What is the domain name?
cyberauto dot com
Have you searched for an answer?
Please share your search results url:
I would gladly do so but this create topic tool keeps telling me that I can’t post links (despite the fact that I’m following the instructions to do so with preformatted text.)
When you tested your domain using the [Cloudflare Diagnostic Center], what were the results?
I’m sorry, I can’t find this at this moment. Am working on it and will post shortly but wanted to get this topic out there.
Describe the issue you are having:
We are fighting off what appears to be a brute force attack on a couple of different levels. LFD is constantly rejecting failed logins (at several orders of magnitude higher than normal) and cPHulk is showing a barrage of failed logins from 127.0.0.1 / ZZ / mail / dovecot, That has been happening for 2-3 days. Today, I received three Certificate Transparency Notifications from Cloudflare that I don’t recall receiving before. I suppose that it is possible that something normal is happening that might initiate new certificates but that seems to be too much of a coincidence. Cloudflare’s instructions are to report this if they are suspicious–they are. Certificates are as follows:
Log date: 2023-05-06 17:05:58 UTC
Issuer: CN=E1,O=Let’s Encrypt,C=US
Validity: 2023-05-06 16:05:58 UTC - 2023-08-04 16:05:57 UTC
DNS Names: * dot cyberauto dot com, cyberauto dot com
Log date: 2023-05-06 06:04:55 UTC
Issuer: CN=GTS CA 1P5,O=Google Trust Services LLC,C=US
Validity: 2023-05-06 05:04:54 UTC - 2023-08-04 05:04:53 UTC
DNS Names: cyberauto dot com, * dot cyberauto dot com
Log date: 2023-05-06 06:03:25 UTC
Issuer: CN=Cloudflare Inc ECC CA-3,O=Cloudflare, Inc.,C=US
Validity: 2023-05-06 00:00:00 UTC - 2024-05-04 23:59:59 UTC
DNS Names: cyberauto dot com sni dot cloudflaressl dot com, * dot cyberauto dot com```
What error message or number are you receiving?
What steps have you taken to resolve the issue?
- Early on (before these certificates) I involved our hosting company in this and they’ve double-checked our security and have run three different malware programs, not finding anything.
- I’m doubling back to the hosting company with this news about the certificates (next).
Was the site working with SSL prior to adding it to Cloudflare?
This is not a new addition. We’ve been on Cloudflare for many years.
What are the steps to reproduce the error:
- As indicated above.
Have you tried from another browser and/or incognito mode?
Please attach a screenshot of the error:
Again, failing in every effort to include anything that looks like a link…