Hacker News new | past | comments | ask | show | jobs | submit login

Couldn't they use something like cloudflare to have the IP point to local servers? Then the traffic is split on location, with each edge server taking only local requests. That should greatly reduce the incoming traffic, at which point they can try to filter out the 'bad'.



You assume that the attack was limited to their web stack. For all we know it could be the systems that handle the git-over-ssh connections.

I may not be too versed in CloudFlare, but I didn't think they would be able to protect a service like SSH.


Indeed you would not be able to. CloudFlare only does HTTP/HTTPS right now. Technically since Nginx can also support SMTP they should be able to do that as well but it's not implemented currently. Basically if you want to protect SSH it would have to be a provider that does layer-level protection like Prolexic.


Well, cloud flare can certainly forward (or not forward, in the case of bad) ssh traffic. But they would need to dedicate an IP to your account, or provide you with a port number to use.


Getting things through https definitely did not work for some time. I thought I broke my vundle.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: