Jump to content

My site using cloudflare is being blocked

Jay12

By Jay12,
in Website Blocking

 Share Followers 4

Recommended Posts

Guest

Guest

Posted
Posted

Hi,

I also got the same IP Block, the Ip's that were blocked were:

199.27.135.184

141.101.124.185

I did reversedns on the IP's and they were linked to cloudflare.

Im also recieving the exact same two IP's in my alerts, what services are using cloudflare ?

Link to post
Share on other sites
alan_oldstudent

alan_oldstudent 0

Posted
Posted

I'm getting a similar message. I'm one of the website administrators for www (dot) occupytacoma (dot) org, and not so long ago, we were recently hacked in an attempt to take us off line. It took us nearly a couple of weeks to get back on line. Perhaps a bit of my mystery is that www (dot) occupytacoma (dot) org now redirects to a temporary mirror at www (dot) occupy-tacoma (dot) org while we're cleaning up the old SQL database. As far as I know, our ISP does not use CloudFlare, so I'm really puzzled.

I am using the "(dot)" in my messages because this is my first posting on this forum, and I did not want to look like a spammer

Here are some of the IPs:

173.245.60.81

199.27.135.15

Regards,

Alan OldStudent

Link to post
Share on other sites
Jay12

Jay12 0

Posted
  • Author
Posted

I'm getting a similar message. I'm one of the website administrators for www (dot) occupytacoma (dot) org, and not so long ago, we were recently hacked in an attempt to take us off line. It took us nearly a couple of weeks to get back on line. Perhaps a bit of my mystery is that www (dot) occupytacoma (dot) org now redirects to a temporary mirror at www (dot) occupy-tacoma (dot) org while we're cleaning up the old SQL database. As far as I know, our ISP does not use CloudFlare, so I'm really puzzled.

I am using the "(dot)" in my messages because this is my first posting on this forum, and I did not want to look like a spammer

Here are some of the IPs:

173.245.60.81

199.27.135.15

Regards,

Alan OldStudent

With the greatest of respect this thread is for reporting cloudflare related issues.

If you have issues that are not cloudflare related as yours appear not to be, then maybe you should start a new thread.

Link to post
Share on other sites
MysteryFCM

MysteryFCM 0

Posted
Posted

There is some sort of answer at Wilders: http://www.wildersse...ad.php?t=321912 (#10)

Yep, basically, as far as they're concerned, they're not the host so aren't responsible for whatever their "customers" get up to (the argument being it just pushes the problem to someone else's lap). However, it is their service being mis-used, which whether they like it or not, makes them responsible too, and means they need to enforce their AUP/ToS.

Yes, they did block a few URLs (and even then, not until after the IPs were blocked - they refused to do anything prior to that, regardless of the fact they'd been given evidence to show what was happening in those cases), but again, that's not good enough as all the bad guys need to do is change the filenames or stick the malicious code in other files - something they've already done, and are in the process of doing in two on-going cases (dedicated drive-by sites).

And this is just a small part of a much larger issue with them (not going into that yet however).

Their last e-mail to me was Thu 12/04/2012 00:07, and whilst I've replied, there's been nothing from them since. Put simply, unless their attitude towards abuse changes, it is highly unlikely they'll be unblocked any time soon.

Link to post
Share on other sites
MysteryFCM

MysteryFCM 0

Posted
Posted

With the greatest of respect this thread is for reporting cloudflare related issues.

If you have issues that are not cloudflare related as yours appear not to be, then maybe you should start a new thread.

It is related.

Link to post
Share on other sites
alan_oldstudent

alan_oldstudent 0

Posted
Posted

With the greatest of respect this thread is for reporting cloudflare related issues.

If you have issues that are not cloudflare related as yours appear not to be, then maybe you should start a new thread.

I appreciate your concern and dislike off-topic posts as much as you do too. Perhaps I did not express myself as clearly as I could have.

My point was that the reference to CloudFlare mystified me as I think it is not being used by either of our ISPs. So why would MWB throw up a warning about CloudFlare when one goes to my site?

Regards,

Alan OldStudent

Link to post
Share on other sites
tomoz

tomoz 0

Posted
Posted

Yep, basically, as far as they're concerned, they're not the host so aren't responsible for whatever their "customers" get up to (the argument being it just pushes the problem to someone else's lap). However, it is their service being mis-used, which whether they like it or not, makes them responsible too, and means they need to enforce their AUP/ToS. Put simply, unless their attitude towards abuse changes, it is highly unlikely they'll be unblocked any time soon.

I understand your position but I wonder what the consequence is for the end-user? In my case I notice these alerts primarily when I go to my banking site and ignore it. However if the impression is that these alerts can pop up "nilly-willy" affecting bad sites as well as good sites, then how much am I supposed to value them? It seems to me that not due to Malwarebytes fault, the module may not be as useful or usable as originally planned. In a way it is like blocking all US sites by domain because a lot of bad sites are hosted in the US - I think that approach would not fly.

Link to post
Share on other sites
MysteryFCM

MysteryFCM 0

Posted
Posted

Whilst I appreciate the problem, I'm actually a little concerned that a bank would be calling a site that is using CloudFlare to begin with, as this isn't something a bank should be doing.

The problem here is one of risk factors, and the risk of leaving it unblocked is far higher than the potential inconveniences of blocking it. I realize this sounds harsh, and blocking CDNs is not something I do lightly, but CloudFlare were given many chances prior to the block being put in place - alot more than I'd normally give.

Link to post
Share on other sites
tomoz

tomoz 0

Posted
Posted

Interesting - so do I take it that irrespective of the lack of cooperation in this case you do not "believe" in their marketing that they are actually providing security apart from speed enhancements?

https://www.cloudflare.com/features-security

I am not savvy enough to judge this but I know if I started to talk to my bank about this issue, I would get nowhere. :unsure:

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Followers 4
Go to topic listing

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept