Click to open network menu
Join or Log In
Mobafire logo

Join the leading League of Legends community. Create and share Champion Guides and Builds.

Create an MFN Account


's Forum Avatar

Cloudbleed Security Breach

Creator: Matt February 24, 2017 5:39am
Matt's Forum Avatar
Show more awards
Dec 8th, 2009
Permalink | Quote | PM | +Rep February 24, 2017 5:39am | Report
As some of you may have heard, another major security breach has come to light that affects all of us, this one is named Cloudbleed. I wanted to provide a little info for you all and also address what this means for our own sites, as we use Cloudflare.

First off, what is Cloudflare? They are a service that sits between a website and its users. If a site is running through Cloudflare, any request you make to that site passes through Cloudflare's servers first before being sent on to the actual site's own servers. There are a whole lot of benefits from doing this, but the biggest two are distributed caching (faster load times, lower bandwidth costs) and DDoS protection. A number of services exist to do this, but Cloudflare is probably the biggest. A huge slice of the internet uses Cloudflare.

Now, what is Cloudbleed? Cloudbleed is a bug that Cloudflare had in their code which, in short, caused random bits of data (potentially any data that passed through their servers) to be leaked to the public for a period of time (seems like around 6 months). This data could have originated from any site that uses Cloudflare, and it could have been unimportant data like HTML fragments, or it could have been sensitive data like passwords and private messages.

So how bad is it? Luckily it was only a tiny portion of requests that leaked data in this way, and Cloudflare had time to fix the bug before it became widely known. However, some of this leaked data was cached by search engines and crawlers. Cloudflare has been working with Google, Bing, etc... to find, track and purge any such cached data. So, really it's hard to say just how bad it is, but it certainly wouldn't hurt to change some of your most important passwords.

How does it affect MOBAFire and our community? Well, like every Cloudflare site, there was the potential for MOBAFire data to be leaked by other Cloudflare sites. However, Cloudflare has been contacting all of their customers to inform them of whether or not any of their data was leaked. They reached out to us and told us that no information from any of our sites has been discovered in the wild, and that they will inform us if they find any in the future.

So, the MOBAFire Network itself seems to be unaffected, but due to the amount of sites that use Cloudflare, odds are good you have used other sites that may have been affected. So again, it might be wise to change some of your most important passwords.

Here are links for more information;

Official statement:

Reddit discussion:

List of potentially affected sites:

List of sites with confirmed leaks:
Ekki's Forum Avatar
Show more awards
Nov 28th, 2013
Permalink | Quote | PM | +Rep February 24, 2017 5:08pm | Report
Thanks for the info!

I don't think any website I care about is within those lists, but it's both a really long list of websites and one that doesn't include any of the major webpages (going by what I've read), which makes sites of interest really hard to pinpoint :/

You need to log in before commenting.

League of Legends Champions:

Teamfight Tactics Guide