3
ctnqhk
3y

My manager and I setup Cloudflare for one of our websites because we’ve noticed bot activity. Stakeholders have their feathers ruffled because ONE fraudulent payment got through during the first 24 hours of using Cloudflare. Um, there’s no miracle solution and we didn’t promise you miracles.

Manager and I aren’t sweating it because 1) we’re still learning Cloudflare, 2) we’re still familiarizing ourselves with the website because it used to be maintained by an outside agency, and 3) things were much worse a few months ago before any mitigation efforts were put in place. We finally setup Cloudflare because the fraud tools for our payment processor could only do so much.

We’re both honestly surprised a situation like this hasn’t come up before in all the years the website existed.

Comments
  • 3
    What people don’t understand is that security is not binary. It isn’t off or on.

    System security is porous like an egg. Removing the pores of an egg is not possible without suffocating the chick inside. So you do your best to have the hen lay a healthy egg and give it the best conditions possible to survive.
  • 1
    @irene plus security is ever changing.
  • 0
  • 0
    @irene tbh that also applies to the current pandemic, but I see people refusing stuff because it's not 100% effective.
Add Comment