Skip to content

Add FAQ: random hostnames in HTTP logs for partial zones #27398

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rianvdm merged 3 commits into from
Jan 5, 2026
Merged

Add FAQ: random hostnames in HTTP logs for partial zones #27398

rianvdm merged 3 commits into from
Jan 5, 2026
+128 −13

Conversation

@rianvdm
Copy link
Contributor

@rianvdm rianvdm commented Jan 4, 2026

Summary

Adds a new FAQ page explaining why customers with partial (CNAME) zones see unexpected hostnames in their HTTP request logs.

What this PR adds

New page: /logs/faq/random-hostnames-partial-zones/

Covers:

  • Root cause — Host header injection attacks targeting partial zones
  • How to identify — Request count patterns, hostname patterns, source IPs
  • Solutions — WAF custom rule to block invalid hosts, Logpush filtering options
  • Common questions — Security risk assessment, origin impact, verification steps

Updated: /logs/faq/index.mdx

  • Added navigation link to the new FAQ page

Why

This is a common support question for customers using partial zone setups. The behavior is expected (Cloudflare logs the Host header as-is) but can be confusing without context.

@rianvdm
Add FAQ: random hostnames in HTTP logs for partial zones
bec23aa 
Explains why customers with partial (CNAME) zones may see unexpected
hostnames in HTTP request logs due to Host header injection attacks.
Includes identification patterns and WAF custom rule solution.
@rianvdm rianvdm requested review from a team, angelampcosta and soheiokamoto as code owners January 4, 2026 14:27
@github-actions github-actions bot added size/m product:logs Related to Logs labels Jan 4, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Jan 4, 2026

This pull request requires reviews from CODEOWNERS as it changes files that match the following patterns:

Pattern Owners
/src/content/docs/logs/ @soheiokamoto, @angelampcosta, @cloudflare/pcx-technical-writing

@github-actions
Copy link
Contributor

github-actions bot commented Jan 4, 2026
edited
Loading

Preview URL: https://5ba80dc7.preview.developers.cloudflare.com
Preview Branch URL: https://rian-logs-random-hostnames.preview.developers.cloudflare.com

Files with changes (up to 15)

Original Link Updated Link
https://developers.cloudflare.com/logs/faq/random-hostnames-partial-zones/ https://rian-logs-random-hostnames.preview.developers.cloudflare.com/logs/faq/random-hostnames-partial-zones/
https://developers.cloudflare.com/logs/faq/ https://rian-logs-random-hostnames.preview.developers.cloudflare.com/logs/faq/

rianvdm added 2 commits January 4, 2026 06:46
@rianvdm
Add FAQ: random hostnames in HTTP logs for partial zones
879f54b 
Explains why customers with partial (CNAME) zones may see unexpected
hostnames in HTTP request logs due to Host header injection attacks.
Includes identification patterns and WAF custom rule solution.
@rianvdm
Merge branch 'rian/logs-random-hostnames' of https://github.com/cloud…
5ba80dc 
…flare/cloudflare-docs into rian/logs-random-hostnames
@rianvdm rianvdm enabled auto-merge (squash) January 4, 2026 18:32
@rianvdm rianvdm merged commit 2048e87 into production Jan 5, 2026
9 checks passed
@rianvdm rianvdm deleted the rian/logs-random-hostnames branch January 5, 2026 14:41
@asmaylsydbdalzym808-sketch
Copy link

asmaylsydbdalzym808-sketch commented Jan 5, 2026 via email

@asmaylsydbdalzym808-sketch
Copy link

asmaylsydbdalzym808-sketch commented Jan 5, 2026 via email

ravindra-dyte pushed a commit to dyte-io/cloudflare-docs that referenced this pull request Jan 7, 2026
@rianvdm @ravindra-cloudflare
Add FAQ: random hostnames in HTTP logs for partial zones (cloudflare#…
f50f24f 
…27398)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@angelampcosta angelampcosta angelampcosta approved these changes

@soheiokamoto soheiokamoto Awaiting requested review from soheiokamoto soheiokamoto is a code owner

Assignees

@soheiokamoto soheiokamoto

@angelampcosta angelampcosta

Labels

product:logs Related to Logs size/m

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@rianvdm @asmaylsydbdalzym808-sketch @angelampcosta @soheiokamoto