Disable remote upload - option

[devon]

My suggestion is to add option turn off remote upload. I do not want to show my IP.

Never initiate an outbound connection based on user action.
If the attacker can get your web server to connect to an arbitrary address, they will reveal your origin IP. Features like "upload from URL" that allow the user to upload a photo from a given URL should be configured so that the server doing the download is not the website origin server. This is important because if an attacker can choose the URL entered, they can set up a web site specifically to monitor who connects to it, or use a public service that monitors the IPs that contact unique URLs.

 

[Rodolfo]

Base your security in how good/bad you can hide your IP is just ridiculous and that's only a CloudFlare thing because they aren't a real CDN after all.

To be honest remote upload is the only way in which I can get all these guys that use a pirated version of Chevereto and hide it behind CloudFlare or services like that. It is a crucial feature that allows to stop those websites from spanning around.

 

[SirMoo]

Base your security in how good/bad you can hide your IP is just ridiculous

We know that cloudflare is just using this as marketing anyway.

The average website is never going to suffer an actual DDOS attack of malicious intentions... If you do, you're likely marketing to the wrong people...

 

[devon]

To be honest remote upload is the only way in which I can get all these guys that use a pirated version of Chevereto and hide it behind CloudFlare or services like that. It is a crucial feature that allows to stop those websites from spanning around.

Now I understand, thank you for your reply. This is just a suggestion "Disable remote upload - option".