It’s the reason I set up cloudflare in the first place, so yeah. I was getting SYN flood-ed to the point that my router would just crash almost immediately, and after rebooting it the attack would resume after a minute or two.
@DaPorkchop_@lemmy.ml@memes@lemmy.world Hm weird, I don’t see why they would spend their resources attacking random people without any kind of demand. Even at work I’ve never seen one happening.
I still believe Cloudflare has most of its customers because of fearmongering tbh.
@Alaknar@sopuli.xyz@memes@lemmy.world Being proactive doesn’t mean you have to hide your personal service behind a billion dollar company. That is precisely the kind of overreaction triggered by fearmongering. If you don’t know how to secure access points or harden configurations, no service will be able to do it for you as if by magic. Not to mention your responsibility towards your users, who may not want to be tracked by a third-party company without their knowledge every time they visit your site (or half of the internet by now).
As a sidenote - am I reading you correctly? Your main issue with Cloudflare is “they’re large”? Like, if they were “two dudes in a basement” and provided the same quality product as they do now, you’d be happy to use their service?
That’s the point. Cloudflare does this as if by magic.
So if you configure your admin account to have an admin:admin credential, Cloudflare will magically solve this? Even if the answer were yes, that would mean handing over your passwords and access details to third-party companies, which is very much disproportionate. I probably wouldn’t trust your website with my data.
Cloudflare doesn’t track your users.
With laws like the Patriot and Cloud Act I hope no one actually takes privacy pledges of US companies serious.
Your main issue with Cloudflare is “they’re large”?
No, it’s just meant to highlight the absurdity of what some people think is necessary to protect a website in this argument.
@Alaknar@sopuli.xyz Using Signal is a choice. Luring me to a service from another country that maybe knowingly even uses their own certificates to decrypt my traffic through their reverse proxy is not.
You said “If you don’t know how to secure access points or harden configurations”, not “if you’re an absolute moron”.
So where does the moron end and the the magic begin? Comparing something to magic just leaves people with a wrong sense of security that don’t know any better.
It’s not “necessary”. It’s convenient, tried and tested, and accessible.
You comparing Cloudflare to having a password on an account really sounded like basic stuff.
Luring me to a service from another country that maybe knowingly even uses their own certificates to decrypt my traffic through their reverse proxy is not.
I guess, yeah, they could, potentially, do that. Would be massively illegal if they did, and would immediately kill their business, but there technically is a non-zero chance that they might do it.
So where does the moron end and the the magic begin? Comparing something to magic just leaves people with a wrong sense of security that don’t know any better.
I’m not going to attempt to quantify the skill level at which Cloudflare becomes useful. If you feel like you don’t need them, don’t use them. If you know enough to not need them, you should also understand why many people do.
You comparing Cloudflare to having a password on an account really sounded like basic stuff.
It was not a 1:1 comparison, mate. I was comparing the concepts of using features that boost your security posture.
Even if the SYN packets were being ignored, the connection would still be unusable if there’s enough incoming traffic for most legitimate packets to get dropped. And as mentioned in other comments, the router in question is a shitty ISP router which can’t be replaced (although I do have a much fancier router with OpenWRT running behind that).
It’s the reason I set up cloudflare in the first place, so yeah. I was getting SYN flood-ed to the point that my router would just crash almost immediately, and after rebooting it the attack would resume after a minute or two.
@DaPorkchop_@lemmy.ml @memes@lemmy.world Hm weird, I don’t see why they would spend their resources attacking random people without any kind of demand. Even at work I’ve never seen one happening.
I still believe Cloudflare has most of its customers because of fearmongering tbh.
It’s a bit like saying “having a password on your account is fearmongering, why would anyone try to access your data”.
It’s only fearmongering until you get attacked, and it’s already too late when you do. Better to be proactive.
@Alaknar@sopuli.xyz @memes@lemmy.world Being proactive doesn’t mean you have to hide your personal service behind a billion dollar company. That is precisely the kind of overreaction triggered by fearmongering. If you don’t know how to secure access points or harden configurations, no service will be able to do it for you as if by magic. Not to mention your responsibility towards your users, who may not want to be tracked by a third-party company without their knowledge every time they visit your site (or half of the internet by now).
That’s the point. Cloudflare does this as if by magic.
Cloudflare doesn’t track your users.
As a sidenote - am I reading you correctly? Your main issue with Cloudflare is “they’re large”? Like, if they were “two dudes in a basement” and provided the same quality product as they do now, you’d be happy to use their service?
@Alaknar@sopuli.xyz
So if you configure your admin account to have an admin:admin credential, Cloudflare will magically solve this? Even if the answer were yes, that would mean handing over your passwords and access details to third-party companies, which is very much disproportionate. I probably wouldn’t trust your website with my data.
With laws like the Patriot and Cloud Act I hope no one actually takes privacy pledges of US companies serious.
No, it’s just meant to highlight the absurdity of what some people think is necessary to protect a website in this argument.
You said “If you don’t know how to secure access points or harden configurations”, not “if you’re an absolute moron”.
Do you also not believe in the privacy pledges of Signal?
It’s not “necessary”. It’s convenient, tried and tested, and accessible.
@Alaknar@sopuli.xyz Using Signal is a choice. Luring me to a service from another country that maybe knowingly even uses their own certificates to decrypt my traffic through their reverse proxy is not.
So where does the moron end and the the magic begin? Comparing something to magic just leaves people with a wrong sense of security that don’t know any better.
You comparing Cloudflare to having a password on an account really sounded like basic stuff.
I guess, yeah, they could, potentially, do that. Would be massively illegal if they did, and would immediately kill their business, but there technically is a non-zero chance that they might do it.
I’m not going to attempt to quantify the skill level at which Cloudflare becomes useful. If you feel like you don’t need them, don’t use them. If you know enough to not need them, you should also understand why many people do.
It was not a 1:1 comparison, mate. I was comparing the concepts of using features that boost your security posture.
Get a router that has flood protection? This is like… Extremely basic network protection.
OpenWRT has had configurable syn-flood protection (enabled by default) since like 2010.
Even if the SYN packets were being ignored, the connection would still be unusable if there’s enough incoming traffic for most legitimate packets to get dropped. And as mentioned in other comments, the router in question is a shitty ISP router which can’t be replaced (although I do have a much fancier router with OpenWRT running behind that).