-
Posts
1361 -
Joined
-
Days Won
77 -
Feedback
0%
Content Type
Forums
Store
Third Party - Providers Directory
Feature Plan
Release Notes
Docs
Events
Posts posted by Shogun
-
-
wherever you packed them on the client?
-
There's no font, that logo is hand drawn.
- 1
-
As everyone is saying your texture for the hair has a wrong path
-
wrong password this has been asked dozens of times, topic locked
-
I will explain in the next post
-
Hi guys,
Today I will show you how to use the popular Cloudflare solution to add an extra layer of security to your website. The best about it: it's free if you don't want to spend on the paid plans.
I will assume that you already have a website online and working, and your own domain name (if you don't have one, I recommend EasyDNS). The first step will be to sign up on the Cloudflare website. Registration is straightforward so I won't go into details about it. Once your account is created, it's time to add your website on the Dashboard: Cloudflare will scan your current DNS records for the domain
Once scanned, we can review our DNS records. You will be able to change them at any time later. Just for this feature alone, it's worth using the service:
We can choose whether a domain or subdomain should be filtered through Cloudflare. When the little cloud is grey, Cloudflare will simply act as a DNS server forwarding users to your server. When it's orange, we gain a series of security and performance features, even with the free plan. One worth noting is that your IP becomes private so your real location and hosting provider cannot be found. This is a great privacy enhancement!
¿Is it worth paying for the paid plans? Depends. If you expect large attacks and don't have DDoS protection on your website host, you should go for the business plan definately. Otherwise, free or pro will do.
¿Why use it if I already have DDoS protection on my server? Well, some extra security isn't a bad idea. Usually DDoS mitigation systems such as those offered by OVH or Solarcom filter mostly Layer 4 attacks, while Cloudflare works better with Layer 7 attacks. Therefore they complement each other.
The final step to let Cloudflare take control of our domain records is to change the name servers. This is usually done in the control panel of the provider where you bought your domain name, in my case EasyDNS:
Finally your site is added but it will take some hours -might even be a day or two- before the name server and DNS changes are in effect, and it's time for me to stop writing this tutorial temporarily
In the next post I will explain you which are the best settings to choose among the many offered by Cloudflare.
To be continued.
- 1
- 5
-
Post your msenv here
-
-
there are thousands of icons like that just google
-
frage.. ich komme nur bis anmeldevorgang läuft und weiter nicht, warum?
The language of this board is english
-
The log you posted says nothing about a character crashing on login. Post relevant logs.
-
Hello, i have one problem and one question: First, where can i find Mijago's Quest Library?
http://metin2dev.org/board/topic/30-mijagos-quest-functions/
-
Install compat7x:
pkg_add -r compat7x
- 1
-
Oh, now that it was starting to get fun.
-
If you want a custom website you have two options:
1) Learn LAMP
2) Pay someone to do it
What you are doing here is unacceptable as you have no intention of learning it yourself. Thread locked.
-
Did you upgrade your FreeBSD recently? Missing libs?
- 1
-
DaMarket
-
If i set horse level 50 in configs, the max lvl that i can give me ig is 40?
Need any change client-side?
In database, skill_proto
-
Wrong forum. Topic locked.
-
I'm not a fan of wbb but the design looks nice
-
I doubt its related to your game.
You need a mark folder on the server.
-
Where can I delete the stone drop? Like Warrior+3 etc
Mob_drop_item is empty
No special quest for drops.
That would require source changes I think.
-
It's actually 60 seconds you have to change the text in locale_string.txt
-
What's on your serverside locale/whatever/cube.txt?
[ Dead Download Link ] Protecting your Website with Cloudflare [ We Need You ]
in Temporary
Posted · Edited by Metin2 Dev
Core X - External 2 Internal
In this second part of the tutorial I will show you how to take advantage of Cloudflare options to speed up or protect your website. The first thing that you should be aware of is the "I'm under attack" mode.
This mode inspects every incoming request for malicious traffic, showing a captcha to the suspicious users to confirm they are human. This will block pretty much any Layer 7 ddos attack going against your site.
Why not leave this mode on permanently? Well, some websites do this but in my eyes it's not a good idea to make every user go through the inspection process. You may also be punished on your google ranking for this, so I suggest enabling it only when you are actually getting attacked.
Another security feature found in the setting is this one. I tend to leave this always on as I haven't heard of any false positives.
Finally, for the experts, we have the Web Application Firewall, which is only available for paying customers. I think it's worth paying the Pro subscription for this feature as it will watch over SQL injections and other security vulnerabilities for us. If we have a custom made website which has not been tested thorougly for security, this is a must have.
We can manage the firewall by turning rules on and off and watch for false positives in the Events screen which will show us every IP which has been challenged or blocked. It's recommended to have some knowledge of programming and security to make the most out of this feature.
Remember that you can always turn features on or off for a specific part of your site by using the Page Rules option in the Dashboard.
And this is all about the security features in Cloudflare. You can ask any question about it here and I will try to answer when I have time. Please do not pm me with questions related to this or any other of my tutorials or releases.