this post was submitted on 09 Aug 2023
112 points (100.0% liked)

Technology

37705 readers
143 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

The author was blocked from accessing a work website due to issues with Cloudflare's browser integrity checks. Despite having credentials to prove his identity, an attempt to bypass the checks by disabling fingerprinting in Firefox resulted in Cloudflare blocking all access. He could still access the site on Chrome, showing the block was based on his browser configuration. This left the author unable to complete important work tasks and questioning how much control individuals really have over authentication in an increasingly centralized web ecosystem dependent on remote attestation. It highlights the need for transparency and user agency in how identity verification is implemented online.

all 18 comments
sorted by: hot top controversial new old
[–] tiwenty@jlai.lu 20 points 1 year ago (4 children)

I hate it when in selfhosted circles they recommend CF. Why in hell would you want to be tied to them when you are wary enough to selfhost ¯_(ツ)_/¯

[–] redcalcium@lemmy.institute 14 points 1 year ago* (last edited 1 year ago) (1 children)

It's popular because many people don't have static IP, behind a CGNAT, or simply don't want their residential IP address exposed, so their option is either use a vps as a tunnel (cost money) or use cloudlare tunnel (free). Obviously the free one get more use.

[–] tiwenty@jlai.lu 6 points 1 year ago

I totally understand the appeal. But I don't usually see people explaining the drawbacks and alternatives. Only a plain and simple "just use CF tunnel" for instance.

[–] upstream@beehaw.org 1 points 1 year ago (1 children)

Someone I know who works in payments told me they had to go to CF because of the insane amount of DDoS attacks they were facing.

While having three ISPs and mitigating a boatload of DDoS on their own infrastructure they were simply unable to cope with the persistence.

They first tried another provider, but they handled less DDoS than their own internal systems.

Cloudflare wasn’t even sure they wanted them as a customer.

Some of the biggest attacks mitigated by Cloudflare last year (they wrote about it) was this client.

[–] tiwenty@jlai.lu 1 points 1 year ago (1 children)

I guess we can say we're not in the selfhosted circles anymore haha

[–] upstream@beehaw.org 1 points 1 year ago (1 children)

Depends on what you mean by self-hosted. Because basically they are. No cloud providers meet their security requirements (required for their level of PCI certification).

[–] tiwenty@jlai.lu 1 points 1 year ago

Fair enough, I may have confused selfhosted with homelabs in my answers.

load more comments (2 replies)
[–] LoafyLemon@kbin.social 15 points 1 year ago

I feel like this is way overblown. If you tamper with browser headers and user agents, you will be blocked.

If you use incognito mode or TOR, you won't be blocked, and in fact, cloudflare offers onion routes for your website so the traffic is fully secured.

If it weren't for cloudflare, I would have to pay three times the server costs and put twice as much time into managing it.

[–] randomguy2323@lemmy.kevitprojects.com 14 points 1 year ago (2 children)

I really like Cloudfare but yeah this is something I would not want.

[–] realslef@fedia.io 15 points 1 year ago (2 children)

How can you like cloud flare despite this?

[–] crab@lemm.ee 12 points 1 year ago

I can't speak for everyone, but they increase the security and performance of websites for free. I'm sure a lot of people would like to move away from Cloudflare, but every time I try to find an alternative, none of their competitors even come close. Let's say I moved one of my websites to Bunny CDN and transferred 1TB per month, that could increase my website cost by $120 per year.

The sad reality is that Cloudflare can basically do whatever they want until another competitor offers a good free alternative, which is unlikely because Cloudflare has a monopoly. We would effectively be asking millions of websites to pay to use a service with less features.

I'm still looking for a good alternative, so if anyone has one then please let me know.

[–] cestvrai@lemm.ee 3 points 1 year ago

Is there another way to have all your shit cached for free?

[–] cooopsspace@infosec.pub 5 points 1 year ago (1 children)

You're wrong to like cloudflare. Thats why.

[–] havocpants@lemm.ee 4 points 1 year ago

Great argument.

[–] Sh4d0w_H34rt@geddit.social 9 points 1 year ago

Been dealing with Cloudflare crap for a while now, thought they just had a hatred of TOR traffic. With Google truing to push website DRM I can only see things like this getting worse.