Cloudflare masks the origin IP address and has DDoS protection. Unless it’s a DoS against the software, yes, it is a long term solution.
Cloudflare masks the origin IP address and has DDoS protection. Unless it’s a DoS against the software, yes, it is a long term solution.
You should change the public IP of the server if you haven’t already
It’s great playing a cleaning fee when the host expects you to strip the bed and take it to the laundry, empty the bins and leave the place spotless
I’ve been a Firefox user for a very long time and had no idea these existed, thanks for sharing
This. So much this.
Can I Google their name?
Good point. I suppose the only way to fix that particular issue to disallow cookie authentications from a new location
Prior to the JWT secret being rotated, yes, they could have authenticated as you. The tokens are now all invalid and useless
Does an admin account have any permissions to view email addresses or data of registered users?
Did MichelleG not have 2FA enabled?
Now that this has happened, it’s be worth pushing this issue through as high priority. If HttpOnly
was enabled, then an admin takeover would not have been possible.
Being… What?