Jump to content

HTTPS


SkzBR

Recommended Posts


  • Group:  Members
  • Topic Count:  1
  • Topics Per Day:  0.00
  • Content Count:  27
  • Reputation:   5
  • Joined:  11/19/11
  • Last Seen:  

Please, enable https on your server if possible.

My company proxy detects some strings on URL and blocks access on some topics, but they can't block https connections. It's bad when you want to read or reply a topic and ends on a blocked page template.

I think many people access forums from companies/colleges.

Sincerely,

SkzBR.

Link to comment
Share on other sites


  • Group:  Members
  • Topic Count:  31
  • Topics Per Day:  0.01
  • Content Count:  967
  • Reputation:   53
  • Joined:  11/13/11
  • Last Seen:  

does RA have SSL?

Link to comment
Share on other sites


  • Group:  Members
  • Topic Count:  13
  • Topics Per Day:  0.00
  • Content Count:  198
  • Reputation:   102
  • Joined:  11/13/11
  • Last Seen:  

Is need verify if the version of Apache is the latest to enabled HTTPS. There is a new type of apache attack, called 0day. Wich causes traffic congestion due to the encriyption keys are broken.

Is better you use a proxy server, it is easier.

Edited by Protimus
  • Upvote 2
Link to comment
Share on other sites


  • Group:  Members
  • Topic Count:  0
  • Topics Per Day:  0
  • Content Count:  7
  • Reputation:   1
  • Joined:  12/06/11
  • Last Seen:  

@Protimus

This attack '0 day' was fixed by Apache team and released in version 2.2.21 and HTTPS connection cant prevent these attacks. 'http flood' however makes your connection table like TIME_WAIT (command win or linux: netstat -an) turn a fireball and your server be very slow.

Assuming than rathena.org apparently is hosted in CloudFlare IMHO that this webhost have an better security to prevent some hack attempts from simple injection to complex types of ddos attacks is also possible round-robin system to loadbalance this website into others webservers.

Therefore in the case of rAthena whatever if your webserver with https enabled, CloudFlare prevent these attacks by default and without additional costs.

Round-robin servers


rathena.org has address 199.27.135.91
rathena.org has address 173.245.60.26

@SkzBR

If you use any linux OS you just can use Config&Server Firewall (CSF) [1]. This app just use iptable between CSF to make effective rules. Your subsystem LFD listen your log system and block if found something abnormal.

Can you consider to use ModSecurity[2] to your webserver. This module is share compiled with your apache webserver and can make custom rules to prevent some PHP/XSS/SQL/FILE injection and others various hack attempts to your websites. His prevent too some flood attacks like slowris but this last is rarely used.

[1] http://configserver.com

[2] http://modsecurity.org

Link to comment
Share on other sites

  • 11 months later...

  • Group:  Members
  • Topic Count:  75
  • Topics Per Day:  0.02
  • Content Count:  2223
  • Reputation:   593
  • Joined:  10/26/11
  • Last Seen:  

I agree with this suggestion.

Adding HTTPS to CloudFlare will cost $20/month (CloudFlare Pro). I'm not sure if that includes a CloudFlare-issued SSL certificate or if there is an additional fee.

Link to comment
Share on other sites

×
×
  • Create New...