It may increase performance in some cases I agree but it doesn't do squat for security if the hacker knows anything at all. That's what i am trying to get at People should not think "I'll just use CloudFlare and I'll be safe" as that is most likely going to lead to trouble at some point.
I'm not bashing CloudFlare just want to make it clear that using them does not by any means make you safe from getting hacked.
It makes it alot harder. Main reason is, the bad actors are quickly identified and dealt with. People generally have no idea what all CF really does do. But I have seen it in action.
It makes it alot harder. Main reason is, the bad actors are quickly identified and dealt with. People generally have no idea what all CF really does do. But I have seen it in action.
I know cloudflare well and am a paid member as I was curious about it. First ask yourself how these bad actors are identified IP? Cookie? Now how easy are both of those things to get around to even the worst script kiddie wannabe hacker? Extremely easy.
Now lets say it can identify a previously used perl script that was used to attack a previous site in CloudFlares "circle". Changing the script is also very easy. So in all as far as I can see it is a minor annoyance at most to people with bad intentions.
I know cloudflare well and am a paid member as I was curious about it. First ask yourself how these bad actors are identified IP? Cookie? Now how easy are both of those things to get around to even the worst script kiddie wannabe hacker? Extremely easy.
Now lets say it can identify a previously used perl script that was used to attack a previous site in CloudFlares "circle". Changing the script is also very easy. So in all as far as I can see it is a minor annoyance at most to people with bad intentions.
Bypassing CF to get to my actual hosting. Love to see it.
Bypassing CF to get to my actual hosting. Love to see it.
There is no bypassing there is just doing. Anyways not going to argue about it. If people want to take the easy way and just pay for CF and assume they are safe than that's their problem.
There is no bypassing there is just doing. Anyways not going to argue about it. If people want to take the easy way and just pay for CF and assume they are safe than that's their problem.
I don't pay for it, I use the free version. And I don't assume anything.
I've been at this close to 15 years and never been hacked, cracked, defaced, anything. Except of course, DDoS attacks. Became quite expert on those. I used to disable entire botnets just for kicks.
There is not much to understand. The idea is great but it really cannot be effective against any attacker who has even a bit of knowledge. I think the idea is great and I hope it becomes what they claim it is now, but as of right now it does not offer much in the way of defense. A well configured server is much more effective.
There is not much to understand. The idea is great but it really cannot be effective against any attacker who has even a bit of knowledge. I think the idea is great and I hope it becomes what they claim it is now, but as of right now it does not offer much in the way of defense. A well configured server is much more effective.
Multiple layers is key, you are correct. There's no magic bullet.
02-10-2012, 05:07 PM
People should not think "I'll just use CloudFlare and I'll be safe" as that is most likely going to lead to trouble at some point.
Linear Mode
