New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
You're the provider. I'm using your server. I don't need to give you my domain. See what content I'm hosting.
Well from IP it’s kind of impossible since there’s tons of websites on each IP. Any attacker would at least have your domain.
If you're not using a reverse proxy, then one can potentially scrape on that IP and try to index everything (/index.html, /login, etc) and figure out from the partial content what is being hosted, or at least figure out the domain. But with a reverse proxy, scraping is pointless because it gets routed into a dummy backend with nothing in it.
So yeah, there's no way a provider can know what you're hosting unless they also know what domain you're hosting, and I would not sign up with any provider that asks me that information.
Yes, but weren’t we talking about a third party gathering the IP from CloudFlare themselfs using the domain?
I’m tired might have lost it.
They first check if the cert leaks it, then they try if the mailserver is unprotected and leaks the backend IP of the website/mailserver in headers, then they check A records and their history, and finally they attempt to file legit DMCA over content like news article pictures and are only asking for either backend IP or user details to proceed with C&D letter. Cloudflare obviously will pass on the provider IP which is hosting the webserver rather than customer details to keep safe harbor status if the DMCA seems legit enough.
Now you have valid backend for hatewebsite123.com and can pressure the provider that actually hosts the site since the CDN sold you out. Now the provider knows about it.
This is retarded.
That Cloudflare IP itself is irrelevant and nobody cares about it. The only thing they care is turning domain to backend IP, and what you posted is not the backend IP.
But for arguments sake, that IP currently serves 360 domains via CDN and you can just scrape the list. But how is that even relevant if you know the domain already anyway?
You mean a reverse proxy, not a CDN. Cloudflare's CDN caching isn't enabled for HTML files by default, just static files (JS, CSS, images, etc).
The OPs assertion is that his provider is censoring him for the content of his website. My assertion is that the provider has no way of knowing what domain his server is serving unless they were told. Use cloudflare for cdn so that users of the site has no way of knowing his server's real IP (and thus nothing to "report" to the provider, with the exception of law enforcement and cloudflare giving up all info).
Yep. If you consider CF giving up the info an exception there’s really no discussion here.
I'm the provider? I don't are the provider. If you want to someone discovers who is behind the website provide a domain...
Shared a IP of cloudflare will list some of them.. third party can have real origin ip, just only knowing the domain and sending a DMCA complaint they will forward with the info.
I think you are confusing me with OP..
You're talking apples and oranges. The OP is hosting a right-wing website. There's nothing illegal about it that will cause cloudflare to give up their info. You want to fake a DMCA takedown? You can do it, but this is a double-edged sword:
https://support.cloudflare.com/hc/en-us/articles/360028158352-Reporting-abuse-to-Cloudflare
"A statement that the information in the notification is accurate, and, under penalty of perjury, that you are authorized to act on behalf of the copyright owner."
I will not send fake dmca. But there are guys who does that. Nothing wrong with right-wing can you explain why dailystormer is banned already from many hosts? He admited it, is difficult to find a new home for them.
What you think? I'm against right-wing? I'm neutral in that. Of course I have my own opinion based but doesn't mean that i'm against someone with right-wing content.
You are confusing everything. What I said is Cloudflare is tricky, you should read and search in Torrentfreak for cloudflare articles and their "partners" with some organizations, dmca and leak of information to 3rd party.
Waste of time talking with you.
No idea what "dailystormer" is. It's banned probably because whoever created the site also registered that domain with the same host and even getting them to run the servers (people with little technical expertise), so the provider knows everything. Like I said, for people who know what they're doing in bringing up a website, the host provider should have no idea what their servers are hosting unless law agencies are involved.
It's actually very easy to forge DMCA to gain backend info. As long as you have premium-like .com domain which runs elegant looking law office stock website, it should be fairly easy to forge such email which Cloudflare will respond in "Good faith" to toss the problem into the actual hosting provider.
This is even sold as a service on various forums out there.
Pretty much the only stuff they refuse are request emails from gmail/protonmail/outlook/etc and any account/user details.
Or you could literally claim any stock pic on the article of the news site as your own to have "legit case". Ofc theres a risk that the site owner sues you for lying, or informs the original copyright owner about you abusing their works for malicious purposes.
Nazi website that promotes violence against Jews and has organized harassment of people in the past
Cloudflare reports sites to providers all the time, but they themselves won't stop providing service to them.
From my experience, Cloudflare won't leak your backend IP, just will forward the request to your hosting provider + yourself and let the reporter know your hosting provider if the report seems legit enough.
Don't forget to make a fake LinkedIn with an AI generated human face avatar, super realistic unless you look hard at finer details and no reverse image search. Definitely easy to do a blackhat service for anything around this stuff.
what if I chain multiple cdn's together? those reports are bound to get lost along the way unless an FBI agent gets everyone in a conference call for a debugging session.
Great list, +vouch for Incognet.io they are good, hope to get soon buyvm also!
Right-wing always!
Talking to you is the same talking to a wall.
Dailystormer is a Nazi ( I would call it right-wing website), have been hosted several times in a lot of hostings and kicked off.
You are talking trash, make your own research. I will do some for you, catch it brother (pay attention of what CEO and others of CF said):
https://www.bbc.co.uk/news/technology-40960053
https://blog.cloudflare.com/why-we-terminated-daily-stormer/
Dailystormer admited in his blog is being hard to maintain his website online, hosting providers several already banned him for doing business with them, otherwise if someone reports to the hosting provider which banner him, he go down easily.
Research needed seirously. You seems to be a "kid" thinking that everyone will protect your ass. When money and powerful organizations are envolved they will have what they want from you.
Look at Wikileaks not all hosting providers allow it, some have also kicked them out from their network. Look what happens with Julian Assange.... (Research before come with any shitty answer)
With this kind of argument "Hosting Providers never will know what I'm hosting if I use CF. " Dailystormer, Wikileaks any many more laughed.
Take and consider it as mirror.
@gzz did you ever find a provider?
He didn't replied anymore. I think he give up of the idea.. Probably he is the owner of Dailystormer lol we never know.
I think he stopped replying because he solved his problem.
Yes it is true but looks like @mosquitoguy was been roasted by cloudflare lool. He didn't know the existence of Dailystormer a quickly search in google he will discover, even wikileaks and others.
The BYTEFEND on that list gives me PTSD.
Thanks nevertheless, and sorry for late reply !
As long as it's not fake/illegal news. we, at CatNode, will happily provide you with WEB/VPS Hosting.
interesting... flokinet sucks more and more.
If these types of threads keep coming up I'll get a shitty 1U server, drive a few minutes to Bahnhof to get it Colocated, and bank in cash.
did you really need to inject an advertisement on a month old thread?
I think hosting that allows free-speech content, use US-based hosting companies, try Serverhub: https://www.serverhub.com/vps/ssd-vps
There are packages that start from 5$/year, and other big data servers with limited time offer discounts of 50% for one month + 15% on annual payments.