despite that title, it’s more about Mastodon, GoToSocial, and Akkoma.

  • Deebster
    link
    fedilink
    English
    arrow-up
    9
    ·
    10 months ago

    Hmm, getting origin servers to expose themselves this way is a clever hack. As noted, any bad actors probably already know this trick to bypass Cloudflare/whatever anti-DDOS layer.

    As a fix, I guess you can either send your server’s outgoing connections through a proxy/VPN or use your hosting company’s firewall to block all non-Cloudflare inbound traffic.