I would be interested to hear from CloudFlare as to whether there is any possibi... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

gadgetoid on April 1, 2019 | parent | context | favorite | on: WordPress theme provider Pipdig using customer sit...

I would be interested to hear from CloudFlare as to whether there is any possibility of confirming that the URL "https://pipdigz.co.uk/p3/id39dqm3c0_license_h.txt" - fetched by the "license check" code - did at some point return the text "https://kotrynabassdesign.com/wp-admin/admin-ajax.php". I suspect this will be difficult, or impossible, to verify (I'm not a security expert) and the "license check" code in and of itself (while extremely fishy) only betrays the potential of a DDoS and is not a smoking gun.

anc84 on April 1, 2019 [–]

Hopefully not. Cloudflare has no business in law enforcement or legal investigations. If they are trustworthy, this will not know about the contents of sites in the past.

skoskie on April 1, 2019 | [–]

Agreed. Separation of concerns and all that.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact