Cloudflare Vulnerability Does Not Affect Us

Last night Cloudflare reported that a vulnerability in their parser exposed customer information. We route two of our domains through Cloudflare for performance ( and and have reviewed the vulnerability reports. We’ve determined that we have not been affected by this issue and none of our customer data has been exposed. The reason for this is we only route static sites through the Cloudflare proxy, specifically:


None of these sites collect information with the exception of two anonymous contact forms on which does not use the feature flags identified in the vulnerability report.

Future Use of Cloudflare

We are currently testing a new version of the Loupe Service which separates the static content of the site (notably our AngularJS codebase) from the data API specifically so we can route thee static content through Cloudflare to improve startup performance around the world. We are reviewing these plans to be sure that at no time we route data through Cloudflare as the theoretical performance improvement is not worth the potential risk.

Related Posts

Loupe Agent for .NET Core

How to get up and running quickly with the new Loupe Agent for .NET Core, our fully open source agent for cross-platform .NET development including .NET Standard 1.1 and 2.0. Read more

PostSharp Diagnostics Now Supports Loupe in the Box

The latest update to PostSharp Diagnostics adds Loupe support, enabling extensive high-performance logging to be added to any .NET application with virtually no code changes. PostSharp even has a great free option for developers that complements Loupe Desktop! Read more

Rock solid centralized .NET logging

Unlimited applications, unlimited errors, scalable from solo startup to enterprise.