Invision Community 4: SEO, prepare for v5 and dormant account notifications Matt November 11, 2024Nov 11
Posted January 22, 20232 yr Our site is being attacked with following query: https://ourdomain.com/?app=core&module=system&controller=ajax&do=getCsrfKey&path=/cdn-cgi/challenge-platform/h/g/flow/ov1/0.08870637031819933:1674421556:kajjeSQwyYqsNvnO1QhOhWLx91acnwAFij2u8_yoi50/78db81033db0bf76/9d3dff145bc62e5 Sent every second, it makes the site slow as hell, basically kills SQL performance somehow.
January 22, 20232 yr Looks like a Cloudflare URL: https://developers.cloudflare.com/bots/reference/javascript-detections/
January 23, 20232 yr Community Expert Indeed, doesnt look like one of our URLs. If someone is attacking your site with an attempt to DDOS it though, you would want to get together with your hosting to mitigate that attack. That isnt really a vulnerability, its just someone hammering your site every second. Someone could attack your site in that manner using just about any URL. If they hit it hard enough, it will cause issues if not mitigated.