Skip to content

CloudFlare Overviewยถ

Customer consume API/Dashboard, via CloudFlare LoadBalancer feature. ๐Ÿ”— https://developers.cloudflare.com/load-balancing/

![[CloudFlare-US-09.51.excalidraw.png]]

CloudFlare Configurationยถ

Health Check is done with interval of 60s, timeout 5 seconds, and 2 retries.

Health Check Rules

URI Path: /health Response Code: 200 Response Body: {"status": "UP"}

With Request Header: api.us.unibeam.com , for TLS validation. Two pools are configured, one for each region.

CloudFlare Securityยถ

  • WAF: Enabled with ruleset atnt-us-api, atnt-us-dashboard
  • Custom List: atnt - ๐Ÿ”— https://developers.cloudflare.com/waf/tools/lists/custom-lists/#ip-lists
    • The list is managed via the account โ–ถ Manage Account โ–ถ Configurations โ–ถ Lists
  • WAF Custom Rule: Every http request that contains api.us.unibeam.com and not in allowed list will be blocked

{
	http.host eq "api.us.unibeam.com" and (not ip.src in $atnt)
}
* Action: Block with response type: Default Cloudflare WAF block page with status code 403

API/Dashboard Endpointsยถ

SIA/API Endpoint:

https://api.us.unibeam.com

Dashboard Endpoint:

https://dashboard.us.unibeam.com

Additional endpoints (Alias): Redirect 301

https://api.atnt.unibeam.com ==> https://api.us.unibeam.com