search for: cloudflare

...gt; expiring in 60m? true Nifty, > > I'd be grateful to Andy if he explained what sort of command he runs to > refresh certificates. I understood most refresh arrangements to involve > OAuth2. The actual setup I'm using is: Host myhost Match host myhost exec "cloudflared access ssh-gen --hostname myhost.domain" ProxyCommand cloudflared access ssh --hostname myhost.domain IdentityFile ~/.cloudflared/blahblah CertificateFile ~/.cloudflared/blahblah.pub cloudflared is this thing (open source!): https://github.com/cloudflare/cloudflared There are two pieces...

On 07/03/23, Darren Tucker (dtucker at dtucker.net) wrote: > On Tue, 7 Mar 2023 at 05:26, Andy Lutomirski <luto at kernel.org> wrote: > [...] > > ssh_config contains a Match ... exec [command to refresh the certificate]. > > This sort of works, except that it runs the command far too frequently. > > For example, ssh -O exit [name] refreshes the certificate, and it

...y www.google.com shows only IPv6, when having done nalookup -type=AAAA www.google.com before??? other sample: [root at host ~]# nslookup -query=any www.bipa.at Server: 192.168.23.2 Address: 192.168.23.2#53 Non-authoritative answer: www.bipa.at canonical name = www.bipa.at.cdn.cloudflare.net. Authoritative answers can be found from: [root at host ~]# why is no IP - neither IPv4 nor IPv6 shown? doesn't matter if -query=any or -type=any Greetings, Walter

Hi, One of our AWS machines was used in an DOS attack last night and I am looking for possible attack vectors. AWS tells me it was sending UDP port 0 traffic to a cloudflare address. This instance had an incorrectly configured AWS security group exposing all ports. The server in question is a Centos 7 based FreeIPA server, OpenVPN concentrator and DNS server. With a brief inspection before the instance was stopped no evidence of intrusion could be detected in the ob...

Promox 4.2 running on 2 nodes + 1 quorum = total 3 servers. All of them have tinc 1.0.24 running. On very rare occasions (every few days or 1~2 weeks), my website hosted on this proxmox node will throw cloudflare 522 connection timed out for few seconds or few minutes: https://support.cloudflare.com/hc/en-us/articles/200171906-Error-522-Connection-timed-out This problem has been driving me crazy. I'm not sure, but I suspect this is caused by tinc vpn that somehow got disconnected. root at node1pve:/#...

...ng is key, choose your ISP wisely ?.Each icecast servers has the same multi domain ssl cert. which allows us to deliver to several customers (each customer a subdomain) the cluster is round robin load balanced by using AWS Route53. This approach may can be achived also with other DNS Providers like Cloudflare. For example, if one node need to be taken down for maintenance, Route53 throws the Node out of the DNS automatically. This will be achived with ?health checks? This mechanism is pretty fast and responsive. If a client gets disconnected and tries a reconnect, the RR DNS is passing the client immedi...

...Y.ADJ.NNAT.GN.ZS?format=json&date=1977:2020&per_page=32500&page=1': > Timeout of 60 seconds was reached If you try to open the link in the browser, does it work? How long does it take to download? Try increasing options(timeout=...) to a larger time (in seconds). I see there is Cloudflare sitting in front of the API, but it's relatively non-aggressive. I could only get it to deny my request by accessing it through Tor. -- Best regards, Ivan

On 02/18/2017 10:24 PM, Robert L Mathews wrote: > On 2/17/17 1:38 PM, chaouche yacine wrote: > >> Seems wrong to me too, Robert. If you put your private key inside >> your certificate, won't it be sent to the client along with it ? > > No; any SSL software that uses the file will extract the parts it needs > from it and convert them to its internal format for future

...to mention 100k?s or, Lord help us, 1M?s or more), you need to get content cached in locations that are geographically close to your listeners. By far the easiest (read: most cost effective) way to do this at scale is to leverage the already existing infrastructure of CDNs (companies like Akamai or CloudFlare, that have a world-wide footprint). That means using streaming formats that utilize segmented distribution mechanisms, such as HLS or DASH. You can kinda-sorta do this sort of thing with IceCast by using relays, but it?s complex to configure and monitor while being not well supported at many CDNs (...

B.t.w. I've created a PR for it that resolves it (see https://github.com/NLnetLabs/nsd/pull/346 ), but we may need to discuss if and how to resolve it first. First I'd like to know if your configuration is similar in that the CNAME or DNAME target does contain an allow-query list. Op 03-07-2024 om 10:52 schreef Willem Toorop via nsd-users: > Hi Jamie, > > I can reproduce,

...ur ISP wisely ?.Each > icecast servers has the same multi domain ssl cert. which allows us to > deliver to several customers (each customer a subdomain) the cluster is > round robin load balanced by using AWS Route53. This approach may can be > achived also with other DNS Providers like Cloudflare. For example, if one > node need to be taken down for maintenance, Route53 throws the Node out of > the DNS automatically. This will be achived with ?health checks? This > mechanism is pretty fast and responsive. If a client gets disconnected and > tries a reconnect, the RR DNS is passi...

...ng is key, choose your ISP wisely ?.Each icecast servers has the same multi domain ssl cert. which allows us to deliver to several customers (each customer a subdomain) the cluster is round robin load balanced by using AWS Route53. This approach may can be achived also with other DNS Providers like Cloudflare. For example, if one node need to be taken down for maintenance, Route53 throws the Node out of the DNS automatically. This will be achived with ?health checks? This mechanism is pretty fast and responsive. If a client gets disconnected and tries a reconnect, the RR DNS is passing the client immedi...

After compiling opusenc.js to JavaScript [1], now the flac tool is also available [2][3], too. s/Check out/Clone/ https://github.com/Rillke/flac.js ! I am slightly nervous about its license, the GPL and what CloudFlare is doing: It's melting a lot of content together into one file and adding JavaScript that doesn't appear to be GPL or compatibly licensed -- by any chance, is there a possibility to get an exception (e.g. LGPL license) for JavaScript versions? It's also an issue to what happens in...

After compiling opusenc.js to JavaScript [1], now the flac tool is also available [2][3], too. s/Check out/Clone/ https://github.com/Rillke/flac.js ! I am slightly nervous about its license, the GPL and what CloudFlare is doing: It's melting a lot of content together into one file and adding JavaScript that doesn't appear to be GPL or compatibly licensed -- by any chance, is there a possibility to get an exception (e.g. LGPL license) for JavaScript versions? It's also an issue to what happens in...

On Sat, Sep 30, 2023 at 4:46?AM Jakub Sitnicki <jakub at cloudflare.com> wrote: > > Some virtual devices, such as the virtio network device, can use multiple > virtqueues (or multiple pairs of virtqueues in the case of a vNIC). In such > case, when there are multiple vCPUs present, it is possible to process > virtqueue events in parallel. Each vCP...

On Sat, Sep 30, 2023 at 4:46?AM Jakub Sitnicki <jakub at cloudflare.com> wrote: > > Some virtual devices, such as the virtio network device, can use multiple > virtqueues (or multiple pairs of virtqueues in the case of a vNIC). In such > case, when there are multiple vCPUs present, it is possible to process > virtqueue events in parallel. Each vCP...

...: > >> Timeout of 60 seconds was reached > > > If you try to open the link in the browser, does it work? How long > does > > it take to download? Try increasing options(timeout=...) to a larger > > time (in seconds). > > > I see there is Cloudflare sitting in front of the API, but it's > > relatively non-aggressive. I could only get it to deny my request by > > accessing it through Tor. > ;-\ > > In R (but *not* inside RStudio), I see {from Zurich, Switzerland}, > > > require(WDI) > Loading re...

> -----Original Message----- > From: CentOS [mailto:centos-bounces at centos.org] On Behalf Of Always > Learning > Sent: Monday, January 09, 2017 11:23 AM > To: Centos <centos at centos.org> > Subject: Re: [CentOS] Firefox Issue > > On Thu, January 5, 2017 17:23, Always Learning wrote: > > > > > > > > > Cyber attacks are gradually replacing

...977:2020&per_page=32500&page=1 > ': > > Timeout of 60 seconds was reached > > If you try to open the link in the browser, does it work? How long does > it take to download? Try increasing options(timeout=...) to a larger > time (in seconds). > > I see there is Cloudflare sitting in front of the API, but it's > relatively non-aggressive. I could only get it to deny my request by > accessing it through Tor. > > -- > Best regards, > Ivan > -- Anupam. [[alternative HTML version deleted]]

...ally works much better than HTTP especially for domains like for >> email servers that don?t have an HTTP server deployed for them. >> >> Kevin > > You can't update a record without reloading configs in bind. I guess you are > using some other DNS service... I use Cloudflare (free DNS) and DNS Made Easy (paid DNS). I would never run my own DNS service except for communicating between my Docker services internally (Docker has its own internal DNS for this and there are many pre-built docker images to provide a public DNS service, if required). But, Let?s Encrypt require...