10000 forum users celebration - special event

They finally renewed it (or so they said).

5 Likes

Yep, back up. Next up in 2023, will be the same thing all over again.

7 Likes

Moderators/Leaders, could you lock this? OP’s question has been solved.

1 Like

We typically just let those topics close themselves. :slight_smile: but thanks for considering!

6 Likes

Hi peeps! I’m back from my vacation.

I have monitoring set up which notifies me if one of the important SSL certificates is about to expire. Basically every three months I’ve had to tell them to renew their certificate because the automated renewal doesn’t work.

But I was away now so I wasn’t able to look into this.

7 Likes

Welcome back, Admin! Glad to see you back.

5 Likes

Hahaha

So much anticipation, like when children are waiting for Santa Claus :smile:

@admin Next time, make an IF-admin tracker for us so that it looks like this

6 Likes

Welcome back! I hope you enjoyed your vacation.

6 Likes

russian warplane crashed in RU (videos)

2 Likes

Should I do a name reveal here?

  • Yes
  • No
  • Maybe
0 voters

We know you’re Bill Gates - no need for a last name :wink:

6 Likes

Yes, I would love the ability to google you and learn absolutely everything I can :slight_smile:

6 Likes

You’d be surprised what you can find out even without knowing it outright.

2 Likes

Another way to find out if a domain is hosted “censored” is to add /aes.js to the address.
It also passes Cloudflare unless some action is taken.

Also because that script has a big priority, redirection “doesn’t work” either if it is via .htaccess (on origin)
and not directly as a rule on CF.

Does anyone have an idea about an elegant solution without the CF FW rule I’m currently using that blocks access if the request matches the pattern?

The goal should be that this “js” is never displayed (no REQ), and not to leave a trace through some redirection via CF, etc.

I took a quick look at these new betas

Screenshot 2022-10-18 121009

but I didn’t get an idea or I’m too tired…

2 Likes

You are trying to completely block assess to aes.js?

Not sure if it’s possible to do without FW, I can’t find another way on first glance, and while messing around in the betas before none allows you to block (stop, whatever) requests.

3 Likes

Yeah, block but so that it is never called (as if nothing had happened)
because redirections to another URL (RW) etc. leave a trace

if I didn’t use all 3 free rules in CF
I think I could take that aes.js into a “black hole” there

1 Like

So you want the file, if called, to return a 404 to the client?

4 Likes

By black hole I meant completely drop the request (this is sometimes done in the case of DDoS defense)

but I don’t think such a thing is offered on CF

so

I think I succeeded this way

the fields ( rw to ) can also be left empty, but somehow it’s better for me when it returns my 404 page

now I still need to test that some PowerShell or curl or wget is able or not to get aes.js

3 Likes

@Greenreader9 thanks for your help,
I requested aes on your domain several times… do not be mad :slight_smile:
I needed an independent source for comparison :innocent:

1 Like

Hey! I should probably do something over on TTL to block that, honestly surprised nobody has DDoSed me yet.

EDIT: Done!

3 Likes