Hello, when cloudflare is disabled on the website the site works as it should be but without ssl, after enabling cloudflare it redirects to suspicious website. What could be a problem and how to solve it?
Check for unexpected page rules and redirect rules:
If there are, delete them as your account may have been compromised.
Then, check for changes to your account in the audit log:
Resecure your account:
- change the password
- set up 2FA
- change your global API key and any tokens; look for newly created tokens
Thank you!! there was a page rule with the redirect… Does it mean that cloudflare account was hacked?? That’s very strange Nobody except me has an access to cloudflare account and I am quite experienced admin… Know what fishing means…
As above, check the audit log to see when and who added it…
If it looks like you, then your email/password was found and used.
Don’t forget to ensure that your account login requires MFA, preferably with a hardware key. Be sure to securely save the one-time backup codes when enabling MFA.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.