Hello Rick,
Let’s try to analyze the debug report. Click on the debug link at the bottom of the BruteProtect configuration page in your dashboard, and send the report on over.
What’s your URL? I’ll be looking out for the report.
Thanks
Hi Rocco,
Thanks for your response.
I’ve send over the debug report.
The URL is https://www.nnqc.nl/
Hope you can find anything!
So when our API tries to contact your site, we get this:
Curl Error: 35 Cannot communicate securely with peer: no common encryption algorithm(s).
I’ll do some digging to see if I can get any more information.
Could you run that error by your hosting provider / server admin and see if they can provide any insight?
Thanks.
Thats useful information.
I’m using CloudFlare’s Universal SSL (http://blog.cloudflare.com/introducing-universal-ssl/), which uses ECDSA, on my website.
And it seems your systems use an outdated version of curl, which does not support the SSL certificates used by Universal SSL (http://unix.stackexchange.com/questions/162816/disable-sslv3-in-curl).
If i’m right that means BruteProtect is currently not compatible with CloudFlare when using Universal SSL.
Probably the only way to fix this is update the BruteProtect systems with a new version curl.
Hi Rick– I’m working on setting up a cloudflare test site for us to work with– it’s going to take some time to propagate, so please stay tuned and I’ll update you early next week
Hi Sam, great, i’m looking forward to the results!
+1
CloudFlare + BruteProtect = Curl Error # 35
same problem with cloudflare, (I have Universal SSL from Cloudflare)
We’re currently looking into the curl issue, but it’s still going to take some time. Thank you for your patience.
Confirmed same thing even with header rewrites and whatnot even on a server off CloudFlare. Also, it takes less than an hour to set up CloudFlare (even with propagation and flex-SSL wait time), what is the holdup? TLS is now the norm. Please update your ye olde software….remember there are 250k+ people using your mod….
“CloudFlare + BruteProtect = Curl Error # 35 “
This is probably related to SSLv3 and the Poodle vulnerability.
We have disabled v3 by default.
I have SSLv3 disabled on my server as well, and BruteProtect works fine connecting directly. But with CloudFlare in the middle it stops working, it’s not because of SSLv3, but because the Universal SSL certificates are ECDSA and the version of Curl on BruteProtect’s servers don’t yet support ECDSA certificates.
Hello all,
There 2 types of communications our plugin uses: type 1 travels from your site -> our API server, and type 2 travels in the opposite direction from our API server -> your site.
Our brute force protection feature only uses type-1 communication, and as far as I can tell, it plays nicely with CloudFlare.
The features of My BruteProtect did use type-2 communication, which did have trouble with CloudFlare. Since the features on My BruteProtect are now disabled, i’m going to close this issue.
If you find any issues between CloudFlare and the type-1 communication that our shield feature uses, please open a new issue.
Thanks