HTTP-01
-
Cloudflare patches ACME HTTP-01 validation bug that could bypass WAF
Cloudflare said in a blog post it fixed an ACME HTTP-01 validation bug on October 27, 2025 that could disable WAF rules and allow requests to reach origin servers.
Cloudflare said in a blog post it fixed an ACME HTTP-01 validation bug on October 27, 2025 that could disable WAF rules and allow requests to reach origin servers.
