CoN 25th Anniversary: 1997-2022
CoN Data Breaching
|
Posted: 27th January 2024 17:10
|
|
  Posts: 35 Joined: 17/7/2009 Awards: 
|
 Just signed up for McAfee, was brought to my attention that CoN had a at least 2 data breaches I can provide s/s. My password has obviously since changed, but I was wondering if there has been any alterations to site security in the past 4 years. |
|
Post #217266
|
Message 
Email 
Quote|
Posted: 29th January 2024 13:27
|
|
|
|
https://www.cavesofnarshe.com/news/article/...urity-upgrades/
is about all I can offer you. Edit: Well, okay, that's not entirely true, having now posted this there are a handful of things I can think of that have been done over the last few years to reduce the possibility of further events at the server and software level by restricting possible vectors for intrusion. If there are any current gaps available for attack beyond simple brute force, I'm not at all aware of them. This post has been edited by Rangers51 on 29th January 2024 13:53 -------------------- "To create something great, you need the means to make a lot of really bad crap." - Kevin Kelly Why aren't you shopping AmaCoN? |
|
Post #217268
|
Web 
Facebook 
Twitter 
|
Posted: 5th February 2024 02:18
|
|
|
Posts: 35 Joined: 17/7/2009 Awards:
|
Thanks Rangers , got everything set as much as I can with that information. I did see the headliner, thoughts on a captcha or cloud flare protection?
|
|
Post #217270
|
|
Posted: 6th February 2024 01:05
|
|
|
|
It might be an option worth looking into, Cloudflare offers a lot more on their free tier now than they did the last time I investigated. Depends a little on how heavy the lift is, versus, like, just stripping the site of everyone's PII forever.
 -------------------- "To create something great, you need the means to make a lot of really bad crap." - Kevin Kelly Why aren't you shopping AmaCoN? |
|
Post #217271
|
|
Posted: 10th February 2024 21:28
|
|
|
|
Okay, we do now have Cloudflare running in front of the site, because why not? It's not likely to stop any future issues like described in the OP, but other work I've done in the past couple years has handled most of that already; I'm not aware of any OWASP T10 vulnerabilities at the moment.
At the very least, it should help us in the case of DDoS (which was never very likely for a little bitty site like this anyway) and in terms of DNS speed (which will be a big benefit). So again, hey, why not? -------------------- "To create something great, you need the means to make a lot of really bad crap." - Kevin Kelly Why aren't you shopping AmaCoN? |
|
Post #217274
|
|
Posted: 4th March 2024 23:00
|
|
|
Posts: 35 Joined: 17/7/2009 Awards:
|
This is awesome thanks!
|
|
Post #217278
|
2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members:
