Continuing the discussion from Blocking Tor Users by Default:
Linked story doesn’t have any role how we should secure Discourse. It is meant for those who are living in countries like China and Russia.
As I see that issue is banning an IP-address helps only a short time and it is similat action than banning a user agent. It works only against bad behaving ones who aren’t trying to harm you. But evil ones… totally waste of time.
Changing IP or user agent is so trivial trick it just doesn’t help against an attacker — I’m not talking about black hats, but a-holes who are trying to break a forum or make one’s life miserable.
An app should not do tasks that should do somewhere else. Like firewall or packet filtering generally. But is doing already by blocking user agents and using something else than crontab. Is this similar situation.
I don’t ask anything, but I would like to hear opinions (and why not tricks too)
- what kind of security measures a self hosting admin should do
- is Discourse vulnerable against angry and skillful people (I know you have bounty program, but that is another ball game)
- and more or less on meta level: are IP- and user agent -bans just a gimmick to give false feeling of security because we are allready lost this war
Ideas?