Cloudflare enable "Encrypted Server Name Indication" (ESNI) on their DNS resolver to close the SNI hostname leak:

Of course this requires browser support and support from the domain too. ESNI browser support is arriving in an upcoming Firefox Nightly and ESNI will be enabled by default for all domains behind Cloudflare.

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.