Jump to content
Holiday Closing, Support Availability Notice ×

(Urgent possible security breach) using cloudproxi of sucuri.net

Cristian Romero

By Cristian Romero
in Technical Problems

Recommended Posts

Cristian Romero Enthusiast

Cristian Romero

Posted
Posted

Hello, equipment and support'm using a cloudproxi of sucuri.net to protect us from DDoS attacks as well as having a distributed load balancer. biene problem that now everyone when they visit the forum appears the accounts of other members or administrator initiated without them doing anything.

 

I activated the service within the panel following the link: http://prntscr.com/79e8qs

 

even so the problem continues we are afraid that some visitors will see the account of a member or manager connected may harm or violate their privacy.

 

we simply trust that the support team Invision Power Forum will give us a solution quickly. no more thanks a hug forgive the inconvenience greetings from Spain

Ryan H. Mentor

Ryan H.

Posted
Posted

This is probably a result of some full-page caching Sucuri's proxy is performing. It seems likely to me that's Sucuri's problem, not IPS's. Have you tried contacting Sucuri or disabling any caching features there?

Ahmad E. Community Regular

Ahmad E.

Posted
Posted

I'm using sucuri too, and this problem exists with IPS 3.4.x aswell, didn't test it on IPS 4.x.
Solution was disabling sucuris caching function, I really doubt that it is a IPS problem though and it's just how sucuri caches stuff I've contacted them and this was the only solution we could work out...

Cristian Romero Enthusiast

Cristian Romero

Posted
  • Author
Posted

hello, again Ahmad El-Oukly thanks for this recommendation did what I said I think that currently there again step above problems. So if I put the next tab activated tell me right or wrong forum: http://prntscr.com/79oqhp

I understand that if we leave this option disabled sucuri run some risk of being attacked with DDoS or injeccion slq or security is also maintained. I hope your answer thanks greetings from Spain

Ahmad E. Community Regular

Ahmad E.

Posted
Posted

hello, again Ahmad El-Oukly thanks for this recommendation did what I said I think that currently there again step above problems. So if I put the next tab activated tell me right or wrong forum: http://prntscr.com/79oqhp

I understand that if we leave this option disabled sucuri run some risk of being attacked with DDoS or injeccion slq or security is also maintained. I hope your answer thanks greetings from Spain

​Leave the forum setting enabled.
Also disabling caching won't make you vulnerable to any exploits however your site may run slower.

Cristian Romero Enthusiast

Cristian Romero

Posted
  • Author
Posted

thank I understand let the forum as I showed in the screenshot. nothing more you have the same system sucuri by what I see. you have proven to ask the support team if you can cache parts of the forum or if we set the minimum cached in sucuri or ariesgado ten encuenta than others appear connected accounts of others like me could be a problem luckily you could give me the answer. If you have a forum host it on www.ovh.com I recommend it is the third largest supplier of hosting world safer. They also frisked also my self-hosting cdn so in settings check sucuri cdn others.

 

thanks no more a hug from Spain invite you to meet my forum is about www.raidcall.es www.foro.raidcall.es program VoIP voice I am the owner of the site Spanish but the program is the .com but worth it you tell

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...