MCP bridge rate-limit X-Forwarded-For ile bypass edebiliyordum — CF-Connecting-IP fail-closed (PR #631 HHH F3)

Adana Cukurova mezunu 32-yas bagimsiz ML engineer + AI integrator Sercan 5-yil LLM + RAG + MCP server entegrasyonu @sercanai_dev. Q1 2026 Adana + Mersin bolgesel restoran zincirleri icin menu-aware AI asistani build ediyor thMenu MCP bridge 12 zincirin menusunu RAG ile sorgulayip oneri cikariyor. Dev pipeline full menu ingestion list_public_menus + search_products dakikada 100 istek 429 Too Many Requests. Rate limit IP basina varsaydi curl --resolve farkli origin host hala 429 sonra curl -H X-Forwarded-For: 9.9.9.9 200 OK bucket reset. 50 farkli XFF degeri loop hepsi 200 OK. Worker rate-limit bucket X-Forwarded-For header dan IP okuyordu client-controllable. Niye kritik LLM agent dakikada yuzlerce sorgu rate-limit bypass varsa AI agent unlimited burn + saldirgan search_products + list_public_menus ile menu scraping + D1 LIKE-scan bound siz AUDIT-5C limitleri defeated. Sercan biliyordu Cloudflare standart pattern CF-Connecting-IP tek dogru kaynak edge de set client-controllable degil X-Forwarded-For fallback rate-limit pencere sifirlar. security@thmenu.com writeup. Engineering 90 dakika reproduce 2 yanlis teori (1) XFF ignore sadece CF-Connecting-IP — kismi dogru ama eksik origin bypass CF-Connecting-IP unset hala acik kapi; (2) CF-Connecting-IP yoksa fail-open bypass — yanlis origin bypass unlimited request dogru pattern fail-closed 503. Adli analiz cloudflare/workers/mcp-bridge + cloudflare/src/middleware/rate-limit.ts const ip = req.headers.get cf-connecting-ip ?? req.headers.get x-forwarded-for ?? unknown defense-in-depth iyi niyetle yazilmis ama 3 path da exploit XFF spoof bucket sifirla origin bypass unknown bucket paylasimi. Pattern Cloudflare arkasinda Worker CF-Connecting-IP exclusive fallback ASLA. JJ-5 + UU F1 + VV F5 batch lerinde audit-log writers larinda cozulmus pattern MCP bridge sweep de gozden kacmis. PR #631 batch HHH F3 3-katmanli fix Layer 1 rate-limit middleware CF-Connecting-IP exclusive yoksa 503 fail-closed origin_unverifiable response + Cloudflare proxy gerektigi help. Layer 2 MCP bridge tool call D1 LIKE-scan bound search_products max 50 LIMIT 50 q en az 3 char list_public_menus max 100 LIMIT 100 pagination cursor AUDIT-5C zorlaniyor. Layer 3 security headers X-Content-Type-Options nosniff Referrer-Policy strict-origin-when-cross-origin Cache-Control no-store rate-limit response cache lenmemeli stale 429 bypass. Production audit 90-day XFF set CF-Connecting-IP mismatch 2847 istek cogu legitimate 312 origin direct hit 5 farkli /16 blok bot scraping Hetzner DE-1 + DigitalOcean NYC1 WAF block. Deploy sonrasi 7 gun 429 oran %0.3 -> %0.34 503 origin_unverifiable 412 istek MCP bridge stable. Sercan €600 Wise bounty Hall of Fame MCP bridge alpha-tester davet blog 2.4k engagement CF-Connecting-IP exclusive 503 fail-closed canonical pattern Turkce AI integrator topluluk referans. Maarja Tallinn Kalamaja eski Bolt ML infra lead Estonia + Latvia food-delivery aggregator paralel disclosure. Sibling-surface sweep cf-connecting-ip ?? x-forwarded-for ?? unknown nerede daha geciyor sed taradi customer-magic-link + web-affiliate signup cleanup PR. Pattern Cloudflare arkasinda her endpoint XFF fallback anti-pattern CF-Connecting-IP exclusive missing 503 fail-closed canonical audit-log + rate-limit + IP hash + abuse detection + WAF correlator hepsi ayni kural. PR #631 referans.

İlgili makaleler