checklist for locking down Kubernetes Dashboard with Cloudflare Tunnel and Zero Trust โ no VPN, no open NodePorts.
Cloudflare Workers Rate Limiting: 3 KV Mistakes We Made
We built Cloudflare Workers rate limiting on KV assuming it behaved like Redis. It didn't โ here's what broke and how we fixed it.
Cloudflare WAF Custom Rules for WordPress Origin Server Protection
Direct-IP attacks and bot-driven credential stuffing bypass Cloudflare entirely when your origin server is left unguarded. This tutorial walks through a layered WAF custom rule strategy โ from authenticated-origin pull validation to scanner User-Agent filtering โ implemented with Terraform and verified through Cloudflare Security Analytics.
โ Support us ยท ๐ณ Monobank