fsebugoutzone.org:9999

       Post ATcnUGvmqB3zpXG5rc by Stephanie_Bustcakes@poa.st
 (DIR) More posts by Stephanie_Bustcakes@poa.st
 (DIR) Post #ATcfSNPQ5CxLabfFMe by alex@gleasonator.com
       2023-03-15T00:17:05.976143Z
       
       0 likes, 1 repeats
       
       A good reminder to force everything through Cloudflare. Don’t tell me Cloudflare is bad or I’ll stab you. 🔪ufw default deny incomingufw default allow outgoingufw allow sshufw enableufw allow from 173.245.48.0/20 to any port 80ufw allow from 103.21.244.0/22 to any port 80ufw allow from 103.22.200.0/22 to any port 80ufw allow from 103.31.4.0/22 to any port 80ufw allow from 141.101.64.0/18 to any port 80ufw allow from 108.162.192.0/18 to any port 80ufw allow from 190.93.240.0/20 to any port 80ufw allow from 188.114.96.0/20 to any port 80ufw allow from 197.234.240.0/22 to any port 80ufw allow from 198.41.128.0/17 to any port 80ufw allow from 162.158.0.0/15 to any port 80ufw allow from 172.64.0.0/13 to any port 80ufw allow from 131.0.72.0/22 to any port 80ufw allow from 104.16.0.0/13 to any port 80ufw allow from 104.24.0.0/14 to any port 80ufw allow from 2400:cb00::/32 to any port 80ufw allow from 2606:4700::/32 to any port 80ufw allow from 2803:f800::/32 to any port 80ufw allow from 2405:b500::/32 to any port 80ufw allow from 2405:8100::/32 to any port 80ufw allow from 2a06:98c0::/29 to any port 80ufw allow from 2c0f:f248::/32 to any port 80ufw allow from 173.245.48.0/20 to any port 443ufw allow from 103.21.244.0/22 to any port 443ufw allow from 103.22.200.0/22 to any port 443ufw allow from 103.31.4.0/22 to any port 443ufw allow from 141.101.64.0/18 to any port 443ufw allow from 108.162.192.0/18 to any port 443ufw allow from 190.93.240.0/20 to any port 443ufw allow from 188.114.96.0/20 to any port 443ufw allow from 197.234.240.0/22 to any port 443ufw allow from 198.41.128.0/17 to any port 443ufw allow from 162.158.0.0/15 to any port 443ufw allow from 172.64.0.0/13 to any port 443ufw allow from 131.0.72.0/22 to any port 443ufw allow from 104.16.0.0/13 to any port 443ufw allow from 104.24.0.0/14 to any port 443ufw allow from 2400:cb00::/32 to any port 443ufw allow from 2606:4700::/32 to any port 443ufw allow from 2803:f800::/32 to any port 443ufw allow from 2405:b500::/32 to any port 443ufw allow from 2405:8100::/32 to any port 443ufw allow from 2a06:98c0::/29 to any port 443ufw allow from 2c0f:f248::/32 to any port 443
       
 (DIR) Post #ATcfmwrrxQIPM3mTDs by pasture@pl.gamers.exposed
       2023-03-15T00:20:54.294557Z
       
       0 likes, 1 repeats
       
       no
       
 (DIR) Post #ATcig51YR8Qmbble4m by 3bf0c63fcb93463407af97a5e5ee64fa883d107ef9e558472c4eb9aaaefa459d@mostr.pub
       2023-03-15T00:33:52.000Z
       
       2 likes, 0 repeats
       
       Very decentralized.
       
 (DIR) Post #ATcnEjZUaY241WQBuq by alex@gleasonator.com
       2023-03-15T01:44:20.528740Z
       
       0 likes, 0 repeats
       
       @3bf0c63fcb93463407af97a5e5ee64fa883d107ef9e558472c4eb9aaaefa459d Don’t worry, we’re gonna rewrite Cloudflare open source.
       
 (DIR) Post #ATcnUGvmqB3zpXG5rc by Stephanie_Bustcakes@poa.st
       2023-03-15T01:28:40.224331Z
       
       1 likes, 0 repeats
       
       @alex 🥝 flare 4ever
       
 (DIR) Post #ATcnXxcYZqkV6D1TBQ by realcaseyrollins@social.teci.world
       2023-03-15T01:47:54.291403Z
       
       1 likes, 0 repeats
       
       @alex @3bf0c63fcb93463407af97a5e5ee64fa883d107ef9e558472c4eb9aaaefa459d Somebody has to
       
 (DIR) Post #ATcnbkpo3fyqbM1rxg by PunishedD@poa.st
       2023-03-15T01:48:36.237693Z
       
       1 likes, 0 repeats
       
       @Stephanie_Bustcakes @alex 3 days of the Farms getting DDOSed and nobody even noticed, until Josh said so today.  KiwiFlare wins.
       
 (DIR) Post #ATcniDWsHk6VKlFucq by alex@gleasonator.com
       2023-03-15T01:49:36.892767Z
       
       1 likes, 0 repeats
       
       @PunishedD @Stephanie_Bustcakes I wonder how @josh did it. 🤔
       
 (DIR) Post #ATco6zoiP72U2tPqgS by matty@nicecrew.digital
       2023-03-15T01:54:14.343916Z
       
       0 likes, 0 repeats
       
       &gt;denying everything except from CloudflareWouldn&#39;t this break federation?
       
 (DIR) Post #ATcoEqFRrfCCgXf3pI by istvan@bozgor.org
       2023-03-15T01:55:39.667230Z
       
       1 likes, 0 repeats
       
       Federation requests also go through cloudflare. Everything goes through cloudflare if it’s HTTP/HTTPS and under your domain.
       
 (DIR) Post #ATcoIK2pXRRhxxQ29A by matty@nicecrew.digital
       2023-03-15T01:56:17.116134Z
       
       0 likes, 0 repeats
       
       How would it be possible to bypass that and get my origin IP then?
       
 (DIR) Post #ATcoQI0R0B3Vxa65zs by istvan@bozgor.org
       2023-03-15T01:57:43.269583Z
       
       1 likes, 0 repeats
       
       No idea unless someone is going spelunking through IP ranges based on a hunch they have about where you are hosting.
       
 (DIR) Post #ATcof984HvP6lxkhGK by matty@nicecrew.digital
       2023-03-15T02:00:24.599863Z
       
       0 likes, 0 repeats
       
       Well, when we were on DO, P from FSE was able to get our origin IP of which he posted publicly. Perhaps I failed to secure the DNS in Cloudflare and he had it logged.
       
 (DIR) Post #ATcompgaSfqYmrYz9U by alex@gleasonator.com
       2023-03-15T02:01:42.068263Z
       
       0 likes, 0 repeats
       
       @matty @istvan Nah he just grepped nginx access logs for your user agent. Your IP is basically public info to anyone you federate with unless you set up a VPN inside the VM.
       
 (DIR) Post #ATcosVoDHD6CsRq2uO by istvan@bozgor.org
       2023-03-15T02:02:50.111118Z
       
       2 likes, 0 repeats
       
       Thanks Alex. I always appreciate you explaining how everything works.
       
 (DIR) Post #ATcoywAICLFGMBEIa0 by matty@nicecrew.digital
       2023-03-15T02:03:59.072040Z
       
       1 likes, 0 repeats
       
       That&#39;s what I thought, but thanks for explaining. Maybe in the future I&#39;ll do that
       
 (DIR) Post #ATcqQYDavPAG9LVO5o by SheistyPenguin@poa.st
       2023-03-15T02:10:16.340171Z
       
       1 likes, 1 repeats
       
       @alexAccording to his kiwifarms thread about it, it&#39;s a custom implementation of haproxy-protection. Maybe using some kind of proof-of-work or other hueristics to stump the bots?gitgud.io/fatchan/haproxy-protection/kiwifarms.net/threads/kiwiflare.147312/@PunishedD @Stephanie_Bustcakes @josh
       
 (DIR) Post #ATcqQYqaaQMA6HkWsC by PunishedD@poa.st
       2023-03-15T02:20:11.482841Z
       
       1 likes, 0 repeats
       
       @SheistyPenguin @alex @Stephanie_Bustcakes @josh  It&#39;s proof-of-work, modified to work across the multiple front end servers KF has in rotation.  It also handles multiple tabs, and the token works on the browser instead of IP so it&#39;s not tripped by VPN.
       
 (DIR) Post #ATcv2Hg9GYwpfs6pYe by msilvya@gleasonator.com
       2023-03-15T02:57:53.037497Z
       
       0 likes, 0 repeats
       
       @alex Is this only for Mostr? Or for us owners too? *ahem*
       
 (DIR) Post #ATcv2IAdRDKnCQNB4q by alex@gleasonator.com
       2023-03-15T03:11:44.327235Z
       
       0 likes, 0 repeats
       
       @msilvya If you’re using Cloudflare, it’s a good idea to firewall everything that isn’t Cloudflare.
       
 (DIR) Post #ATe4tTl8AxDDEaq7Y8 by xue@collapsitarian.io
       2023-03-15T16:36:59.746278Z
       
       0 likes, 0 repeats
       
       @alex just admit, plain and simple you want sysadmins to lose their jobs