Cloudflare Botfight and DNS

Ramos · July 11, 2025, 6:57am

RATE MY SETUP:

Modify evilginx source code so Cloudflare botfight and WAF load balancers are not blocked (sed -i ‘s_proxyHeaders := string{"&CF-Connecting-IP", "’ evilginx2/core/http_proxy.go)
Set up “@” and subdomain-specific cloudflare DNS records pointing to my droplet IP (Cloudflare proxy off)
Enable phishlet (with autocert on, blacklist unauth, established hostname and hidden phishlet)
In cloudflare, go to SSL/TLS>Overview>SSL/TLS Encryption>Configure and set it to Full (or Full Strict ← NOT SURE)
Go to cloudlfare DNS, set cloudflare proxy on

fluxxset · July 11, 2025, 6:58am

if u using private or origin certifcate from cloudflare then use strict mode and in that case only u can enable loudflare proxy on a name records .

Ramos · July 11, 2025, 1:44pm

So I should only use strict mode if origin certificate is issued? For just BotFIght and WAF I can set SSL/TLS encryption to full instead of full strict?

Snow8585 · July 11, 2025, 1:49pm

@fluxxset please i need your attention

fluxxset · July 11, 2025, 8:08pm

strict Mode and enable proxy on A name reccords

fluxxset · July 11, 2025, 8:08pm

How can i help, msg me