I'm glad that @GMMKE seems to be working again. My plan for a while was to move it off of #pipedream and onto #cloudflare workers. That's something that would need to wait for a few weeks, though.

Karsten Samaschke
2 days ago

Worked for like the whole weekend and yesterday on a #minio roll-out on my private #kubernetes cluster using #HELM.

Installed Operator and Tenant. Services worked. Ingress threw terrible SSL/TLS-related exceptions.

Tried it several times in different ways. Removed the whole ingress part. Rolled out ingress "by hand".

Nothing. All the time, the same exceptions.

Damned MinIO.

And then went over to #Cloudflare and deactivated the DNS Proxy for the domain.

Well. Ehm. Worked.



OK, this is early hours yet... but after enabling cloudflare and confirming that it was handling DNS for my website, I've posted two links to my website and the website has not died. *Knocks on wood* Including this one
Edit: Nope, I could post from my @alberniweather account and it survived, but posting from this account killed the website. 503. Damn.

#CloudFlare #Mastodon #MastoAdmin #Web

A screenshot of a graph from Cloudflare showing total requests at 5.58k uncached at 4.8k
3 days ago

Today I am open sourcing Satounki, a self-hosted, open source and cloud-agnostic temporary elevated access management solution!

Satounki is written in #Rust and generates a load of code in #Golang and #Typescript 🚀

I am looking for contributors, so if this sounds like something you'd be interested in working on, please reach out!

I have also posted an announcement on #hackernews -

#opensource #selfhosted #cloud #aws #gcp #cloudflare

Jens Finkhäuser 🌻
3 days ago

So, #GitLab has decided to become completely unusable, by showing this #Cloudflare "prove that you're human" screen and then redirecting back to it in an infinite loop.

It is stunning with how #enshittification does nothing to convince me to change my habits (it's probably due to the pi.hole), and I just decide not to use that site ever again.

Checking if the site connection is secure needs to review the security of your connection before proceeding.
4 days ago

Anyone else getting 403's from It seems like #Cloudflare has been enabled recently which blocks connections from #tor.

@pixelfed is this a known issue?


EDIT: seems to be working now.

Screenshot of the browser network tab showing all requests to fetch assets from getting 403 responses.
4 days ago

Would you be able to manage your self-hosted web applications? Consider using CloudFlare! Check out my blog post on how he uses CloudFlare's zero-trust tunnels to host his blog from home. #CloudFlare #webapplications #selfhosting

Marc Michalsky
5 days ago

Obwohl ich bei #STRATO mehrere Domains in unterschiedlichen Paketen liegen habe, bleibt die maximale Anzahl meiner Sub-Domains auf insgesamt 10 begrenzt. Das ist zwar total Banane, aber der Support will mir höchstens teurere Pakete verkaufen.

Früher habe ich meine Domains mal über die Nameserver von #Cloudflare verwaltet – da ist die Anzahl der Subdomains natürlich unbegrenzt. Da ich Cloudflare aber nicht mehr nutzen wollte, nutze ich wieder die Nameserver von STRATO.

Gibt es da Alternativen?

ricardo :mastodon:
5 days ago

#Cloudflare Teases Next-Gen Server Design, Benefits Going From 1U To 2U Servers

Sebastian Zdrojewski
6 days ago

The amount of #scam and #phishing websites hidden behind #CloudFlare is getting simply ridiculous. This one masks itself like a mail sent via #WeTransfer and requires an alleged authentication to login... (unlocked from our antiphishing just for the sake of curiosity and... well... little to no surprise on this)

6 days ago

I currently rely on #Cloudflare to add a hostname (for my service) pointing to my router, then my router having port forwards set up to point to a reverse proxy (#Ingress) on my home environment, which then routes/points to my actual service hosted on my #Kubernetes cluster.

In this setup, I assume I have one reverse proxy, an internal one which is
#Nginx Ingress. I heard it's recommended for you to also use an external reverse proxy as well such as CF, which I assume is done by configuring the A/AAAA records to be "Proxied" instead of "DNS Only". Will this work in my setup, as simple as that?

Cos atm, trying that, sometimes I can get thru to my service, sometimes I won't. Moments when it does get thru though, I suspect that's only bcos my DNS during the time of request was pointing to the old endpoint, my router, instead of CF's proxy. Man, I suspect
#networking is harder than black magic.

C. Brookins
1 week ago
1 week ago

A #Cloudflare #phishing domain hosted on... Cloudflare! Nice...

... Every bot up until now used #Pipedream but this one uses #Cloudflare Workers instead. I'm hoping that will be a little more resilient.

TapTap 🎮
1 week ago

Opinions on the HTTP Compression, 0-RTT, and Cipher Order stuff that brings up? Disabling the first 2 doesn't seem worth it esp for my mostly static site, and the cipher stuff I don't think I can change easily on Cloudflare

you can see 'em on my results here:

#webdev #sysadmin #apache #cloudflare

1 week ago

Lots of folks liked my self-hosted #Linktree clone built with #Hugo and the Lynx theme earlier this week!

Quite a few people got in touch asking if I could walk them through how to go from initializing a new project to getting it deployed and visible on the internet

So here it is! From Zero to your very own Linktree-style website deployed on #Cloudflare Pages 🚀

And it will automatically update whenever you push new changes with a fancy #CI setup!

#selfhosted #html

1 week ago

I've only been using #CloudFlare out of necessity for my two #VPS instances. My plan was always to drop it as quickly as I could, but work and life tends to get the priority.
Today I finally sat down to configure #fail2ban to work with my #Gitea (running inside a #Docker #container on #Debian), one of the things I had to do to make this switch possible.
As a nice side effect, response times to this VPS from my home internet dramatically dropped, from ~890ms to just ~38ms. Quite the difference.

Graph showing the response times over the past ~5 hours or so. The average response time was shown to be around 890 milliseconds, but around 3:15pm dropped to around 38 milliseconds.
Patryk Krawaczyński
1 week ago

NordVPN - zabawy z API i Cloudflare X-Forwarded-For ( ) #cloudflare #nordvpn #proxy #http #security #waf #twittermigration

TorrentFreak RSS
1 week ago

Court: Cloudflare is Liable for Pirate Site, But Not as a DNS Provider #Cloudflare #Piracy

1 week ago

Choosing DMCA Ignored Hosting Provider: Are you a content creator or copyright owner concerned about protecting your work online? Look no further! In this article, we will explore the world of DMCA (Digital Millennium Copyright Act) and how it can safeguard your content. From understanding what the DMCA organization is and how it works to exploring countries that ignore DMCA... #Articles #cloudflare #dmca

Я: *читаю памфлет против #CloudFlare*

Рандомная цитата Гитлера: "Привет!"


如果有自建 #Misskey 並使用 #Cloudflare CDN,應該會注意到 Rocket Loader 與 Auto Minify 不能開啟,否則網站無法正常載入。

除此之外還需要關閉 Bot Fight Mode ,啟用此功能會阻擋其他實例讀取資訊,例如把特定連結貼到別的實例或網站,無法顯示內容預覽。


Shawn M. Jones, PhD
2 weeks ago

Great responses! This is what I love about #Mastodon.

@shuLhan — Thanks for a vote against #Squarespace.

On the positive side, thanks for #recommendations of:
* #CloudFlare from @aohorodnyk
* from @Lesley
* from @ipstenu

Does anyone else have a #recommendation for a #DomainRegistrar whose UI lets me make changes to my #DNS #domain without being bombarded by #ads (or outright failures) in the process?

#TechHelp #Websites #Domain #DomainRegistration #Advertisements #Google

2 weeks ago

Just released a new version of my #CV / #resume #template made in #Typst earlier.

It uses #YAML for the data file and separates the formatting and data as much as possible to have it simple and sensible under version control.

Here's an example setup to get started:

This includes a #GithubAction to compile all the Typst files to PDF and upload it to #Cloudflare R2.

2 weeks ago

Note: this may not be in the exact order. If the order to any of this is important, feel free to point that out.

1. I've added to
#Cloudflare, to my zone (domain), the hostname foo pointing to my network's public IP.

2. I've deployed everything you'd need including MetalLB (which determines the dedicated Ingress private IP), nginx-ingress (type set to LoadBalancer instead of NodePort), and cert-manager (with both HTTP/DNS clusterissuers). If you want to take a peek at how I've deployed/configured them, more details are on here:

3. I've added
foo.domain to the closest thing resembling to a DNS server that I have, PiHole, pointing to the dedicated Ingress private IP.

4. I've set my router's only DNS server to the PiHole's IP.

5. I've set all my Kubernetes nodes' (Masters and Workers)
DNS1 to the Router's IP (DNS2 set to Cloudflare's,

6. I've created a port forwarding rule for HTTP on my router with 1) WAN Start/End ports set to
80, 2) Virtual Host port set to its nodePort (acquired from kubectl get svc -n ingress-nginx ingress-nginx-controller -o=jsonpath='{.spec.ports[0].nodePort}' i.e. 3XXXX), 3) Protocol set to TCP, and 4) LAN Host address set to the dedicated Ingress private IP.

7. I've created a port forwarding rule for HTTPS on my router with 1) WAN Start/End ports set to
443, 2) Virtual Host port set to its nodePort (acquired from kubectl get svc -n ingress-nginx ingress-nginx-controller -o=jsonpath='{.spec.ports[1].nodePort}' i.e. 3XXXX), 3) Protocol set to TCP, and 4) LAN Host address set to the dedicated Ingress private IP.

8. I've deployed a container service, and an Ingress for it, using LE's DNS validation clusterissuer.

Current result:

- Cert-manager creates a certificate automatically and is in a
Ready: True state as expected.

- The subdomain (
foo.domain) however remains unreachable, no 404 errors, no nothing. Just "The connection has timed out" error.

- Describing the container service's ingress (
foo.domain), shows that it's stuck at "Scheduled for sync".

#Kubernetes and #Networking experts - please tell me what I've done in any of this that were either wrong or unnecessary, or what I'm currently missing here for me to reach my goal of being able to get my container accessible via foo.domain through that Ingress. I suspect that I might be doing something wrong with this whole DNS mess I literally cannot fathom. I feel like I'm insanely close to getting this thing to work, but I fear I'm also insanely close of blowing up my brain.

cc: (thanks for bearing w me and getting me this far)

Big tech companies refuse to take down illegal site stealing from journalists | Ricochet #Journalism #Theft #Crime #Hostinger #Cloudflare #cdnpoli @cdnpoli

How do you do #selfhosting?

The issue is: #Cloudflare is gratis and secure for yourself, but privacy-invading for your users. #DynDNS is fine for your users, but insecure and not privacy-friendly for yourself. Hosting providers are privacy-invading for everyone, and they also charge money while often not liking what you're doing.

Loki the Cat
2 weeks ago

Cloudflare: blocking abusive content on its Ethereum gateway, one meow at a time!🐱 No more clawing your way through inappropriate stuff, folks!😼 Remember, even the internet needs some purr-sonal boundaries.🚫🔞 #Cloudflare #Ethereum #GatewayGuardian

🙃 ɐıunp zsɐɯoʇ :idle:
2 weeks ago

Dzisiaj na #blog o tym jak przeniosłem instancję #WriteFreelyPolska ( z #VPS od #Oracle do @ftdl oraz o tym jak zmieniłem providera #DNS z #Cloudflare na #FreeDNS42 ( W sumie to bardziej o tym drugim 😉 Taki wpis o tym, że Cloudflare jest złe i pokazanie fajnej alternatywy 😉


Oracle -> FTdL
Cloudflare -> FreeDNS::42
Tomasz Dunia
2 weeks ago

🇵🇱 Nowy wpis na blogu! / 🇬🇧 New blog post!

Migracja – FTdL + FreeDNS::42

#A #CAA #Cloudflare #DNS #DNSChecker #FreeDNS42 #FTdL #FundacjaTechnologieDlaLudzi #MX #NASK #Oracle #TXT #VPS #WriteFreely #YunoHost


2 weeks ago

At some point, actual useful stuff like #Tailscale & #Cloudflare tunnels probably aren't going to be free anymore, will they?

@fuchsiii @nixCraft personally, I think paying #ClownFlare is like paying mafia racketeers:

Their business model should not exist to begin with!

Cuz every halfassed hoster offers #DDoS protection.
I'll gladly help / to migrate to such a hoster...

Cuz #CloudFlare is just bad - period.

ITX Mike
2 weeks ago

On the plus side, I fixed a weird issue where my #Federation admin panel wouldn't load. Logs showed a "materialized view instances not populated" error. This issue ( had the steps to fix it. Had to go into Mastodon console and refresh the view.

Now to figure out why I can't get the Cloudflare to Backblaze S3 stuff working...

#MastoAdmin #Mastodon #Cloudflare #Backblaze #SysAdmin

irb(main):002:0> Scenic.database.refresh _materialized view(' n:t:nces', concurrently: false, cascade: false) => #<PG::Result:0x00007fcfI7eaba’8 status=PGRES_COMMAND_OK ntuples=8 nfields=8 cmd_tuples=0>
iam-py-test :unverified:
2 weeks ago

#CloudFlare is seemingly blocking any access to cimri[.]com, even from non-Tor residential IPs

Dariusz Więckiewicz :verified:
2 weeks ago

🇬🇧 𝗡𝗮𝗺𝗲𝘀𝗰𝗼 𝗶𝘀 𝗿𝗮𝗶𝘀𝗶𝗻𝗴 𝗱𝗼𝗺𝗮𝗶𝗻 𝗽𝗿𝗶𝗰𝗲𝘀, 𝘀𝗼 𝗶𝘁'𝘀 𝘁𝗶𝗺𝗲 𝘁𝗼 𝗺𝗼𝘃𝗲 𝘁𝗼 𝗖𝗹𝗼𝘂𝗱𝗳𝗹𝗮𝗿𝗲 𝗮𝗻𝗱 𝘀𝗮𝘃𝗲!


Snafu 🐦:linux:
2 weeks ago

#Bullshit of the day: "Checking if the site connection is secure" by #Cloudflare.


Brandon Zhang 🇨🇳
2 weeks ago

For the past few days, I've been working on a light-weight web app to track the job applications that I've applied thus far. And it's also an opportunity to test out the Web Components collections that I'm working on. It's such a nice experience developing CRUD API with #Cloudflare D1 Serverless SQL database and #honojs.

ITX Mike
3 weeks ago

Just got our #MastoInstance switched over to #Cloudflare fronting of our existing #BackBlaze #B2 #S3 bucket. Free egress for all media when you run B2 -> Cloudflare. Pretty slick. Best instructions I found so far:

Just a VERY important tidbit (somewhat alluded to in the comments) We had S3 working without the S3_ALIAS_HOST variable. But without it, #Mastodon kept including the bucket name in the path. Set it to your and it works!

3 weeks ago

⚠️ You should NOT use Cloudflare Tunnel (if you do this...) | Christian Lempa

#Homelab #Cloudflare #Privacy

3 weeks ago

Anyone using a #Cloudflare Tunnel to “semi-selfhost” a website from your closet?

Taffer :godot: 🇨🇦
3 weeks ago

Cloudflare has broken their "security check" widget for Firefox (120 at least) when you've got protection against fingerprinting enabled.

I had to use Chromium to log in to GitLab because of this. It's IE6 all over again. Thanks Cloudflare!

The "security check" is actually DDOS prevention looking for bots. Which frequently just run in browsers/Electron these days.

#internet #cloudflare #firefox #gitlab #thisiswhywecanthavenicethings

Why don't we just build Fediverse software that's inherently resilient against DDOS instead of allowing #Fasly or #Cloudflare to encircle us and reassert centralized control and censorship?

Ditto for "centralized" Masto hosting.

And eventually ditto for corporate controlled cloud services.

Self-hosting and community-hosting is the only way (edit: "only" is a bit hyperbolic) to be free of #TechnoFascist capture.

Public libraries could each offer a tiny slice of cloud services that summed together encompass a platform as resilient and wide as AWS is now. That's one of the possibilities I've been imagining and low-key getting myself motivated to talk with someone at my local branch library about. Someone has to already be working on this I also imagine.

Sean Boyer
3 weeks ago

I use #cloudflare for some of my web applications, and find it tedious to leave the terminal in order to create a new DNS record for my new app.

I've created a #cli app to allow me to quickly list, add, update and remove records.

It works with multiple zones!

- 100% #php w/ no dependencies
- Cross platform / #FOSS
- List your zones/zone IDs
- List / Add / Delete / Update DNS records

Feel free to hack this up to do what you want it to.

Maxim Lebedev
3 weeks ago

@minoru Вот как знал в тот момент, что что-нибудь да приспичит сделать на протяжении большинства оставшихся дней. Стоило #Cloudflare один раз полежать в оффлайне три дня...

TapTap 🎮
3 weeks ago

Also am I doing anything stupid in these #firewall rules? In/out is basically limited to SSH for editing the site and Cloudflare serves the rest.

Just for extra security should anything hit direct instead of via cloudflare

#webdev #security #linode #cloudflare

JS Party 🪩
1 month ago

WinterJS is a #JavaScript Service Workers server by the #Wasmer team that uses Firefox's #SpiderMonkey runtime to execute JavaScript.

It follows the #WinterCG spec to aim for maximum compatibility with other services such as #Cloudflare Workers, #Deno Deploy and #Vercel.


TapTap 🎮
1 month ago

In fact if you're spooked, here's a crazy easy way to get started with an impressively durable baby server:

Get a $5 #Linode #VPS. Use a stackscript to install Wordpress + apache (or 1 click install most popular web software). Wordpress is #FOSS, 0 coding required, yet fully customizable if you want

#Cloudflare 's free tier adds security,cache, DDOS protection, and their domain name prices can't be beat, they're wholesale.

Now for ~$70 a year and 2 new logins, you have a fully functional site

1 month ago

According to #Cloudflare, I am 52% human and 48% a bot 🤖

Bot (automated) vs. human traffic distribution

48.0% Bot 52.0% Human
1 month ago

@blacklight The linked article is in #Cloudflare & I can’t be bothered with the hoops, but after reading your comment it seems you’re overlooking something--

When people migrate to an EV their fossil-fueled car is not removed from the street. You propose taxing them off the road. Fair enough, but it’s important to realize the old cars are all being shipped to #Africa anyway where they continue emissions for many decades more. The average age of a car bought in Africa at the time of purchase is 21 years old.

People buy EVs in total ignorance of this. Of course they sell their old car because they’re not going to throw away value. Then it’s merely out of sight → out of mind. Their #EV purchase only adds factory emissions & lithium problems to the lifetime of GHG their current car will still continue emit (wherever it ends up). It’s disgusting that they think they’re doing right by the environment. Emissions in Africa burn the planet just as well as that in Netherlands.

It’s a greenwash. Keeping the fossil-burner is actually better than buying a new EV.

IMO this is the best move: *convert* your gas burner into an EV. That gives you a gas burning engine left over.. why not make that into an emergency backup power generator which will rarely run? Then sell the EV and get a bicycle.

#fuckCars #climateAction

1 month ago

#Cloudflare is really impressing me with how transparent they're being with their recent outage. Not only did they write a great post-mortem, but they're letting customers hear directly from leadership on what happened.

It's one reason I really like the #GCP take on a status page. People complain about how many "outages" there are, but it's great that I have a high degree of confidence that if a problem is present in the stack I'm going to see it there vs #aws where their status page is legendarily useless and false. #devops #infrastructure

Peter Mount
1 month ago

What happened during Cloudflare's 2 day outage last week.

Sounds like the DC & Power Utility screwed up big time


1 month ago

#Cloudflare, Google & #AWS revealed a new zero-day vulnerability known as the "HTTP/2 Rapid Reset" attack:

This attack exploits a weakness in the #HTTP2 protocol to generate enormous #DDoSAttacks, up to almost 400 million rps.

Stay informed with #InfoQ!


Dick Smiths Fair Go Supporters
1 month ago

Trust the Australian govt to protect us from #scams?

We almost forgot the best bit.

In 2021 when #Fakebook engaged in #massSuppression, blocking #Australia from sharing news, #JoshFrydenberg gave the #digitalFascists an open ticket to #bribe whichever #mediaOutlets in whatever way #Fbook deemed appropriate. The 3-word-slogan, "#FacebookRefriendedAustralia", might be the biggest #scam in Aussie history.

Lastly (for now) the #AFP goes through (read: is MITM'd by) #CloudFlare.

1 month ago

@nixCraft was that taken at #Cloudflare ‘s datacentre a few days ago? 😁

Jack Yan (甄爵恩)
1 month ago
Sass, David
1 month ago

#CloudFlare #ZeroTrust Gateway - which is a DNS service - thinks that #Azure is a security risk.

Cool, cool....

Cloudflare Zero Trust portal showing the allowed and blocked DNS queries
Sven Slootweg
1 month ago

Some other juicy bits about the #Cloudflare outage:
- No 24/7 (experienced) technician availability at the datacenter that hosted their control plane(!)
- No end-to-end service dependency tracking or diagrams
- Therefore, supposedly HA services depending on non-HA infrastructure
- Even if the "redundant" setup *did* work (it didn't), all three locations would be physically within *the same earthquake zone*

This is absolute clowncar level network administration, frankly, for something the size and importance of Cloudflare.

1 month ago

#cloudflare Catastrophic Failure – November 2nd. What happened? A TL;DR

Corry Haines
1 month ago

Also loving the “proprietary and confidential” image that #Cloudflare shared from their data center vendor.

Diagram showing power flows in the “brookwood electrical system”

In the bottom corner it states that this image is proprietary and confidential from viawest
1 month ago

#KRITIS Sektor #IT und #TK

#Großausfall bei #Cloudflare

"Nach einem #Stromausfall in Oregon kämpft Cloudflare seit über 24 Stunden mit einem Ausfall vieler #Clouddienste, APIs und Dashboards."

Zack Katz
1 month ago

Post Mortem on Cloudflare Control Plane and Analytics Outage

This post mortem reads like the timeline of the Chernobyl disaster. It’s incredible how much had to go wrong for this to happen, and yet it happened. A great write-up.


Is it true that I may only log in to #GitLab (.com) when I enable active content from #cloudflare "to check if the connection is secure"? 😠

Glad that I didn't move all of my projects from #GitHub to GitLab after things got sour there because of Microsoft.

If I migrate any source code project to anywhere, it's most probably to a self-hosted or a local community driven #FOSS platform.

Let's Encrypt is apparently the Certificate Authority competitor Cloudflare trusts the most.

#CloudFlare #LetsEncrypt #SSL #CertificateAuthority ssl certificate is issued by Let's Encrypt
Matt Lehrer
1 month ago

#Cloudflare says the backup and the backup's backup and the redundant backup and the redundant backup's backup all failed.
> "We operate in multiple redundant data centres in Oregon that power Cloudflare’s control plane (dashboard, logging, etc). There was a regional power issue that impacted multiple facilities in the region. The facilities failed to generate power overnight. Then, this morning, there were multiple generator failures that took the facilities entirely offline."

1 month ago

Meanwhile I’m sitting here wondering how a stupid power outage of all things in North America can affect Cloudflare the KV API from the UK?!

#cloudflare #cloud

1 month ago

Come to the cloud they said…
It’ll be more reliable they said…
There’ll be geographic redundancy they said …

#cloudflare #cloud

Hobbits Wife
1 month ago

#techquestion if an image has been updated on a website hosted on a Uk server and served through #cloudflare and can be seen on UK devices, why isn’t it updating for devices in #Lebanon? Was done days ago as well. The text seems to be ok but not the image. Cloudflare cache has been purged too.

1 month ago

Oof. Cloudflare down is always great on Thursday night 😔


1 month ago

Ok, now that I'm home again I investigated a bit further and seems #cloudflare are having some issues on their side with multiple of their services. Though still weird that only the #IPv6 addresses of the #DNS servers are unreachable (or at least appear unreachable from within my network) and not the #IPv4 ones.

It would be reachable by #IPv6 directly. But the #IPv4 Traffic will have to be served by an #CDN.

Alternatives to #Cloudflare are welcome.

Rodion Borisov
1 month ago


#Cloudflare often blocks my ISP connection on websites that use it, so why would I trust #CloudflareFonts? This #CDN gets zero approval from me. If anything, this #web #fonts service just creates yet another pocket for cache *alongside* #GoogleFonts (that majority of websites were brainwashed to use already). If it's what to #DeGoogle is, then I suggest avoiding extra hops and using #BunnyFonts instead.

👋🐰 Embrace the #Bunny!

Rodion Borisov
1 month ago


Wait, #Cloudflare Fonts? Hahahhahhaahahh!!! 😂 Come on, now...

Kevin C. Tofel
1 month ago

First foray into #11ty and I ❤️ it. Very little effort to get the base blog template running locally, pushed to #Git and deployed via #Cloudflare Pages. Time to start tweaking!

A simple personal blog template deployed on the web, built with 11ty and running on CloudFlare pages as shown by the deployment log on the right.
1 month ago

If you are using #cloudflare on your #website , stop. It is blocking legitamate traffic and is extremely unfriendly to people with #accessibility challenges. Just search cloudflare + infinite or stuck or broken. You will see what i mean. And this doesn't even touch on the #privacy , #security , or reliability risks of so much of the #internet running through a single service.

1 month ago

Please, tell your friends to stop relying on CloudFlare.


1) It's an intercepting proxy. All traffic is logged and shared (sold) to third parties - mainly the feds,

2) CF can inject a malicious payload,

3) CF adds unnecessary captcha to, inc but not limited to, privacy-aware visitors (VPN, TOR), or block them completely,

4) the internet is basically unusable with CF blocking browser addons,

5) If CF goes down, your website will go down, too. And yes, it does happen.

#fuck #cloudflare

Maxim Lebedev
1 month ago

Сегодняшняя заметка будет завтра: #Cloudflare Pages в нокауте.

Ricky de Laveaga
1 month ago

🚨 #Cisco wrecked.
⚠️ #Okta support hacked; #BeyondTrust first detected the breach and was the one that notified Okta, other public victims known so far include #Cloudflare.
Another #RiskyBiz doozy from @campuscodi for @riskybusiness

Bryce Wray
1 month ago

Post >> Testing, testing • What I found in recent evaluations of web browsers and the new Cloudflare Fonts service.

#WebDev #browsers #performance #Cloudflare #testing

2 months ago

So, today I deployed the 2nd microservice that I had split out from our monolith.

I’m a big believer in avoiding complications, so how did I know I needed microservices?

Both of these were aspects of our app that needed independent scaling from the rest of the app: while the main app scales quite predictably with user growth, these two services see huge fluctuations in usage, regularly increasing and decreasing 10-fold or more in a matter of hours, and without warning.

It also helped that these are logically quite self-contained, without strong dependencies on the state of the application.

Ultimately these two microservices now run on CloudFlare Workers, allowing near infinite scale, and geographic distribution, which is fantastic!

#microservice #microservices #monolith #webdevelopement #webdev #cloudflare #Cloud #

Bryce Wray
2 months ago

Post >> Cloudflare Fonts : my first look • The CFF offering works as indicated, but there’s one possible gotcha to consider.

#WebDev #CSS #Cloudflare #GoogleFonts #WebFonts

DigitalNaiv = Stefan Pfeiffer
2 months ago

#Google meldet größten DDoS-Angriff aller Zeiten
Die Attacke übertrifft den bisherigen Spitzenwert um das Siebenfache. Auch #Cloudflare und #AWS sind betroffen. Der Rekord wird durch eine neue Angriffstechnik namens Rapid Response ermöglicht.
Die Attacke erreichte 398 Millionen Anfragen pro Sekunde und war damit siebenmal größer als der bisherige Spitzenreiter aus dem Jahr 2022, berichtet #ZDNet #DDos #Cybersecurity

📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #40/2023 is out! It includes the following and much more:

🇺🇸 🗳️ D.C. Board of #Elections confirms voter data stolen in site hack
🔓 🪪 #MGM Resorts confirms hackers stole customers’ personal data during #cyberattack
🔓 🧬 #DNA testing service 23andMe investigating theft of user data
🔓 🎧 #Sony confirms #databreach impacting thousands in the U.S.
📱 💥 Lyca Mobile Group Services Significantly Disrupted by Cyberattack
🔓 🕵🏻‍♂️ #NATO investigating breach, #leak of internal documents
🔓 🇪🇺 European Telecommunications Standards Institute Discloses Data Breach
🔓 🏨 #MotelOne discloses data breach following #ransomware attack
🇰🇵 💰 North Korea's #Lazarus Group Launders $900 Million in #Cryptocurrency
🇧🇪 🇨🇳 #Alibaba accused of ‘possible espionage’ at European hub
🇨🇳 #China-linked cyberspies #backdoor #semiconductor firms with #CobaltStrike
🥸 Meet LostTrust #ransomware — A likely rebrand of the #MetaEncryptor gang
🇬🇾 🇨🇳 #Guyana Governmental Entity Hit by #DinodasRAT in #CyberEspionage Attack
🇷🇺 🇺🇸 #FBI most-wanted Russian hacker reveals why he burned his passport
🇺🇸 🏥 #FDA cyber mandates for #medicaldevices goes into effect
☁️ 🔓 Number of Internet-Exposed #ICS Drops Below 100,000
☁️ #Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via #SQL Server Instance
🦠 📈 #QakBot Threat Actors Still in Action, Using Ransom Knight and Remcos RAT in Latest Attacks
🔓 🍏 #Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day
🎣 🧑🏻‍💼 US Executives Targeted in #Phishing Attacks Exploiting Flaw in Indeed Job Platform
🦠 🏦 #Zanubis #Android Banking Trojan Poses as Peruvian Government App to Target Users
🦠 🇮🇷 Iranian APT Group #OilRig Using New Menorah #Malware for Covert Operations
🔐 ☁️ #Amazon to make #MFA mandatory for 'root' #AWS accounts by mid-2024
🛡️ 🧅 #Microsoft Defender no longer flags #Tor Browser as malware
👀 X-Force uncovers global #NetScaler Gateway credential harvesting campaign
🐛 💰 Zero-days for hacking #WhatsApp are now worth millions of dollars
🩹 #Cisco fixes hard-coded root credentials in Emergency Responder
🔓 Vulnerabilities in #Supermicro BMCs could allow for unkillable server #rootkits
🔓 🐧 Looney Tunables: New #Linux Flaw Enables Privilege Escalation on Major Distributions
🐍 Warning: #PyTorch Models Vulnerable to Remote Code Execution via ShellTorch
🩹 Microsoft Edge, Teams get fixes for zero-days in #opensource libraries
🔓 🔥 Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw
☁️ Cloudflare #DDoS protections ironically bypassed using #Cloudflare

📚 This week's recommended reading is: "8 Steps to Better Security: A Simple Cyber Resilience Guide for Business" by Kim Crawley

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

CloudFlare has enabled Encrypted Client Hello (ECH) for all free plans. The new privacy feature makes it impossible for Internet providers to track which websites subscribers visit. As a result, it also renders pirate site-blocking efforts useless, if both the site and the visitor have ECH enabled.

#Cloudflare #EncryptedClientHello #ECH #Privacy #Encryption #Piracy #SiteBlocking

Håkon O.
2 months ago

Men det er nok fordi jeg allerede har fyllt in data. Root tillater indeks-visning... #lol Det betyr at #cloudflare har ikke tatt den ned ennå.

Root-folder gir indeks...