Security Plug Ins

Do not post support requests, bug reports or feature requests. Discuss phpBB here. Non-phpBB related discussion goes in General Discussion!
Anti-Spam Guide
User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 3223
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.
Contact:

Re: Security Plug Ins

Post by thecoalman » Fri Jun 21, 2019 11:54 pm

Heo32 wrote:
Fri Jun 21, 2019 1:49 pm
I sure would like to know how to set that up. Could you post details here of what needs to be done to implement your suggestion?
Firstly you need a VPS/Dedicated server where you have access to the firewall configuration. There is plenty of articles out there to describe how to implement this and it will vary depending on the server, if you have CSF on the server just google CSF deny all but cloudflare.

Basically you are going to whitelist/ignore cloudflare IP's which is step they suggest doing anyway. From there you just deny all other traffic to those ports.If you are using CSF for example:

Code: Select all

tcp|in|d=443|s=0.0.0.0/0 # do not delete
tcp|in|d=80|s=0.0.0.0/0 # do not delete

User avatar
John connor
Registered User
Posts: 2119
Joined: Fri Nov 14, 2014 5:14 pm
Location: U S Of A
Name: Aaron
Contact:

Re: Security Plug Ins

Post by John connor » Sat Jun 22, 2019 5:10 am

I took one of those paid-for DDoS websites for a spin and DDoSed my own home IP. Yep, it worked alright. The duration was 30 long minutes and I couldn't use the Internet at all do to it flooding my router. I'm not going to say where you can obtain this service, but I know damn well little punks are probably using it against game servers or players where they obtain their IP though a cheat/hack. I had such a hack for Command & Conquer Generals Zero Hour. I saw all players IP addresses. That was circa 2007.

Heo32
Registered User
Posts: 113
Joined: Sat Jan 07, 2017 10:08 pm

Re: Security Plug Ins

Post by Heo32 » Sat Jun 22, 2019 11:27 am

thecoalman wrote:
Fri Jun 21, 2019 11:54 pm
Firstly you need a VPS/Dedicated server where you have access to the firewall configuration. There is plenty of articles out there to describe how to implement this and it will vary depending on the server, if you have CSF on the server just google CSF deny all but cloudflare.
Cool, I'll do some research on that. Thanks. :)
Is this for you? :arrow: Windows + Nginx + PHP + MySQL + phpBB + WordPress + Cloudflare

Allow using Content-Security-Policy without unsafe-inline
stevemaury wrote:
Sun May 20, 2018 8:16 pm
I went to your board and looked for an hour or so, but did not see the women without underwear.

PoliFactsGlobal
Registered User
Posts: 9
Joined: Wed Jun 19, 2019 6:30 am
Name: K E
Contact:

Re: Security Plug Ins

Post by PoliFactsGlobal » Sat Jun 22, 2019 5:03 pm

Taking down servers is actually a thriving industry.

Backups are done via a cron job I created along with the scripts for it - Not gonna rely on hosters to do it.
Already tested BU & RESTORE multiple times, so that's good for the moment - Its now the users I dont trust. ;)

I have to setup a new verification method that has been mentioned here - Still have original broken image verification - do that tonight maybe

Post Reply

Return to “phpBB Discussion”