Penetration Testing Permission


We want to get a web penetration testing done on my website, do I need permission from yourself (Cloudflare) to approve or can they go ahead and start testing my site?


I dont think you need any permission *). Keep in mind though, these tests might flag the originating IP address and you might get more/only challenges at some point.

*) You are only testing web related things, nothing on a network level (e.g. different ports), right?

It looks to be both web and some infrastructure. Infrastructure would need permission or rather how do I know they are secure?

If you test the infrastructure, you’d be testing Cloudflare’s and that might need some permission, respectively might not be appreciated at all. Best to contact support.

This topic was automatically closed after 30 days. New replies are no longer allowed.