Foreword
Before we dive into the changes that we have made to the new Creators Wave infrastructure, it is important to roll back to where it all began. Back when Creators Wave very first started, we were running a MyBB installation on a shared host.
Said shared host caused us a number of issues due to the instability, and lack of support responses.
Creators Wave, Version 2
When we looked to migrate from our shared hosting provider, we migrated to a VPS. Originally, this was with OVH but we found that this experienced a number of issues with our monitoring solutions and their VPS firewalls, which meant that the server actually went down for 2 days - after many arguments with support this was eventually resolved, but we were left feeling deflated at the fact that we experienced the same issue that we moved away from our shared host for...
Enter Digital Ocean. Digital Ocean were used for our hosting requirements and have been extremely solid for us. They even pre-emptively sent us support tickets when we had underlying configuration issues, and their monitoring solutions were second to none!
So, why the change?
We took the decision to migrate the infrastructure to a virtual server that sits within our own dedicated server. The reason for this move is so that we could have greater control over the hosting stack. It also allows us a chance to implement better monitoring, automation, and security.
So, how does it work?
Our network is now rather complex, however allow me to break this down for ease of understanding.
We leverage a firewall solution called pfSense - this acts as a 'broker' to our virtual server running Creators Wave, and handles the DHCP for the LAN.
With this in mind, all traffic to our domain is filtered through pfSense. We employ a number of rulelists at our firewall level to:
- Block illegitimate IP addresses.
- Block bad actors
- Block unwanted geolocations
- Restrict connection counts
If the traffic is allowed, pfSense then passes this network through to the LAN, where the traffic traverses our webserver for Creators Wave.
Creators Wave currently sits on a single server, running on an Ubuntu virtual server. The plan in the future is to add in an additional fail-over server for High Availability. This means that we can perform entire server upgrades without affecting the uptime of the site.
I'm concerned about my traffic, and the logging implications that this has on me?
We understand that this may cause some of our users to grow concerned with regards to the privacy of their data, as well as the level of data that we hold against you.
Creators Wave has always had transparency at heart, and we appreciate that data that we hold about you should be kept private and secure.
With this in mind, we have not changed the level of the data that we hold.
- Your username
- A **hashed ** password.
- Your IP Address
- Your GEO Location (obtained from your IP Address details)
IF your IP address is found to be attacking our services, we may reserve the right to submit this to the IPDB register, found here: https://www.abuseipdb.com/user/46351
How do you secure my data?
Creators Wave employs a number of actions to ensure the security of your data. This includes, but is not limited to:
- Regular vulnerability checks and audits.
- Regular update schedules across the entire infrastructure.
- Automated alerting of any suspicious or unusual activity.
- Encrypted backups.
- Following industry best practise.
- Firewall filtering for known bad actors.
