Jump to content

Site Work Failed, But We Didn't Die

Ugh. Still more roadblocks. Need to get an as-yet unknown password from Nay in order to get this sucker changed. For now, please enjoy the mess of a forums we've got, and dream of the forums we will probably never one day have.

< 3 - Tay

You can dismiss this alert by clicking on the "X" button

Nosebleed

Cloudflare Security Breach (TL;DR Change Your Passwords)

Recommended Posts

Update: Nayleen has said a MITM attack would be necessary to read the information from Fuwanovel going through Cloudflare. In the end though it's better to be safe than sorry so changing your fuwa password is still recommended. 

You may or may not have seen it already but Cloudflare has recently been discovered to have security flaws and has been accessed by third parties to get things like passwords for the past 5 or so months from them: https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/

These issues have, since their discovery, been fixed.

Major sites like Reddit (Reddit admins have confirmed the website no longer uses cloudflare and is thus not affected) and Discord were affected by this. Google was not though since they use their own DDoS protection. 

Fuwanovel also uses Cloudflare for DDoS protection. I'm hoping to hear a comment from @Nayleen on whether this directly affects us or not but just for safety's sake I'd advice you to change your Fuwanovel password along with any other password from sites that were affected by this. 

If you use the same password across multiple sites, change it on all those sitea, even if they weren't affected. 

You might want to consider using a password manager like lastpass in the future as well (the free version is solid and the paid version is only 1 dollar a month). 

Here's a full list of affected sites for anyone interested: https://github.com/pirate/sites-using-cloudflare

I'm on mobile so I'm just rushing this out since I have to leave soon but if it turns out Fuwanovel wasn't affected then that's all the best. Regardless, it never hurts to change your password. 

Share this post


Link to post
Share on other sites
5 minutes ago, Nosebleed said:

Initially it was thought it was but the admins later said reddit no longer uses it. Apparently they stopped using Cloudflare before the bug showed up. 

Wise choice. Why are we still using it, though? index2.png

Share this post


Link to post
Share on other sites
11 minutes ago, Nosebleed said:

Initially it was thought it was but the admins later said reddit no longer uses it. Apparently they stopped using Cloudflare before the bug showed up. 

Ah ok fair enough. Luckily I'm not signed up to too many sites, only a few on the list, so that was alright. I don't think there's really much chance at all of getting compromised in any way, but did it anyways. if I was still using manual passwords I definitely wouldn't, fuck that lol.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.

×