Site Security

7 East Genetics
M

Mod

Administrator
Staff member
User ID
1
I've bypassed CloudFlare's caching and have removed the CloudFlare proxy.
Can you let me know if you get further 520 errors?

Research has shown that CloudFlare throws this error on multiple Xenforo sites.
It's due to the http headers being too large.

If required, I'll disable CloudFlare and do everything in house.
 

Please join our community to continue reading

Forgot your password?
Don't have an account? Register now
Anoma

Anoma

Resident Celebrity
Community Member
User ID
189
Billygoat said:
Yes, @Mod could probably elaborate :)
Click to expand...
I don't want to probe but what host are you with? (feel free to not answer that)

Have you thought about using GCP with Cloud Armor?

That way you could ditch Cloudfare but still have the same protections, and possibly less problems.
 
Last edited:
M

Mod

Administrator
Staff member
User ID
1
There would have been a short overlap when I disabled CloudFlare's proxy and when the new SSL certificate was accepted by everyones devices. If you received an SSL error - sorry, I didn't get any on my end.

Yes, your information is secure.
However, I'd highly recommend taking every precaution to not disclosing your own identity.
This can include using an alternate email address (protonmail is the choice here), using alias names, and using a non-logging VPN to access sites.

As any site gets more popular, it attracts unwanted visitors. The best we can do is to mitigate all risks and put as many preventitiave measures in place.

Anoma, I looked at GCP, but decided against it in the beginning.
They also block outgoing emails, so I'd need to use another provider or setup another server specifically for emails.
At the start when there were only a few members and Billy was paying for everything out of pocket, I wanted to keep things as low cost as possible.
CloudFlare's free plan provided all the protections needed, supplimented with a WAF and a few extra precautions (for example, try SSHing to the server).

Cloudflare is essentially ditched now, it's only being used as a DNS provider, which I'll eventually remove.

I'm sure you can figure out what host I'm using ;)
 
Last edited:
Red Eye Hero

Red Eye Hero

Baked
User ID
642
Mod said:
There would have been a short overlap when I disabled CloudFlare's proxy and when the new SSL certificate was accepted by everyones devices. If you received an SSL error - sorry, I didn't get any on my end.

Yes, your information is secure.
However, I'd highly recommend taking every precaution to not disclosing your own identity.
This can include using an alternate email address (protonmail is the choice here), using alias names, and using a non-logging VPN to access sites.

As any site gets more popular, it attracts unwanted visitors. The best we can do is to mitigate all risks and put as many preventitiave measures in place.

Anoma, I looged at GCP, but decided against it in the beginning.
They also block outgoing emails, so I'd need to use another provider or setup another server specifically for emails.
At the start when there were only a few members and Billy was paying for everything out of pocket, I wanted to keep things as low cost as possible.
CloudFlare's free plan provided all the protections needed, supplimented with a WAF and a few extra precautions (for example, try SSHing to the server).

Cloudflare is essentially ditched now, it's only being used as a DNS provider, which I'll eventually remove.

I'm sure you can figure out what host I'm using ;)
Click to expand...
Is there a way to change email or best to delete account and start again?
 
You must log in or register to reply here.
Support TSE and become a TSE Community Member. All funds go directly towards monthly hosting and software costs.
Top Bottom