MyBB Community Forums

MyBB Community Forums > MyBB Project > MyBB Project & Site Issues > mybb website and cloudflare
Full Version: mybb website and cloudflare
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

Tom K.

2013-11-14, 12:29 PM
(2013-11-14, 12:16 PM)Cameron:D Wrote: [ -> ]
(2013-11-14, 11:00 AM)Tom K. Wrote: [ -> ]a hacker could simply change the content of a file and then it's relevant hash and go undetected.

If they have access to change the file that contains the checksums then they have enough access to be able to change the URL that it downloads the checksum file from anyway.

I'm not saying that that grabbing the checksums from the MyBB site is a bad (Although using HTTPS would be a very good idea), just that if you're compromised to the point of being able to edit files then there is more than one way to be able to achieve the outcome.

That is quite true, and something I overlooked. Either way, I still think that its should be centralized away from your site.

Rymax99

2013-11-14, 03:32 PM
On topic, it's probably your host being blocked / forced to enter a CloudFlare cache, probably due to the fact that a lot of free hosts have proxy scripts on them, can be a source from Denial of Service attacks, and what not.

Ultimately, I wouldn't consider file verification to be a valid way to check in terms of being hacked. If you're hacked, you should completely delete your files, and re install it.

Tom K.

2013-11-14, 06:41 PM
Also, you might find it's not Chris that's blocked your server. It might be that Cloudflare has blocked that server due to a number of threats originating from it. That's the risk you run on a shared host. This is the same with emails and spammers getting the server blacklisted.

Rymax99

2013-11-14, 07:55 PM
(2013-11-14, 06:41 PM)Tom K. Wrote: [ -> ]Also, you might find it's not Chris that's blocked your server. It might be that Cloudflare has blocked that server due to a number of threats originating from it. That's the risk you run on a shared host. This is the same with emails and spammers getting the server blacklisted.
"I have my website hosted at a free webhost."
Toungue

Tom K.

2013-11-14, 09:01 PM
(2013-11-14, 07:55 PM)Rymax99 Wrote: [ -> ]
(2013-11-14, 06:41 PM)Tom K. Wrote: [ -> ]Also, you might find it's not Chris that's blocked your server. It might be that Cloudflare has blocked that server due to a number of threats originating from it. That's the risk you run on a shared host. This is the same with emails and spammers getting the server blacklisted.
"I have my website hosted at a free webhost."
Toungue

That's likely the issue. The sites running on your host may have gotten the entire server put on a "watchlist" of sorts where a CAPTCHA is presented to any incoming connections from that server
Pages: 1 2
MyBB Community Forums > MyBB Project > MyBB Project & Site Issues > mybb website and cloudflare