IP Restrictions behind Cloudflare and Varnish

I've recently been working with a client using Drupal, Varnish, and Cloudflare as part of their digital transformation journey. The client had requirements to ensure that requests coming in through Cloudflare, which should be all requests, would include a check to ensure only their internal IP ranges and ours would…

Installing an Origin CA cert in Pound

Recently I was approached by one of the Cloudflare channel team as they advised all customers about Google's announcement about distrusting SSL certificates from two certificate authorities ("CAs"): WoSign and StartCom. Google's announcement joins Mozilla and Apple and now represents the majority of human-driven browsers. As I was using a…

Verifying SSL certificates with drupal_http_request

Recently I was posed with the question about verifying self-signed SSL certificates with drupal_http_request(). The usecase here would be to use private APIs to surface information, secured with SSL, yet using an internally created certificate. By default, drupal_http_request() does not verify the SSL certificate of sites…

Fighting back from Drupal hacks

The last thing any website owner, developer or administrator wants to hear is that they've been hacked. Whether the cause was the fault of insecure passwords, problematic file permissions, a vulnerability in the underlying code or the myriad other potential issues, it's an undesirable situation to be in. When Drupal…

Showing China the banhammer

Recently I started noticing a spike in the overall bandwidth on my server. A little bit of investigation revealed some interesting albeit confusing details. First contactTowards the end of last month's billing cycle for my server I realised I'd actually overshot my bandwidth cap by a little bit. This wasn't…

Allowing anonymous comment deletion rights

I have implemented a method of anonymous comment deletion on this site, based on URL callback of a link displayed at comment post time. As I explained in this forum post, the development of a module that enables anonymous deletion arose from the desire to instantly remove spam comments that…