zlacker

[return to "Mitigating a DDoS on Mastodon"]
1. korosh+ok[view] [source] 2019-12-06 12:03:38
>>dredmo+(OP)
hey, i'm the author of the article

really... surprised it got submitted here

incidentally i'm running pleroma, not mastodon. minor detail but you know

◧◩
2. iampim+5m[view] [source] 2019-12-06 12:24:31
>>korosh+ok
To avoid leaking IPs, you can use cloudflared tunnel. It might get pricy if you move a lot of bytes, but it’ll isolate you from IP leaking issues.
◧◩◪
3. korosh+jm[view] [source] 2019-12-06 12:27:00
>>iampim+5m
oh, i found out where the leak was

it's right at the end of the article - the attacker was abusing the "create a preview card of any posted URL" feature - he'd post a link, wait for pleroma to go and grab the url to preview it, then narrow down which one was mine based on user agent

i added an upstream proxy and anonymised the user agent, so even if he were to do that, the most he'd find was my proxy box

[go to top]