StarshipConsulting

Our valued sponsor

Sword and Shield
Unique Payment

Question Protecting Your Site from DMCA & Powerless Scenarios?

belarus

belarus

Mentor Group Lifetime
Feb 27, 2017
277
122
128
#1
Register now
You must login or register to view hidden content on this page.
So, I've been scrolling through a bunch of threads, right? Some about OCT and some where folks are asking about offshore hosting companies that just shrug off DMCA notices and stuff like that. Got me thinking about where we stand with our own website and how I can really keep it safe.

Alright, from what I've gathered, there are these hosts (below list) that apparently rank top-notch globally for dodging troubles with the law and DMCA headaches.
  • Incognet
  • Shinjiru
  • TerraHost
  • Trabia
  • AlbaHot
But, hosting's just one piece of the puzzle, isn't it? You also gotta dodge Cloudflare. They're like handing out IP addresses and hosting details like candy, even to any Joe Blow who throws a fit and files a dispute. Talk about dropping the ball on keeping your hosting and IP on the down-low.
 
  • Like
Reactions: dany and JohnLocke
Sort by date Sort by votes
#2
A corporate website protected by Cloudflare is virtually risk-free from shutdowns or exposures, provided that the server configuration is secure and proper. This protection is further reinforced when considering the jurisdiction of your hosting provider/company, as some regions offer stronger resistance against DMCA takedowns and similar legal challenges.

Throughout my experiences in responding to various security incidents, I've observed attackers exploiting Cloudflare's infrastructure (or similar services) for hosting malicious content or utilizing their tools for network breaches. Cloudflare has consistently been the sole provider reluctant to reveal details about the origins they're shielding.
 
  • Like
Reactions: jafo
Upvote 0 Downvote
#3
What are some good alternatives to Cloudflare where it's harder for attackers to get a hold of the IP and host? I've read a bit about Amazon having a cloud system, but are there any better ones?
  • Other alternatives to cloudflare I found and researching right now are:
  • Amazon Web Services (AWS)
  • Akamai
  • Microsoft Azur
  • Google Cloud Platform (GCP)
  • Imperva
And how should one strategically go about it if one wants to have 3 servers at 3 different hosting companies in 3 different countries but have 1 website with 1 database?

For the database centralization I'm researching:
  • AWS
  • Azure
  • Google Cloud
Any suggestions for the above or which service to use for the Load Balancing and Geo-DNS for the 3 servers?
 
  • Like
Reactions: JohnLocke
Upvote 0 Downvote
#4
In summary, it's about weighing your requirements, budget, and preferences. Each provider has its strengths, so do some research and choose the one that aligns best with your goals. The alternatives you're considering are all solid, especially if you have someone to set them up properly. Note: I personally do not think Cloudflare needs to be decommissioned if you are already using it, it's a great product and probably the most bang for your buck.

For distributed hosting with servers in different countries but maintaining one website and database, using a major cloud provider like AWS, Azure, or GCP is probably the most straightforward approach. You can enable geo-redundancy with a couple clicks and put your servers behind their load balancing services, it would not really make sense to also keep a live copy of this redundant infrastructure elsewhere. Keep in mind that these providers can be pricey, especially if you're spreading across multiple vendors. Also factor in managed DDoS protection, which will run you a minimum of $3,000 per month per cloud vendor. You basically pay to not get charged for being under attack.

If bandwidth pricing isn't an issue, I'd recommend using AWS with Cloudflare. You could also set up Lambdas to periodically export your database/server off-site. This proactive approach ensures data redundancy and facilitates seamless migration if you ever need to switch providers. Consider your Recovery Point Objective (RPO) and Recovery Time Objective (RTO) to determine acceptable data loss and downtime during potential migration. You would then, in theory, only need to adjust the Cloudflare configurations accordingly.

However, if bandwidth costs are a concern, consider opting for a dedicated hosting provider like Hetzner, OVH, Scaleway, or Leaseweb behind Cloudflare. Ensure geo-redundant availability for your files and database by replicating data among providers or datacenters of a single provider. While this approach is cost-effective, real-time replication may be hindered by connection speed between providers. Despite potential complexities in managing dependencies and connections, this strategy offers a viable solution for maintaining availability.
 
  • Like
  • Love
Reactions: dany and belarus
Upvote 0 Downvote
#8
The key is to choose a registrar that won't suspend your domain. If you properly shield your origin it does not matter where you host, since they won't know what hosting party to contact. You can even do it without opening up your public IP address. You just need a registrar that will not suspend your domain or choose a TLD that is not administered by USA/EU.

I came across this online while researching registrars:

https://docs.google.com/spreadsheets/d/1lfCCdWLMKU9cok9T9UWWUf2EoEdkXU0gon9NDqnRJDs/edit#gid=0
 
Last edited:
  • Like
Reactions: yngmind and LosAngeles
Upvote 0 Downvote
#9
0xDEADBEEF said:
The key is to choose a registrar that won't suspend your domain. If you properly shield your origin it does not matter where you host, since they won't know what hosting party to contact. You can even do it without opening up your public IP address. You just need a registrar that will not suspend your domain or choose a TLD that is not administered by USA/EU.

I came across this online while researching registrars:

https://docs.google.com/spreadsheets/d/1lfCCdWLMKU9cok9T9UWWUf2EoEdkXU0gon9NDqnRJDs/edit#gid=0
Click to expand...
Thank you for the list.

So, it doesn't matter which hosting provider you are using.

You won't be suspended by the server provider, but you could be suspended by the domain registrar?
 
Upvote 0 Downvote
#10
yngmind said:
Thank you for the list.

So, it doesn't matter which hosting provider you are using.

You won't be suspended by the server provider, but you could be suspended by the domain registrar?
Click to expand...
You could be suspended by the provider as well, but generally, they prioritize targeting domain names first. Some registrars have automated takedown processes to the extent that multiple reports from certain sources can trigger an automatic domain suspension.

However, if your registrar is known for being uncooperative and you take the necessary steps to obscure where your application is hosted, the likelihood of a takedown becomes minimal.
 
  • Like
Reactions: kislokan, cckuhqilfownnfctux and yngmind
Upvote 0 Downvote
#11
0xDEADBEEF said:
You could be suspended by the provider as well, but generally, they prioritize targeting domain names first. Some registrars have automated takedown processes to the extent that multiple reports from certain sources can trigger an automatic domain suspension.

However, if your registrar is known for being uncooperative and you take the necessary steps to obscure where your application is hosted, the likelihood of a takedown becomes minimal.
Click to expand...
That's cool.

What about CF? I know that they receive DMCA and immediately leak the host's real IP address.

Can cloudflare ban access to the website?
 
Upvote 0 Downvote
#13
yngmind said:
That's cool.

What about CF? I know that they receive DMCA and immediately leak the host's real IP address.

Can cloudflare ban access to the website?
Click to expand...
As @daniels27 mentioned, they will not leak the origin IP. But they will probably blacklist it, and same goes for your domain name. So you would have to start over with a clean setup.

They used to be very flexible, but nowadays they will comply faster to legal requests. Depending on who files the request and the type of content hosted, it can still take weeks or months for them to stop forwarding your traffic.

But still with the right setup you can leverage CDNs to help you out. Just need to keep providers separate for registering domains, servers and proxying.
 
Upvote 0 Downvote
#14
It depends on what content you run and which authorities you piss off .
There is already a court ruling in Italy that Cloudflare is obligated to disclose the origin IP and other identity information . (https://torrentfreak.com/court-orders-cloudflare-to-block-and-identify-pirate-site-customer-241019/)
Cloudflare also forces users to upgrade to their Enterprise tier, especially if the content they host negatively impacts Cloudflare's IP reputation, such as gambling-related material.
In some cases, they may even require users to provide their own IP addresses to continue using their services.
 
  • Like
Reactions: JohnnyDoe, yngmind and 0xDEADBEEF
Upvote 0 Downvote
#15
0xDEADBEEF said:
As @daniels27 mentioned, they will not leak the origin IP. But they will probably blacklist it, and same goes for your domain name. So you would have to start over with a clean setup.

They used to be very flexible, but nowadays they will comply faster to legal requests. Depending on who files the request and the type of content hosted, it can still take weeks or months for them to stop forwarding your traffic.

But still with the right setup you can leverage CDNs to help you out. Just need to keep providers separate for registering domains, servers and proxying.
Click to expand...
Will they at least give you a deadline? Like you have a week to change Cloudflare DNS, otherwise we will shut you down?
 
Upvote 0 Downvote
#16
yngmind said:
Will they at least give you a deadline? Like you have a week to change Cloudflare DNS, otherwise we will shut you down?
Click to expand...
I haven't dealt with this scenario as their customer. Usually the provider will limit or suspend you, then inform you about this. This is also heavily dependent on what you are hosting and the customer tier you are in. Big accounts get the benefit of the doubt.
 
Upvote 0 Downvote
#17
yngmind said:
Will they at least give you a deadline? Like you have a week to change Cloudflare DNS, otherwise we will shut you down?
Click to expand...
It depends how friendly the Representative is and what type of business you are running .
From 2 cases I know personally it was around 1 week to move their entire Infrastructure .
There is also a public case where it was within 24 hrs . ( https://robindev.substack.com/p/cloudflare-took-down-our-website )
 
  • Like
Reactions: yngmind and JohnnyDoe
Register now
You must login or register to view hidden content on this page.
Upvote 0 Downvote
You must log in or register to reply here.

Forum Announcement

Latest Threads

The Kingdom Bank
Top Bottom
Back