Can I use ja3Hash for detect client?

Hello there,

I am fetching information of the client by this CF API:
I am planning to build some middleware based on IP, so expected that I would get the user IP from that but I did not. Instead that I saw a field seems to help me do the same thing: ja3Hash

I am not an expert in security, can you tell me is ja3Hash unique and fixed for a computer with a static IP?

Thank you!

You can read more about the JA3 Fingerprint here: JA3 Fingerprint · Cloudflare bot solutions docs

As well as here: GitHub - salesforce/ja3: JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

It doesn’t really have anything to do with IPs though, and is simply for fingerprinting the SSL/TLS connection of a client, looking at its TLS handshake. While it can provide unique information about the client, it’s not guaranteed to be consistent for a computer with a static IP. Things like the browser used, software updates, and many other factors can cause the JA3 hash to change. It cannot be used as a reliable way of tracking an individual computer or IP address.

The feature is generally only available to Enterprise customers. That endpoint is currently there for wrangler/miniflare to get real values when developing locally, so use it at your own risk. It might disappear or return different/incorrect values at any time.


This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.