What is Authenticated Origin Pulls?

detteiu.x14th · January 24, 2018, 8:19am

I don’t know what is Authenticated Origin Pulls.
I want to disallow MITM.

When I enable and setup Authenticated Origin Pulls, I can disallow MITM?

stephane · January 24, 2018, 9:06am

What do you mean by MITM? If you’re referring to the fact Cloudflare is doing the SSL termination, authenticated origin pulls isn’t changing this logic.

Authenticated Origin pulls is a feature that allows you to authenticate our EDGE to your Origin with TLS, this way you don’t need to filter your public accesses based on our IP Ranges but just activate the mutual TLS auth at your premises instead with the CA provided through this link: https://blog.Cloudflare.com/protecting-the-origin-with-tls-authenticated-origin-pulls/

saul · January 24, 2018, 9:08am

You should configure your web server so only the authenticated pull will work and other access without a valid cert will fail… then only Cloudflare would be able to pull content form your site.

Config examples for Apache and nginx are at the bottom of this how-to:

https://support.cloudflare.com/hc/en-us/articles/204899617-Authenticated-Origin-Pulls

Topic		Replies	Views
Why is 'Authenticated Origin Pulls' still working when disabled? Security dash-ssl-tls , dash-getting-started	1	2199	April 24, 2018
Authenticated Origin Pulls per Client Security dns , dash-ssl-tls , dash-getting-started	7	4009	August 9, 2018
Authenticated origin pulls with cloudways Security	4	2731	January 4, 2022
Authenticated origin pull Security	4	2645	June 4, 2021
Does Authenticated Origin Pulls guarantee that traffic to origin Security	3	898	September 14, 2023

What is Authenticated Origin Pulls?

Related topics