Comment by iampims
6 years ago
To avoid leaking IPs, you can use cloudflared tunnel. It might get pricy if you move a lot of bytes, but it’ll isolate you from IP leaking issues.
6 years ago
To avoid leaking IPs, you can use cloudflared tunnel. It might get pricy if you move a lot of bytes, but it’ll isolate you from IP leaking issues.
oh, i found out where the leak was
it's right at the end of the article - the attacker was abusing the "create a preview card of any posted URL" feature - he'd post a link, wait for pleroma to go and grab the url to preview it, then narrow down which one was mine based on user agent
i added an upstream proxy and anonymised the user agent, so even if he were to do that, the most he'd find was my proxy box
That might be what you are talking about, but just to confirm: Pleroma has an ability to proxy outbound requests via `pleroma.http` config out of the box
yeah that's what I'm using
I also pull-requested a user agent anonymisation setting (pleroma.http.user_agent) to make this better
Did you consider using Tor to make those kind of outbound requests? I've done that in that past for a similar situation to avoid leaking IPs, there is a latency overhead but it solved my issue pretty quickly. There were some sites that were blocking Tor exits but the vast majority were successful (enough that when the feature failed it didn't really matter).