CYeah make a new post under the meta category requesting username change. And tag
@RemoveAccount
KOkay
RI didn't know this but my ISP defaults to Google DNS lol
RChecked my local preferences and my router preferences they are all set to automatic
KDoes many but could also be your phone by default
KBecause many isp's have their own DNS server to block illegal pages like bs.to etc
Kin my country such things should be illegal, because the internet has to be free. Or so idk. Just heard from this law
RI've checked my DNS settings both on my phone and on my router itself. They were all set to automatic
RUnless if android does something in the background I'm not aware of 
RAnd yeah I forced all my family to use 1.1.1.2 actually :lul:
RJust tweak the router and every new client connection gets the default DNS of 1.1.1.2 lol
CHey all, I just got a bunch of weird user creations on my PHP site. Here’s what my users table looks like
191 ';print(md5(31337));$a=' 2024-06-12 09:49:49
192 index.php/. 2024-06-12 09:49:49
193 ";print(md5(31337));$a=" 2024-06-12 09:49:49
194 ${@print(md5(31337))} 2024-06-12 09:49:49
195 ${@print(md5(31337))}\ 2024-06-12 09:49:50
196 '.print(md5(31337)).' 2024-06-12 09:49:50
197 eqID37ZX 2024-06-12 09:51:01
198 sample@email.tst' AND 238=68 AND 'l5vH'='l5vH 2024-06-12 09:51:01
199 sample@email.tst" AND 238=68 AND "GDeG"="GDeG 2024-06-12 09:51:02
200 -1 OR 2+22-22-1=0+0+0+1 2024-06-12 09:51:02
201 -1 OR 3+22-22-1=0+0+0+1 2024-06-12 09:51:03
202 sample@email.tst'|' 2024-06-12 09:57:43
219 sample@email.tst'' 2024-06-12 09:57:43
191 ';print(md5(31337));$a=' 2024-06-12 09:49:49
192 index.php/. 2024-06-12 09:49:49
193 ";print(md5(31337));$a=" 2024-06-12 09:49:49
194 ${@print(md5(31337))} 2024-06-12 09:49:49
195 ${@print(md5(31337))}\ 2024-06-12 09:49:50
196 '.print(md5(31337)).' 2024-06-12 09:49:50
197 eqID37ZX 2024-06-12 09:51:01
198 sample@email.tst' AND 238=68 AND 'l5vH'='l5vH 2024-06-12 09:51:01
199 sample@email.tst" AND 238=68 AND "GDeG"="GDeG 2024-06-12 09:51:02
200 -1 OR 2+22-22-1=0+0+0+1 2024-06-12 09:51:02
201 -1 OR 3+22-22-1=0+0+0+1 2024-06-12 09:51:03
202 sample@email.tst'|' 2024-06-12 09:57:43
219 sample@email.tst'' 2024-06-12 09:57:43
CI’m not sure if any of my data has been accessed or changed in any way. Still looking through my other tables, but how can I check if any of these SQL injection attacks worked?
Aif youre looking at that it probably means it didnt work, how are you sanitising your inputs ?
CJust using a prepared statement to add it to the users table
T
CHashed passwords using the password_hash() function that php has
C@az
IYou should be fine if you're properly using prepared statements.
IAssuming that those random strings are supposed to be user emails, I'd also try to validate that they're valid emails before inserting into the DB.
KStrange ISP you have
R¯\_(ツ)_/¯
KDoes it make sense to cache pages like this https://akami-solutions.cc/akami-cgi/icon/envelope ? Because CloudFlare doesnt think so :0010shiba_think:
Kme: cloudflare.com
My Fingers: cloudfl.re
My Fingers: cloudfl.re
H
THi everyone. Does anyone have any idea why cloudflare ignored my WAF rules? This is the request and these are my rules:
Tbased on the rules shouldn't the request be blocked?
Tit was a request with HTTP1.0
HIt's because you have Bot Fight Mode enabled. Bot Fight Mode bypasses your rules
Tyes, but based on their traffic sequence shouldn't after bot fight mode pass through WAF? At least this is what I understand from this top to down sequence
KNo wonder why CloudFlare Dashboard has everytime loading issues. Its made with React I guess :NayaDerp:
HNot quite. If you use SuperBotFightMode, then yes, but regular BFM overrides all your rules
HIt's generally a heavy hammer, so we recommend only using it when absolutely necessary, or otherwise upgrading to get SBFM
Tokay, I understand about BFM and SBFM but what do you mean by absolutely necessary? When is it necessary to activate BFM? (I am new to managing DNSes) 
JHow can I configure Cloudflare to allow my IP address to bypass a 301 redirect set by Page Rules and load files directly from the hosting server?
Yesterday, I successfully configured the redirect rule setting to allow my IP address to bypass the 301 redirect. However, I had to delete all settings this morning and start fresh. I can't remember how I did it yesterday. How can I make my IP address bypass the 301 redirect instructions set under page rules?
Thanks.
Yesterday, I successfully configured the redirect rule setting to allow my IP address to bypass the 301 redirect. However, I had to delete all settings this morning and start fresh. I can't remember how I did it yesterday. How can I make my IP address bypass the 301 redirect instructions set under page rules?
Thanks.
HBasically, only use BFM when you are currently under attack by a lot of bots. It isn't something I would recommend having on all the time
HAdd an
ANDIP Source Address does not equalSo if I set a Redirect Rule with this condition, should I delete the 301 instructions under Page Rules?
TIf I understood correctly it is better to have WAF rules to filter traffic rather than activating the bot mode . Do you happen to have any sheet with what WAF rules I should have (except the ones I've showed in the image above)?
. Do you happen to have any sheet with what WAF rules I should have (except the ones I've showed in the image above)?TAt least the basic ones
HYou can do that
HI do not, unfortunately
Tokay, thank you for the answers :MeowHeartCloudflare:
VWhy Cloudflare is slow in India?
A simple
A simple
GETSelect * from Users Limit 101690ms
VAPAC region for DB. How to find what what pop i am hitting in the rays?
V
VBOM - I guess Bombay, India
