Possible site security breach related to Cloudflare

Discussion in 'Site Information, Help & Feedback' started by Amin Sabet, Feb 24, 2017.

  1. Amin Sabet

    Amin Sabet Administrator

    142
    Mar 22, 2015
    Amin Sabet
    Our site was one of many thousands of sites using Cloudflare, which recently disclosed a serious security breach that Cloudflare is suggesting affected a very small percentage of their sites.

    More information here:

    Incident report on memory leak caused by Cloudflare parser bug
    http://gizmodo.com/everything-you-need-to-know-about-cloudbleed-the-lates-1792710616

    I do not have any specific information to suggest that our site was directly involved. Cloudflare has said that they will notify owners of affected domains, and I have not received a notification. but as a precaution, it would be a good idea for all members to take the following steps:
    • Change your password on this site as well as any other site which uses the same password.
    • Avoid using the same password across multiple sites, especially ones which require the highest security (email, banking, etc).
    • Use two-factor authentication on the sites which require high security. We offer two-factor authentication as an option on this site.
    In order to further enhance security for our members, we will no longer require date of birth entry at registration, and I've purged all date of birth info from our database. Members can still choose to enter this information in their profile, but I'd advise against it.
     
    • Informative Informative x 2
Loading...
Similar Threads Forum Date
Site downtime - sorry that took so long! Site Information, Help & Feedback Jul 8, 2017
Site App disabled Site Information, Help & Feedback Jan 17, 2017
New site style Site Information, Help & Feedback Nov 3, 2015