I'm currently hosted with Rackspace Cloud Sites and, recently, the number of compute cycles my site uses was increasingly dramatically, and with it my hosting bills.
It was detected that I was getting hammered from China and one solution put to me was to consider using Cloudflare. I checked it out and have given it a go.
The positives are that it has dramatically reduced my hosting bill and sped up the site as well due to the CDN aspects of Cloudflare.
The negatives are that all users are now presented to the site with a Cloudflare IP address. This could make it problematic to identify malicious users, such as those previously banned, but the bigger issue is that it seems to trigger built-in vBulletin protection for when it thinks someone is attempting to compromise other user account(s). As such, when triggered, all users appear to be the same to vBulletin due to their IP address and all those trying to login get rejected due to 5 failures and told to wait 15 minutes. When this happens, it seems to become a bit of a vicious circle as they repeatedly try to get in.
Has anyone else implemented Cloudflare and are there any solutions available to stop users being locked out in this way, preferably by vBulletin being able to know the real source IP address of each user, as is the case if Cloudflare is not implemented?
Thanks for any help!
It was detected that I was getting hammered from China and one solution put to me was to consider using Cloudflare. I checked it out and have given it a go.
The positives are that it has dramatically reduced my hosting bill and sped up the site as well due to the CDN aspects of Cloudflare.
The negatives are that all users are now presented to the site with a Cloudflare IP address. This could make it problematic to identify malicious users, such as those previously banned, but the bigger issue is that it seems to trigger built-in vBulletin protection for when it thinks someone is attempting to compromise other user account(s). As such, when triggered, all users appear to be the same to vBulletin due to their IP address and all those trying to login get rejected due to 5 failures and told to wait 15 minutes. When this happens, it seems to become a bit of a vicious circle as they repeatedly try to get in.
Has anyone else implemented Cloudflare and are there any solutions available to stop users being locked out in this way, preferably by vBulletin being able to know the real source IP address of each user, as is the case if Cloudflare is not implemented?
Thanks for any help!
Comment