Jump to content

Cloudfare


dor

Featured Posts

When I go back to topic listing from a thread I get a message about checking, with a reference to DDoS.  It sometimes does it without the message, taking about five seconds.

It’s a bit irritating!

What’s going on?  Have we had a denial of service attack?

 

message says something like ‘Checking your browser before accessing  canalworld.net”

 

Browser is Chrome.

Edited by dor
Link to comment
Share on other sites

15 minutes ago, dor said:

When I go back to topic listing from a thread I get a message about checking, with a reference to DDoS.  It sometimes does it without the message, taking about five seconds.

It’s a bit irritating!

What’s going on?  Have we had a denial of service attack?

 

message says something like ‘Checking your browser before accessing  canalworld.net”

 

Browser is Chrome.

I get the same (infrequently). There was a thread about it some months ago.

It was something in the forum software (following and update) If I remember correctly.

 

Edit to add : Microsoft Edge

Edited by Alan de Enfield
Link to comment
Share on other sites

5 minutes ago, dor said:

When I go back to topic listing from a thread I get a message about checking, with a reference to DDoS.  It sometimes does it without the message, taking about five seconds.

It’s a bit irritating!

What’s going on?  Have we had a denial of service attack?

 

message says something like ‘Checking your browser before accessing  canalworld.net”

 

Browser is Chrome.

I got that this morning as well.

Link to comment
Share on other sites

When using Cloudflare DDOS protection, there is a mode it can be switched to "I'm Under Attack Mode", when this is switched on the 5 second delay will appear for some. It appears this has been turned on permanently - probably because there is no way to know if the site is under attack or not, because its not monitored consistently. Its hard to see how it could be though?

Link to comment
Share on other sites

30 minutes ago, Mike the Boilerman said:

 

Why does CWF have to have it but none of other large internet forums I use? 

 

Firstly, its nothing to do with Invision.

 

The reason other forums don't do it is because they've configured their Cloudflare DDOS differently - but its possible they would be attacked or targeted and be slightly more vulnerable. Its also possible they'd be alerted, and be in a position to take action, quicker than this site. As I understand it RichM has turned on the enhanced checking so that he doesn't need to be alerted, then manually turn it on, if it happens eg in the middle of the night or when he can't get to the internet to do it.

 

Or simply that other forums don't have the Cloudflare protection, rather they might have a bit of excess capacity in their server size so they can cope with a mild attack.

  • Greenie 1
Link to comment
Share on other sites

We made everyone aware of this last month as andy3196 alluded to. 

 

We are not being hit by denial of service attacks as such. Though as of recent, we are frequently targeted by spam bots and Cloudflare help prevent by performing browser checks. The browser check notifications shouldn't be intrusive and should only appear periodically, unless you are constantly picking up a new IP address or switching between devices. 

 

Spam bots can be a major issue for us. Before we set up Cloudflare, a number of bots managed to bypass recaptcha and create accounts to spam content on the forum, prompting hundreds of notification emails to be sent out to members, causing our mail server to be blacklisted. This meant that genuine emails were not received by our members and as such we received complaints about that... Cloudflare is just one measure that helps prevent this. The browser checks should not be intrusive however, so I will review this tonight.

 

Link to comment
Share on other sites

2 hours ago, Paul C said:

Firstly, its nothing to do with Invision.

 

The reason other forums don't do it is because they've configured their Cloudflare DDOS differently - but its possible they would be attacked or targeted and be slightly more vulnerable. Its also possible they'd be alerted, and be in a position to take action, quicker than this site. As I understand it RichM has turned on the enhanced checking so that he doesn't need to be alerted, then manually turn it on, if it happens eg in the middle of the night or when he can't get to the internet to do it.

 

Or simply that other forums don't have the Cloudflare protection, rather they might have a bit of excess capacity in their server size so they can cope with a mild attack.

Worked just as you said for me. Now we know what its all about I would rather you stop the spam bots even if I do have to wait a few seconds now and again.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.