[PAYING GIG] migrating servers, tweaking rate limits and implementing signup captcha


(shitposting) #1

edit:
job summary

  1. mitigate ddos by migrating a discourse install from digitalocean ubuntu server to a https://zare.com/ ubuntu server (100gbs ddos protection)
  2. alter discourse and/or ubuntu to prevent bots from making 32949284 accounts from 293849832 proxies
  • this can be achieved by blocking proxies and implementing a captcha not prone to exploitation by ocr/audio transcription
  1. alter discourse and/or ubuntu to prevent bots from flooding the email server so i end up owing mailgun thousands of dollars (triggering email deployment via discourse actions)
  2. alter discourse and/or ubuntu to prevent proxy/vpn/tor connections

when i launch my site it’ll almost invariably be ddosed by naughty little shits. it’s currently sitting on digitalocean while in staging. i’ve been told that discourse has its own built in rate limits and whatnot but no. the possibility of otherworldly sized botnets being pointed at us is honestly too damn high.

are there any ddos mitigation/infosec/rate limiting/discourse migration experts around here?

there’s a tutorial on how to migrate servers here: Move your Discourse Instance to a Different Server but i need a guru to set up crazy rate limits and/or captchas on the server to prevent mass user registrations, misc. ddos attacks, etc.

i hear this issue has been resolved ReBreakCaptcha: Breaking Google’s ReCaptcha v2 using.. Google – East-Ee Security so that may need to be implemented to thwart hackery

xmpp = pad@codingteam.net or drop a dm if you’re interested


(Michael - DiscourseHosting.com) #2

Just put Cloudflare in front of it and then move to a different IP address. You can even use the DO image functionality for that.

Make sure your outgoing emails don’t leak the original IP address.


Mailgun leaking server's real IP behind Cloudflare