@CloudFlare this sounds promising for the JS/Cookie bit. does this also give them a CAPTCHA? any info on what the 5 seconds of exam does?
@eastdakota if i goto server using IP from DNS, request is blocked. we use a custom 'direct' alias via CF interface. seems that would do it?
-
-
@attritionorg can you look in logs for boys' requests and see if they're routed via CloudFlare? -
@eastdakota not sure what you mean by "boys' requests". i have access to logs though. -
@attritionorg auto correct fail. Boys->bots. -
@eastdakota we have mod installed for apache that translates to original IP, so we can use that info to block via 'threat control'. catch22 -
@attritionorg check if there's a RayID in some logs but not others. -
@eastdakota link to info on what "RayID" is? =)
End of conversation
New conversation -
-
-
@attritionorg that's a good start but good to limit only CloudFlare to access origin. -
@eastdakota as best i can tell, that is how we have it
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.