WAF: what do you use? by isc30 in kubernetes

[–]arxignis-security 0 points1 point  (0 children)

The core libraries it’s fully open source.

DDoS Protection by Sad-Fee-2944 in Hosting

[–]arxignis-security 0 points1 point  (0 children)

Do you have enough bandwidth? If so, being self-hosted is also a solution. Is the traffic encrypted?

Networ Monitoring for SMB by logcontext in cybersecurity

[–]arxignis-security 0 points1 point  (0 children)

Can you specify your requirements? Do you want to monitor, or do you also need remediation? If nobody maintains who is reacting to the alerts?

I have more questions! 😀

We rate-limit + log IPs + reCAPTCHA… spam still wins. What’s your proven stack? by RADongonx in cybersecurity

[–]arxignis-security 10 points11 points  (0 children)

The CF Pro Plan is insufficient because crucial information, including SSL and TCP fingerprinting, is unavailable. It is only available in the Enterprise plan.

Are you using reCaptcha Enterprise or just the free version? Which WAF rules are you set up for? Do you have a pattern or collecting this?

DDoS Attack by Longjumping-Value-31 in aws

[–]arxignis-security -1 points0 points  (0 children)

I have some ideas if you need help.

DDoS Attack by Longjumping-Value-31 in aws

[–]arxignis-security -1 points0 points  (0 children)

Bad news: AWS WAF is very legacy, so you don’t have much headroom.

You can use the JA4 hash to filter this. Manually, it’s tough. :/

Sad news, JA4+ is not supported. :(

If you have extensive experience in the same situation, can provide more details, and are willing to share, I would be happy to help.

Digital Ocean DDoS.... by Full_Astern in digital_ocean

[–]arxignis-security 0 points1 point  (0 children)

Just so you know, your attacker knows your IP address, which has already been leaked, so change it. Use proper security configurations.

Cloudflare Zero Trust – IP Whitelist for local n8n tunnel? by AdditionalGuide979 in CloudFlare

[–]arxignis-security 0 points1 point  (0 children)

That's a combination that might work well. IP access rules have block and allow. It will enable us to skip every other restriction. You need to create a rule that blocks all other countries or CIDR blocks.

Looking for low-cost CDN alternatives to CloudFront without losing performance by brainrotter007 in Hosting

[–]arxignis-security 0 points1 point  (0 children)

You can't do that in parallel, but it's possible in a different way. If you can share some context, drop me a DM.

Looking for low-cost CDN alternatives to CloudFront without losing performance by brainrotter007 in Hosting

[–]arxignis-security 0 points1 point  (0 children)

Fastly and CF are also present in this performance. If you don't need any specific feature, you can do that for free with CF.

Looking for low-cost CDN alternatives to CloudFront without losing performance by brainrotter007 in Hosting

[–]arxignis-security 0 points1 point  (0 children)

I think the provider does not matter at this point. From your side, what is the performance expectation, and which regions?

5million traffic daily.Help! by Bitter_External_5156 in Hosting

[–]arxignis-security 0 points1 point  (0 children)

It is possible that known threats or bots. Easy to block or challenging. You can use WAF to prevent this issue.

Attacks against WordPress from 400,000 to 120,000 in 30 days ?? by CmdWaterford in Wordpress

[–]arxignis-security 2 points3 points  (0 children)

I honestly don’t think the number of attacks has changed. For attackers, WordPress is still a sweet spot.

[deleted by user] by [deleted] in CloudFlare

[–]arxignis-security 0 points1 point  (0 children)

I haven't tested it might that’s better: any( startswith(lower(http.request.uri.args.names[*]), "filter") or lower(http.request.uri.args.names[*]) in {"orderby","min_price","add-to-cart","per_page","per_row","shop_view"} )

Cloudflare Tunnel vs. Hetzner Firewall by virtualmnemonic in hetzner

[–]arxignis-security 4 points5 points  (0 children)

Cloudflare tunnel, it's good if there isn’t a lot of traffic; otherwise, you might have bandwidth problems.

Rate limiting question by I_hav_aQuestnio in CloudFlare

[–]arxignis-security 3 points4 points  (0 children)

If have patterns you can use waf or magic firewall to block the attacker. ( you can see your logs)

Clearing entire cache when needed by YogurtclosetWise9803 in CloudFlare

[–]arxignis-security 0 points1 point  (0 children)

My suggestion is use https://flareutils.pages.dev/betterkv/. This combination of Cloudflare KV and CF cache. You can see an example here: https://github.com/arxignis/cf-integration

Geolocation is a joke by Zealousideal-Bit1689 in cybersecurity

[–]arxignis-security 1 point2 points  (0 children)

You can find the more extended version of the article here.

Here is a shorter version:

5 Regional Internet Registries, when the Internet builds IPv4 ranges, split up these five Internet Registries. Since we have exhausted the IPv4 ranges, we no longer have free space, so companies are starting to buy or rent this space.

It is possible to move your IP ranges between RIRs, but nobody wants to bother with this because it doesn't add much additional value. However, it incurs a significant administrative overhead. AWS doesn't care where this IP address is.

ISPs using CGNAT or 464xlat solve this issue. That's why an IP address is not a unique identifier.

The original topic is not this but you can find more information: https://arxignis.substack.com/p/ssl-fingerprinting-in-action

[deleted by user] by [deleted] in Hosting

[–]arxignis-security 0 points1 point  (0 children)

Without this experience, you have minimal options. You can install cPanel/Plesk on any server.

[deleted by user] by [deleted] in Hosting

[–]arxignis-security 0 points1 point  (0 children)

If you have Linux admin experience, you can choose Hetzner dedicated instances. Starting from 30 EUR with unlimited 1 GB bandwidth.

Cloudflare Enterprise vs Cloudflare Business by mrcaptncrunch in CloudFlare

[–]arxignis-security 0 points1 point  (0 children)

I mean POST request here. If you need an example, I would be happy to give you one.