Some organizations that consider SSH or HTTPS not secure enough, prefer to deal with more complex architectures by self-hosting and putting their source code repositories and application environments behind private networks.
Being able to access such resources is essential for Fluid Attacks' service.
We use Cloudflare Zero Trust Network Access for this.
Granting access to your resources
In order to grant Fluid Attacks access to your private resources, you need to:
Fill out the following form in order to provide us with the required details for setting up the secure connection. Once submitted, in less than 8 office hours you will receive a SECRET TOKEN that you will use in later steps.
Install cloudflared on the server you want to share. This will be the server used by Fluid Attacks to access your private network.tip
If you intend to share access to several servers within the same private network, you only need to install
cloudflaredin one of them.
Make sure the server where you installed
cloudflaredhas firewall egress permissions for the required traffic.tip
If you intend to share access to several servers within the same private network, make sure your firewall rules allow communication among them.
As a system administrator, run the following command using the SECRET TOKEN provided by Fluid Attacks.
- Linux & Mac
cloudflared.exe service install <SECRET TOKEN>
cloudflared service install <SECRET TOKEN>caution
Make sure you run this command as a System Administrator.
Testing your connection
You can test your connection connectivity to make sure everything is working properly.
Restricting access in your private network
Fluid Attacks uses the server
in which you installed
for accessing your private network.
We recommend creating
minimum privilege firewall rules
in order to only expose those resources
that are necessary.
If you require additional support, do not hesitate to contact us.