Lemmy Administration

698 readers

1 users here now

Anything about running your own Lemmy instance. Including how to install it, maintain and customise it.

Be sure to check out the docs: https://join-lemmy.org/docs/en/administration/administration.html

If you have any problems, describe them here and we will try to help you fixing them.

founded 4 years ago

MODERATORS

[email protected]

Protect Lemmy against DDOS (lemmy.ml)

submitted 2 years ago* (last edited 2 years ago) by [email protected] to c/[email protected]

7 comments fedilink hide all child comments

Hi,

I wonder what are suitable methods to protect a Lemmy instance against DDOS attacks.

For example, can we use Cloudflare? Or it could break the federation?

Any ideas/suggestions?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 2 years ago* (last edited 2 years ago)

Websites usually use transport encryption but the password itself isn't encrypted. There are authentication schemes that won't send plaintext passwords (by involving some kind of challenge) but they won't work without javascript (except http digest access authentication but thats no good) and you shouldn't ask web-developers to implement them since they will find a way to fuck it up.