SSD Web Hosting + Anti-DDoS Protection | NewProxyLists

BMF Host – We think of us as an ambitious team of IT-professionals with extensive experience in providing quality hosting for a wide range of needs. Our team consists of highly qualified professionals, and our approach is based on the traditional values of business, such as honesty, hard work, patience and, of course, supplemented by a tremendous experience of servicing. We have servers located in Romania.

Server specs: 40-Core CPU, 256 GB RAM, 8 SSD in RAID 10

Check us out: BMF Host – Offshore Web Hosting Services – Romania Hosting

We use the best CLOUDLINUX operating system, all hosting packages include MariaDB sql server + cPanel backup software Incremental
We will do our best to set up your hosting account as soon as possible, usually the hosting accounts are set up in a maximum of 5 minutes.

If you want to move your site from another hosting company to us, the transfer of data from the old server to us is free of charge through the cPanel utility!

BMF Host is backed by 99.95% Uptime Guarantee SLA, as well as “No questions asked!” 90-day Money Back Guarantee.

BMF Host features:

  • Softaculous, Incremental Backup
  • Dedicated hardware resources
  • LetsEncrypt Free SSL
  • Unlimited email accounts
  • Hosting unlimited domains
  • POP3, IMAP, WebMail access
  • AntiSpam + AntiVirus email filter
  • PHP 7.X, MySQL / MariaDB 10.X, Tomcat 8.X
  • CGI, PERL, CURL, GD, ImageMagick

SSD Basic:

  • 10 GB SSD Webspace
  • Unlimited bandwidth
  • Unlimited domains
  • 99.9% Uptime Guarantee
  • Free LetsEncrypt SSL
  • Email filter AntiSpam + AntiVirus
  • Free Automatic Backups
  • 30 Days Money Back Guarantee
  • Free Website Transfer Upon Request
  • Multi PHP
  • 99.9% Uptime Guaranteed
  • 24/7 Support

Price: $2.75 / month
Order now

SSD Advanced

  • 25 GB SSD Webspace
  • Unlimited bandwidth
  • Unlimited domains
  • 99.9% Uptime Guarantee
  • Free LetsEncrypt SSL
  • Email filter AntiSpam + AntiVirus
  • Free Automatic Backups
  • 30 Days Money Back Guarantee
  • Free Website Transfer Upon Request
  • Multi PHP
  • 99.9% Uptime Guaranteed
  • 24/7 Support

Price: $4.95 / month

Order now

SSD Premium

  • 40 GB SSD Webspace
  • Unlimited bandwidth
  • Unlimited domains
  • 99.9% Uptime Guarantee
  • Free LetsEncrypt SSL
  • Email filter AntiSpam + AntiVirus
  • Free Automatic Backups
  • 30 Days Money Back Guarantee
  • Free Website Transfer Upon Request
  • Multi PHP
  • 99.9% Uptime Guaranteed
  • 24/7 Support

Price: $6.95 / month

Order now

If you have any questions do not hesitate to get in touch with us.

 

paypal – Simplest possible piracy protection and payment system for a plugin?

Just to learn a little about piracy protection and payments, I was thinking of making a simple WordPress plugin. It would probably not earn a lot of money, but give me experience. So top security is not needed.

I was thinking of letting the user pay to PayPal giving his WP-domain. Paypal sends message to my server. My server encodes the domain and current date w/ private key and sends to the user that enters the data into the plugin. The plugin decrypts using public key and if the domain is ok and date has not passed by more than one year, runs full capacity.

A secure message about payment from PayPal requires business account. PayPal business account is $30/month which might be more than this experiment would earn. So maybe I would just read my mailbox by PHP to see if payments have been made to a personal account. (A plugin password could then be falsely obtained by spoofing an email from PayPal to me.)

OpenSSL seems to reside in servers so I would not have to supply a library to the user.

I have no experience in these things. The question is just. How do you construct the simplest possible anti-piracy/payment system which requires only “moderate” degree of security. (The software would be so simple (and running interpreter PHP) so security could probably be by-passed anyway.)

dnd 5e – Evocation Wizard’s Sculpt Spell Ability with spells that persist over time – under what conditions is protection maintained?

One of my current players has the first Wizard Evoker for whom I have GMed.

His PC’s Sculpt Spells ability was easy to interpret at lower levels, when his evocation spells, like thunderwave and fireball, were instantaneous.

As he advances, however, he may obtain spells that have longer durations, such as Storm Sphere, Wall of Ice, or Whirlwind. I am realizing that I do not know how to adjudicate Sculpt Spell with spells that persist, especially when the initial conditions of the Sculpt Spell ability no longer apply.

Sculpt Spells says:

Beginning at 2nd level, you can create pockets of relative safety within the effects of your evocation spells. When you cast an evocation spell that affects other creatures that you can see, you can choose a number of them equal to 1 + the spell’s level. The chosen creatures automatically succeed on their saving throws against the spell, and they take no damage if they would normally take half damage on a successful save.

Storm Sphere, for example, has a a duration of Concentration (up to 1 minute) and says in part:

Each creature in the sphere when it appears or that ends its turn there must succeed on a Strength saving throw or take 2d6 bludgeoning damage.

To use the Sculpt Spell ability, the Evoker must see the creatures he is designating as being protected at the time he casts the Storm Sphere, and they must be in the area of the sphere at the time he casts it. It is clear that designating the protected creatures happens “when you cast”.

What is not clear to me is whether the protection is for just the first round (“when you cast”) or is meant to persist and provide protection on subsequent rounds.

If the protection normally persists, can it be lost if the creatures no longer meet the conditions that were required for them to be designated as protected?

What would happen to a protected creature if it was to exit the area of the Sphere and later re-enter?

Does the Evoker need to maintain them in his sight to maintain their protection? If they were originally protected when the spell was cast, but later became invisible, would it end their protection if the Evoker could no longer see them?

It is possible that reviewers may mark this as asking multiple questions. To be clear, I see all of these as examples of one question – Under what conditions does the protection afforded by Sculpt Spell persist or not persist over time?

Google Cloud vs OVH [DDOS protection]

I have been looking for a new provider for some time now and Google Cloud crossed my path and I actually enjoy it a lot. Very easy to custom… | Read the rest of https://www.webhostingtalk.com/showthread.php?t=1834140&goto=newpost

need help on ddos protection

Hello, if it’s still relevant I have an idea on website protection topic.

there are many different cloud-based services, which can do the real-time check of you traffic and stop the bad bots. It depends on what exactly you need. You can easily find an option. For example you can take a look at the https://botguard.net, maybe it can help.

A disclaimer: I am working at BotGuard – service which can protect your website from malicious bots, crawlers, scrapers, and hacker attacks. And you can get started with BotGuard for free.

 

Copy protection for Windows software for the case “demo version vs. full version”

I have written a software as a student. All functionality was in the software and it was a 30 days fully functional version. After some years there were cracks around and my income was 10% of before. This was where I decided to switch the paradigm to full version vs. demo version with limited functionality (the function weren’t even in the EXE using compiler switches). This in my case ended all piracy and worked very well.

Now you could ask what if a customer uploads his full version to a crack website? For this case I compiled the customer’s full address visibly and invisibly into the EXE file so that I could see which customer was a bad boy…

After some more years I had a new problem: anti virus software. Since my software can set keyboard shortcuts, the heuristic algorithms of some anti virus apps started complaining. So I sent the demo version EXE to the anti virus companies to mark it as “safe”. This worked very well. But only for the demo version which is fixed in bytesize. When I compile the customer’s personal data into the EXE file, the filesize varies a bit and so the checksum differs and the EXE file isn’t marked as “safe” by the anti virus software anymore and the complaining starts again for the customers.

Does anyone have an idea how I could solve this? I can’t add a separate file because this could be deleted by the customer, of course.

Thanks in advance.

DDOS Protection Clarification

I usually have providers with advertised ddos of protection like "2Gbps DDoS-Shield™ On-Premise Mitigation" or "Voxility has over 1Tbps of c… | Read the rest of https://www.webhostingtalk.com/showthread.php?t=1833610&goto=newpost

nginx reverse proxy hotlink protection

I need to proxy remotelocation.com on remote.mylocation.com using nginx.
They use CloudFlare, but i have the backend ip so it is not a problem.

Now, I am getting Hotlink protect error

My nginx config is :

server {
  listen 80;
  server_name remote.mylocation.com;
  location / {
        proxy_pass http://their ip;
        proxy_http_version 1.1;
        proxy_set_header Connection "";
        proxy_set_header Host remotelocation.com;
        proxy_set_header Referer "https://remotelocation.com/";
        proxy_set_header User-Agent "Mozilla/5.0 (Windows NT 6.1; Win64;  x64) >
        proxy_set_header X-Real-IP 103.21.244.22;
        proxy_set_header X-Forwarded-For 103.21.244.22;
        proxy_set_header X-Forwarded-Proto https;
  }
}

Does OpenID Connect provide CSRF and XSS protection?

I’ve been reading several articles recently about how storing JWTs in local or session storage is inherently insecure. The mitigation is apparently to implement a “session ID pattern”, i.e. create a session ID, which is stored in a signed HttpOnly cookie and is also included in the JWT, in which case both can be compared server-side to make sure the token corresponds to the right session.

From my limited understanding of the OpenID Connect spec, it seems like that session pattern is part of the specification (as state parameter), so I’m assuming that using a compliant implementation should be enough to protect against CSRF/XSS in this particular context.

Is this a correct assumption? Does OpenID Connect spec include CSRF and XSS protection for JWTs?

8 – Simple spam protection for contact form with rules and custom fields

I am trying to avoid spam by adding two checkboxes to my forms: botguard_human and botguard_machine. Everyone needs to check the respective box before submitting. Labeled e.g. “I’m a human” and “I’m a machine”. Now i tried to set up rules to block the message if the choice is wrong, but i failed.
Is rules able to do this and if please describe exactly how to achieve this.