Archive

Archive for August, 2018

Mistakes that can render your #CloudFlare protection obsolete

August 7, 2018 Leave a comment

download

Cloudflare is a service that can help keep your website safe from DDOS attacks, by taking the load of the attack without affecting your underlying server too badly.

However, assuming that your website is being specifically targeted, then it is obvious for an attacker to spot that your website is behind cloudflare, by simply checking the NS records on your domain. – So an attacker will look to find your underlying webserver, and attack it directly, rather than a “front door” attack via Cloudflare.

So, the first step, as a domain owner, is to make sure that your underlying werserver is not published anywhere on the web. Since, if you can find it – you can bet an attacker will too.

A first search is here: http://www.crimeflare.org:82/cfs.html – Scroll to the foot of the page, and enter your domain – if it’s there, make sure you change your IP address of your server, or ask the owner of this website to remove your listing from his database.

Next, check for historic A records of your domain here; https://securitytrails.com/domain/<your domain>/history/a – and make sure the IP address of the server you used before you moved to cloudFlare is no longer your production IP address.

In short, the general tip is – that if you used the same server IP before moving to CloudFlare, as you do now, – change it. Otherwise an attacker can bypass your CloudFlare protection.

 

Categories: Uncategorized

New #API to determine the current #Insurer of a vehicle in #Italy

August 3, 2018 Leave a comment

images

If you are looking to implement a system that can determine if a car is insured in Italy, and to find its current insurer, then here is an API that solves this for you;

You can also find the current insurer of a car in Italy, by calling the following API; CheckInsuranceStatusItaly at http://www.targa.co.it/api/bespokeapi.asmx , passing the number plate and your username from www.targa.co.it

The response is in XML as follows;

<InsuranceDetails xmlns:xsd=”http://www.w3.org/2001/XMLSchema&#8221; xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance&#8221; xmlns=”http://Regcheck.org.uk/”&gt;

<Company>GENERALI ITALIA</Company>

<Expiry>2019-01-03T00:00:00</Expiry>

<IsInsured>true</IsInsured>

</InsuranceDetails>
Categories: Uncategorized

unauthorized_client in #VSTS #OAUTH

August 2, 2018 Leave a comment

download

If you have an app on VSTS, which suddenly started returning the error
{“Error”:”unauthorized_client”,”ErrorDescription”:null} and InvalidScope in the query string, then it appears that the culprit is vso.codesearch, which needs to be removed from the scope.

Unfortunately, if you already have created an app with this in it’s scope, then a bug in VSTS prevents you from saving it again – so you may need to create a duplicate of the app.

 

Categories: Uncategorized