Closed jencohoon closed 2 years ago
jencohoon
commented
3 years ago From @tomusher via Slack: We ended up putting donate behind CloudFront because it was a bit simpler with the domain situation. The AWS WAF is already configured which has generally been doing a good job.
So next steps would be to see what protection AWS CloudFront can provide when website is being scripted against.
jencohoon
commented
3 years ago Access to CloudFront for donate is through mofo-projects
jencohoon
commented
3 years ago AWS WAF CAPTCHA Documentation: https://docs.aws.amazon.com/waf/latest/developerguide/waf-captcha.html
jencohoon
commented
2 years ago This was implemented on Dec 27, 2021.
The goal is to combat bot traffic to donate.mozilla.org. The Donor Care team are reporting a low but constant flow of bot / scripting against the donate site.
Linking the Donor Care message from Slack from Nov 16, 2021: https://mozilla.slack.com/archives/C4M19QU2Z/p1637098315341900
Info & links
For reference on adding Cloudflare to Foundation see this Github Issue