CloudFlare - Increase your forums performance and security

Arantor · March 16, 2011, 08:34:09 PM

Really should be on the mod site, to be honest, but yeah, looks good to me.

dWhite · March 16, 2011, 09:57:29 PM

Quote from: Arantor on March 16, 2011, 08:34:09 PM
Really should be on the mod site, to be honest, but yeah, looks good to me.

I agree, the CloudFlare one should be on the mod listings.

The Bad Behavior one is already there: http://custom.simplemachines.org/mods/index.php?mod=2502

Vekseid · March 18, 2011, 12:06:08 AM

Quote from: Arantor on March 15, 2011, 07:36:15 AM
You mistake me. It doesn't blindly trust it. That's why there are two IP columns in the members table, one for storing REMOTE_ADDR and one for X-Forwarded-For...

I'm not referring to that.

Say an attacker wants to wreck someone's day on the forum of a non-terribly savvy administrator. They figure out the other guy's ISP, and start using various X-Forwarded For's with the victim's IP addresses in it. Non-savvy admin bans both users.

A better solution is to choose which header to trust. Alternately, choose which header to trust based on the originating ip block.

Arantor · March 18, 2011, 04:29:16 AM

Interesting idea... so you'd give the base software a list of such pieces of information? What happens when it, inevitably, goes out of date?

Vekseid · March 19, 2011, 04:57:04 AM

That's really only if you can justify the maintenance for such a list, though the only big reason is AOL, whose blocks you can pull from their website regularly.

Most proxies, I'd just ban from allowing to sign up outright based on their ASN.

morean51 · March 21, 2011, 02:08:29 AM

i have got this suggestion from one of my colleague about it cloudflare helps me a lot thank you

butchs · April 03, 2011, 07:27:21 AM

Quote from: Arantor on March 16, 2011, 08:34:09 PM
Really should be on the mod site, to be honest, but yeah, looks good to me.

Bla, I have enough mods.

The one thing I do not like about it is the way I have to change so much code in SMF in order to make it work. If CF goes down the IP addresses fail. I was hoping some SMF god like you would notice and request a single call to "$_SERVER['REMOTE_ADDR']" within SMF like VB and several other "community" programs do. Instead of hundreds. Just another code slow down... That is insanity!!!!

Why not do it once and then make it a global variable?

Then I can add code that will enable CF to switch back when CF goes down. Something that would be a royal pain in SMF's current state. So I decided to wait.

butchs · April 03, 2011, 07:30:09 AM

Quote from: Vekseid on March 18, 2011, 12:06:08 AM
A better solution is to choose which header to trust. Alternately, choose which header to trust based on the originating ip block.

That is why my bans usually last one hour to a maximum of a day. The bad guys always change their Ip.

ApplianceJunk · April 03, 2011, 04:56:29 PM

I decided to stop using cloudflare because of there lack of support.

damoncloudflare · April 07, 2011, 08:10:30 PM

Hi Appliancejunk,

I've checked our records against your domain and CloudFlare email address. I don't see any contacts from you to our support address?

ApplianceJunk · April 08, 2011, 06:26:09 AM

I posted questions on your facebook page.

damoncloudflare · April 18, 2011, 07:16:46 PM

Hi Appliance Junk,

I'm not getting any links to update me of the thread here...so I do apologize for the delay in responding here.

I did a search on Facebook and this is the only thing I found:

ApplianceJunk.com - Your Appliance Repair Experts!CloudFlare
Our other website, ApplianceDigest.com [nofollow] is also now using CloudFlare Pro and I have added CF badges to the bottom of both sites!
https://www.cloudflare.com/web-badges.html [nofollow]

We're generally very responsive on Facebook and Twitter. That being said, using the contact form is the best way to contact CloudFlare [nofollow]. We don't always monitor Facebook during the weekends.

Facebook also does hide some comments on their own if they think the comments are spammy, btw.

damoncloudflare · April 18, 2011, 07:49:11 PM

Ok, I finally found the Facebook comment.

The reason why CloudFlare showed as the #1 for Outbound links because it was probably a bug with our vendor that provides the 'Outbound Links' tracking feature.

If there was another question involved, more than happy to answer it.

Note: We actually answered quite a few questions from you on that page around that time.

ricteo · April 26, 2011, 11:48:55 AM

I install cloudflare on my hostgator acct and i could not see my cpanel at all! Do u know wat happened and is there a solution?

butchs · April 26, 2011, 05:07:07 PM

You need to review the clopudflare settings for your site in clopudflare. It sounds like you set it up incorrectly.

damoncloudflare · April 26, 2011, 08:27:11 PM

"I install cloudflare on my hostgator acct and i could not see my cpanel at all! Do u know wat happened and is there a solution?"

Did you do this through the HostGator partnership or directly with CloudFlare? If with CloudFlare directly, you have to access cpanel a little differently.

https://cloudflare.tenderapp.com/kb/troubleshooting/why-cant-i-access-my-cpanel [nofollow]

News:

CloudFlare - Increase your forums performance and security