-
No worries, I shall fix it, but it will take a while.
It will probably involve a site option that allows proxying of a *.microcosm.app endpoint via a custom domain endpoint. i.e. that https://lfgss.microcosm.app/api/ surfaces at https://www.lfgss.com/api/ and that https://microcosm.app/out surfaces at https://www.lfgss.com/api/out .
There is a security risk to this, but it is exceptionally small and difficult to leverage, and because I am mindful of it I can add in checks on user uploaded files (avatars, attachments) such that the file hashes are checked against Virus Total before ever making them available to people.
Anyhow... it will be done, but not for a while.
I'm curious though... what happens if you have a local hosts file entry pointing lfgss.microcosm.app to 104.20.62.196 and microcosm.app to 104.20.63.196 ? Does that fix it? i.e. are they using a DNS method of blocking rather than an IP list? I am assuming they are, because blocking the CloudFlare IP addresses would take down a significant chunk of the internet for them.
You are reading a single comment by @Velocio and its replies.
Click here to read the full conversation.
Velocio
You're telling me!
They have upped the paranoia settings to max recently. The number of access requests I've had to raise is ridiculous, but I'm never getting away with raising one for microcosm.app :-)