#cloudflare
📬 Quad9 siegt vor Gericht: CannaPower nicht länger blockiert
#Internet #Rechtssachen #cannapower #cannato #Cloudflare #OberlandesgerichtDresden #Quad9 #SonyMusicEntertainmentGermany #TheQueenofMusicWarez #Urheberrechtsverletzungen https://tarnkappe.info/artikel/internet/quad9-siegt-vor-gericht-cannapower-nicht-laenger-blockiert-284367.html
Good to see #Cloudflare upholding the virtues of the internet. Fuck #Universal.
https://blog.cloudflare.com/latest-copyright-decision-in-germany-rejects-blocking-through-global-dns-resolvers/
I'm glad that @GMMKE seems to be working again. My plan for a while was to move it off of #pipedream and onto #cloudflare workers. That's something that would need to wait for a few weeks, though.
Cloudflare Applauds Court for Rejecting DNS Piracy Blocking Order
https://torrentfreak.com/cloudflare-applauds-court-for-rejecting-dns-piracy-blocking-order-231205/
Worked for like the whole weekend and yesterday on a #minio roll-out on my private #kubernetes cluster using #HELM.
Installed Operator and Tenant. Services worked. Ingress threw terrible SSL/TLS-related exceptions.
Tried it several times in different ways. Removed the whole ingress part. Rolled out ingress "by hand".
Nothing. All the time, the same exceptions.
Damned MinIO.
And then went over to #Cloudflare and deactivated the DNS Proxy for the domain.
Well. Ehm. Worked.
🤦♂️😜🙈
OK, this is early hours yet... but after enabling cloudflare and confirming that it was handling DNS for my website, I've posted two links to my https://alberniweather.ca website and the website has not died. *Knocks on wood* Including this one
Edit: Nope, I could post from my @alberniweather account and it survived, but posting from this account killed the website. 503. Damn.
Today I am open sourcing Satounki, a self-hosted, open source and cloud-agnostic temporary elevated access management solution!
https://github.com/LGUG2Z/satounki
Satounki is written in #Rust and generates a load of code in #Golang and #Typescript 🚀
I am looking for contributors, so if this sounds like something you'd be interested in working on, please reach out!
I have also posted an announcement on #hackernews - https://news.ycombinator.com/item?id=38519900
Cloudflare WARP
De gratis app die uw internet veiliger en sneller maakt.
#Column L.Yo
https://mijn5euro.wordpress.com/2023/12/04/cloudflare-warp/
#app #Argosmartrouting #BoringTun #Cloudflare #cloudflarewarp #dns #DNSresolver #internet #privacy #Review #Rust #software #UDP #vpn #WireGuard
So, #GitLab has decided to become completely unusable, by showing this #Cloudflare "prove that you're human" screen and then redirecting back to it in an infinite loop.
It is stunning with how #enshittification does nothing to convince me to change my habits (it's probably due to the pi.hole), and I just decide not to use that site ever again.
Anyone else getting 403's from pixelfed.social? It seems like #Cloudflare has been enabled recently which blocks connections from #tor.
@pixelfed is this a known issue?
EDIT: seems to be working now.
Would you be able to manage your self-hosted web applications? Consider using CloudFlare! Check out my blog post on how he uses CloudFlare's zero-trust tunnels to host his blog from home. #CloudFlare #webapplications #selfhosting
https://blog.lealdasilva.com/how-i-use-cloudflare-zero-trust-tunnels-to-host-this-blog/
Obwohl ich bei #STRATO mehrere Domains in unterschiedlichen Paketen liegen habe, bleibt die maximale Anzahl meiner Sub-Domains auf insgesamt 10 begrenzt. Das ist zwar total Banane, aber der Support will mir höchstens teurere Pakete verkaufen.
Früher habe ich meine Domains mal über die Nameserver von #Cloudflare verwaltet – da ist die Anzahl der Subdomains natürlich unbegrenzt. Da ich Cloudflare aber nicht mehr nutzen wollte, nutze ich wieder die Nameserver von STRATO.
Gibt es da Alternativen?
#Cloudflare Teases Next-Gen Server Design, Benefits Going From 1U To 2U Servers
The amount of #scam and #phishing websites hidden behind #CloudFlare is getting simply ridiculous. This one masks itself like a mail sent via #WeTransfer and requires an alleged authentication to login... (unlocked from our antiphishing just for the sake of curiosity and... well... little to no surprise on this)
I currently rely on #Cloudflare to add a hostname (for my service) pointing to my router, then my router having port forwards set up to point to a reverse proxy (#Ingress) on my home environment, which then routes/points to my actual service hosted on my #Kubernetes cluster.
In this setup, I assume I have one reverse proxy, an internal one which is #Nginx Ingress. I heard it's recommended for you to also use an external reverse proxy as well such as CF, which I assume is done by configuring the A/AAAA records to be "Proxied" instead of "DNS Only". Will this work in my setup, as simple as that?
Cos atm, trying that, sometimes I can get thru to my service, sometimes I won't. Moments when it does get thru though, I suspect that's only bcos my DNS during the time of request was pointing to the old endpoint, my router, instead of CF's proxy. Man, I suspect #networking is harder than black magic.
#Cloudflare Access vs #Tailscale?
... Every bot up until now used #Pipedream but this one uses #Cloudflare Workers instead. I'm hoping that will be a little more resilient.
Opinions on the HTTP Compression, 0-RTT, and Cipher Order stuff that internet.nl brings up? Disabling the first 2 doesn't seem worth it esp for my mostly static site, and the cipher stuff I don't think I can change easily on Cloudflare
you can see 'em on my results here: https://internet.nl/site/sirtaptap.com/2493133/#control-panel-9
Lots of folks liked my self-hosted #Linktree clone built with #Hugo and the Lynx theme earlier this week!
Quite a few people got in touch asking if I could walk them through how to go from initializing a new project to getting it deployed and visible on the internet
So here it is! From Zero to your very own Linktree-style website deployed on #Cloudflare Pages 🚀
And it will automatically update whenever you push new changes with a fancy #CI setup!
#Cloudflare Is Liable for Pirate Site, but Not as a DNS Provider
I've only been using #CloudFlare out of necessity for my two #VPS instances. My plan was always to drop it as quickly as I could, but work and life tends to get the priority.
Today I finally sat down to configure #fail2ban to work with my #Gitea (running inside a #Docker #container on #Debian), one of the things I had to do to make this switch possible.
As a nice side effect, response times to this VPS from my home internet dramatically dropped, from ~890ms to just ~38ms. Quite the difference.
NordVPN - zabawy z API i Cloudflare X-Forwarded-For ( https://nfsec.pl/pentest/6300 ) #cloudflare #nordvpn #proxy #http #security #waf #twittermigration
Court: Cloudflare is Liable for Pirate Site, But Not as a DNS Provider
#ddl-music.to #Cloudflare #Piracy
Choosing DMCA Ignored Hosting Provider: Are you a content creator or copyright owner concerned about protecting your work online? Look no further! In this article, we will explore the world of DMCA (Digital Millennium Copyright Act) and how it can safeguard your content. From understanding what the DMCA organization is and how it works to exploring countries that ignore DMCA... https://mangohost.net/blog/choosing-dmca-ignored-hosting-provider/?utm_source=dlvr.it&utm_medium=mastodon #Articles #cloudflare #dmca
如果有自建 #Misskey 並使用 #Cloudflare CDN,應該會注意到 Rocket Loader 與 Auto Minify 不能開啟,否則網站無法正常載入。
除此之外還需要關閉 Bot Fight Mode ,啟用此功能會阻擋其他實例讀取資訊,例如把特定連結貼到別的實例或網站,無法顯示內容預覽。
#MisskeyTips
Great responses! This is what I love about #Mastodon.
@shuLhan — Thanks for a vote against #Squarespace.
On the positive side, thanks for #recommendations of:
* #CloudFlare from @aohorodnyk
* name.com from @Lesley
* hover.com from @ipstenu
Does anyone else have a #recommendation for a #DomainRegistrar whose UI lets me make changes to my #DNS #domain without being bombarded by #ads (or outright failures) in the process?
#TechHelp #Websites #Domain #DomainRegistration #Advertisements #Google
https://github.com/jskherman/cv.typ
Just released a new version of my #CV / #resume #template made in #Typst earlier.
It uses #YAML for the data file and separates the formatting and data as much as possible to have it simple and sensible under version control.
Here's an example setup to get started:
https://github.com/jskherman/cv.typ-example-repo
This includes a #GithubAction to compile all the Typst files to PDF and upload it to #Cloudflare R2.
Note: this may not be in the exact order. If the order to any of this is important, feel free to point that out.
1. I've added to #Cloudflare, to my zone (domain), the hostname foo pointing to my network's public IP.
2. I've deployed everything you'd need including MetalLB (which determines the dedicated Ingress private IP), nginx-ingress (type set to LoadBalancer instead of NodePort), and cert-manager (with both HTTP/DNS clusterissuers). If you want to take a peek at how I've deployed/configured them, more details are on here: https://github.com/irfanhakim-as/orked.
3. I've added foo.domain to the closest thing resembling to a DNS server that I have, PiHole, pointing to the dedicated Ingress private IP.
4. I've set my router's only DNS server to the PiHole's IP.
5. I've set all my Kubernetes nodes' (Masters and Workers) DNS1 to the Router's IP (DNS2 set to Cloudflare's, 1.1.1.1).
6. I've created a port forwarding rule for HTTP on my router with 1) WAN Start/End ports set to 80, 2) Virtual Host port set to its nodePort (acquired from kubectl get svc -n ingress-nginx ingress-nginx-controller -o=jsonpath='{.spec.ports[0].nodePort}' i.e. 3XXXX), 3) Protocol set to TCP, and 4) LAN Host address set to the dedicated Ingress private IP.
7. I've created a port forwarding rule for HTTPS on my router with 1) WAN Start/End ports set to 443, 2) Virtual Host port set to its nodePort (acquired from kubectl get svc -n ingress-nginx ingress-nginx-controller -o=jsonpath='{.spec.ports[1].nodePort}' i.e. 3XXXX), 3) Protocol set to TCP, and 4) LAN Host address set to the dedicated Ingress private IP.
8. I've deployed a container service, and an Ingress for it, using LE's DNS validation clusterissuer.
Current result:
- Cert-manager creates a certificate automatically and is in a Ready: True state as expected.
- The subdomain (foo.domain) however remains unreachable, no 404 errors, no nothing. Just "The connection has timed out" error.
- Describing the container service's ingress (foo.domain), shows that it's stuck at "Scheduled for sync".
#Kubernetes and #Networking experts - please tell me what I've done in any of this that were either wrong or unnecessary, or what I'm currently missing here for me to reach my goal of being able to get my container accessible via foo.domain through that Ingress. I suspect that I might be doing something wrong with this whole DNS mess I literally cannot fathom. I feel like I'm insanely close to getting this thing to work, but I fear I'm also insanely close of blowing up my brain.
cc: @telnetlocalhost@hachyderm.io (thanks for bearing w me and getting me this far)
Big tech companies refuse to take down illegal site stealing from journalists | Ricochet https://bit.ly/47pdvjg #Journalism #Theft #Crime #Hostinger #Cloudflare #cdnpoli @cdnpoli
How do you do #selfhosting?
The issue is: #Cloudflare is gratis and secure for yourself, but privacy-invading for your users. #DynDNS is fine for your users, but insecure and not privacy-friendly for yourself. Hosting providers are privacy-invading for everyone, and they also charge money while often not liking what you're doing.
onedotonedotone.one
#domainhack #cloudflare #dns #savingtheinternet #hacktivism #etc
Cloudflare: blocking abusive content on its Ethereum gateway, one meow at a time!🐱 No more clawing your way through inappropriate stuff, folks!😼 Remember, even the internet needs some purr-sonal boundaries.🚫🔞 #Cloudflare #Ethereum #GatewayGuardian
Dzisiaj na #blog o tym jak przeniosłem instancję #WriteFreelyPolska (https://writefreely.pl) z #VPS od #Oracle do @ftdl oraz o tym jak zmieniłem providera #DNS z #Cloudflare na #FreeDNS42 (https://freedns.42.pl). W sumie to bardziej o tym drugim 😉 Taki wpis o tym, że Cloudflare jest złe i pokazanie fajnej alternatywy 😉
Zapraszam!
https://blog.tomaszdunia.pl/migracja-writefreelypl-freedns42/
🇵🇱 Nowy wpis na blogu! / 🇬🇧 New blog post!
Migracja WriteFreely.pl – FTdL + FreeDNS::42
#A #CAA #Cloudflare #DNS #DNSChecker #FreeDNS42 #FTdL #FundacjaTechnologieDlaLudzi #MX #NASK #Oracle #TXT #VPS #WriteFreely #YunoHost
Autor: @to3k@tomaszdunia.pl
https://blog.tomaszdunia.pl/migracja-writefreelypl-freedns42/
At some point, actual useful stuff like #Tailscale & #Cloudflare tunnels probably aren't going to be free anymore, will they?
@ZiggyTheHamster @simonzerafa @ActionRetro #CloudFlare is called #ClownFlare for a reason.
They are worse than the worst rumors about #CyberBunker...
@fuchsiii @nixCraft personally, I think paying #ClownFlare is like paying mafia racketeers:
Their business model should not exist to begin with!
Cuz every halfassed hoster offers #DDoS protection.
I'll gladly help @Blender@mastodon.social / @blender@video.blender.org to migrate to such a hoster...
Cuz #CloudFlare is just bad - period.
Cloudflare Blocks Abusive Content on its Ethereum Gateway
https://torrentfreak.com/cloudflare-blocks-abusive-content-on-its-ethereum-gateway-231121/
On the plus side, I fixed a weird issue where my #Federation admin panel wouldn't load. Logs showed a "materialized view instances not populated" error. This issue (https://github.com/mastodon/mastodon/issues/17145) had the steps to fix it. Had to go into Mastodon console and refresh the view.
Now to figure out why I can't get the Cloudflare to Backblaze S3 stuff working...
#CloudFlare is seemingly blocking any access to cimri[.]com, even from non-Tor residential IPs
🇬🇧 𝗡𝗮𝗺𝗲𝘀𝗰𝗼 𝗶𝘀 𝗿𝗮𝗶𝘀𝗶𝗻𝗴 𝗱𝗼𝗺𝗮𝗶𝗻 𝗽𝗿𝗶𝗰𝗲𝘀, 𝘀𝗼 𝗶𝘁'𝘀 𝘁𝗶𝗺𝗲 𝘁𝗼 𝗺𝗼𝘃𝗲 𝘁𝗼 𝗖𝗹𝗼𝘂𝗱𝗳𝗹𝗮𝗿𝗲 𝗮𝗻𝗱 𝘀𝗮𝘃𝗲!
https://dariusz.wieckiewicz.org/en/namesco-raising-prices-move-to-clourdlare-and-save/
#Namesco
#Cloudflare
#registrar
#domains
#DomainTransfer
#ChangeNominetTag
#priceincrease
#Bullshit of the day: "Checking if the site connection is secure" by #Cloudflare.
For the past few days, I've been working on a light-weight web app to track the job applications that I've applied thus far. And it's also an opportunity to test out the Web Components collections that I'm working on. It's such a nice experience developing CRUD API with #Cloudflare D1 Serverless SQL database and #honojs.
Just got our #MastoInstance switched over to #Cloudflare fronting of our existing #BackBlaze #B2 #S3 bucket. Free egress for all media when you run B2 -> Cloudflare. Pretty slick. Best instructions I found so far: https://techbits.io/free-s3-egress-backblaze-b2-cloudflare/
Just a VERY important tidbit (somewhat alluded to in the comments) We had S3 working without the S3_ALIAS_HOST variable. But without it, #Mastodon kept including the bucket name in the path. Set it to your subdomain.domain.com/bucket_name and it works!
⚠️ You should NOT use Cloudflare Tunnel (if you do this...) | Christian Lempa
Anyone using a #Cloudflare Tunnel to “semi-selfhost” a website from your closet?
Cloudflare has broken their "security check" widget for Firefox (120 at least) when you've got protection against fingerprinting enabled.
I had to use Chromium to log in to GitLab because of this. It's IE6 all over again. Thanks Cloudflare!
The "security check" is actually DDOS prevention looking for bots. Which frequently just run in browsers/Electron these days.
#internet #cloudflare #firefox #gitlab #thisiswhywecanthavenicethings
Why don't we just build Fediverse software that's inherently resilient against DDOS instead of allowing #Fasly or #Cloudflare to encircle us and reassert centralized control and censorship?
Ditto for "centralized" Masto hosting.
And eventually ditto for corporate controlled cloud services.
Self-hosting and community-hosting is the only way (edit: "only" is a bit hyperbolic) to be free of #TechnoFascist capture.
Public libraries could each offer a tiny slice of cloud services that summed together encompass a platform as resilient and wide as AWS is now. That's one of the possibilities I've been imagining and low-key getting myself motivated to talk with someone at my local branch library about. Someone has to already be working on this I also imagine.
I use #cloudflare for some of my web applications, and find it tedious to leave the terminal in order to create a new DNS record for my new app.
I've created a #cli app to allow me to quickly list, add, update and remove records.
It works with multiple zones!
Features:
- 100% #php w/ no dependencies
- Cross platform / #FOSS
- List your zones/zone IDs
- List / Add / Delete / Update DNS records
Feel free to hack this up to do what you want it to.
@minoru Вот как знал в тот момент, что что-нибудь да приспичит сделать на протяжении большинства оставшихся дней. Стоило #Cloudflare один раз полежать в оффлайне три дня...
Also am I doing anything stupid in these #firewall rules? In/out is basically limited to SSH for editing the site and Cloudflare serves the rest.
Just for extra security should anything hit direct instead of via cloudflare
WinterJS is a #JavaScript Service Workers server by the #Wasmer team that uses Firefox's #SpiderMonkey runtime to execute JavaScript.
It follows the #WinterCG spec to aim for maximum compatibility with other services such as #Cloudflare Workers, #Deno Deploy and #Vercel.
🔗 https://wasmer.io/posts/announcing-winterjs-service-workers
In fact if you're spooked, here's a crazy easy way to get started with an impressively durable baby server:
Get a $5 #Linode #VPS. Use a stackscript to install Wordpress + apache (or 1 click install most popular web software). Wordpress is #FOSS, 0 coding required, yet fully customizable if you want
#Cloudflare 's free tier adds security,cache, DDOS protection, and their domain name prices can't be beat, they're wholesale.
Now for ~$70 a year and 2 new logins, you have a fully functional site
📬 ddl-music.to: Cloudflare für illegale Inhalte haftbar
#Internet #Rechtssachen #Warez #Anonymisierungsdienst #BundesverbandMusikindustrie #BVMI #Cloudflare #OLGKöln #störerhaftung https://tarnkappe.info/artikel/rechtssachen/ddl-music-to-cloudflare-fuer-illegale-inhalte-haftbar-282444.html
@blacklight The linked article is in #Cloudflare & I can’t be bothered with the hoops, but after reading your comment it seems you’re overlooking something--
When people migrate to an EV their fossil-fueled car is not removed from the street. You propose taxing them off the road. Fair enough, but it’s important to realize the old cars are all being shipped to #Africa anyway where they continue emissions for many decades more. The average age of a car bought in Africa at the time of purchase is 21 years old.
People buy EVs in total ignorance of this. Of course they sell their old car because they’re not going to throw away value. Then it’s merely out of sight → out of mind. Their #EV purchase only adds factory emissions & lithium problems to the lifetime of GHG their current car will still continue emit (wherever it ends up). It’s disgusting that they think they’re doing right by the environment. Emissions in Africa burn the planet just as well as that in Netherlands.
It’s a greenwash. Keeping the fossil-burner is actually better than buying a new EV.
IMO this is the best move: *convert* your gas burner into an EV. That gives you a gas burning engine left over.. why not make that into an emergency backup power generator which will rarely run? Then sell the EV and get a bicycle.
#Cloudflare is really impressing me with how transparent they're being with their recent outage. Not only did they write a great post-mortem, but they're letting customers hear directly from leadership on what happened.
It's one reason I really like the #GCP take on a status page. People complain about how many "outages" there are, but it's great that I have a high degree of confidence that if a problem is present in the stack I'm going to see it there vs #aws where their status page is legendarily useless and false. #devops #infrastructure
What happened during Cloudflare's 2 day outage last week.
Sounds like the DC & Power Utility screwed up big time
https://blog.cloudflare.com/post-mortem-on-cloudflare-control-plane-and-analytics-outage/
#Cloudflare, Google & #AWS revealed a new zero-day vulnerability known as the "HTTP/2 Rapid Reset" attack: https://bit.ly/40xtSYA
This attack exploits a weakness in the #HTTP2 protocol to generate enormous #DDoSAttacks, up to almost 400 million rps.
Stay informed with #InfoQ!
@daedalus
Trust the Australian govt to protect us from #scams?
We almost forgot the best bit.
In 2021 when #Fakebook engaged in #massSuppression, blocking #Australia from sharing news, #JoshFrydenberg gave the #digitalFascists an open ticket to #bribe whichever #mediaOutlets in whatever way #Fbook deemed appropriate. The 3-word-slogan, "#FacebookRefriendedAustralia", might be the biggest #scam in Aussie history.
Lastly (for now) the #AFP goes through (read: is MITM'd by) #CloudFlare.
@nixCraft was that taken at #Cloudflare ‘s datacentre a few days ago? 😁
In my blog
Cloudflare’s unpredictable blocks could come in handy
https://jackyan.com/blog/2023/11/cloudflares-unpredictable-blocks-could-come-in-handy/ #Cloudflare #Google
#CloudFlare #ZeroTrust Gateway - which is a DNS service - thinks that #Azure is a security risk.
Cool, cool....
Some other juicy bits about the #Cloudflare outage:
- No 24/7 (experienced) technician availability at the datacenter that hosted their control plane(!)
- No end-to-end service dependency tracking or diagrams
- Therefore, supposedly HA services depending on non-HA infrastructure
- Even if the "redundant" setup *did* work (it didn't), all three locations would be physically within *the same earthquake zone*
This is absolute clowncar level network administration, frankly, for something the size and importance of Cloudflare.
#cloudflare Catastrophic Failure – November 2nd. What happened? A TL;DR
https://peq42.com/cloudflare-catastrophic-failure-november-2nd/
Also loving the “proprietary and confidential” image that #Cloudflare shared from their data center vendor.
"Nach einem #Stromausfall in Oregon kämpft Cloudflare seit über 24 Stunden mit einem Ausfall vieler #Clouddienste, APIs und Dashboards." https://www.heise.de/news/Grossausfall-bei-Cloudflare-9353069.html
Post Mortem on Cloudflare Control Plane and Analytics Outage
This post mortem reads like the timeline of the Chernobyl disaster. It’s incredible how much had to go wrong for this to happen, and yet it happened. A great write-up.
https://blog.cloudflare.com/post-mortem-on-cloudflare-control-plane-and-analytics-outage/
Is it true that I may only log in to #GitLab (.com) when I enable active content from #cloudflare "to check if the connection is secure"? 😠
Glad that I didn't move all of my projects from #GitHub to GitLab after things got sour there because of Microsoft.
If I migrate any source code project to anywhere, it's most probably to a self-hosted or a local community driven #FOSS platform.
Post Mortem on Cloudflare Control Plane and Analytics Outage
Let's Encrypt is apparently the Certificate Authority competitor Cloudflare trusts the most.
#Cloudflare says the backup and the backup's backup and the redundant backup and the redundant backup's backup all failed.
> "We operate in multiple redundant data centres in Oregon that power Cloudflare’s control plane (dashboard, logging, etc). There was a regional power issue that impacted multiple facilities in the region. The facilities failed to generate power overnight. Then, this morning, there were multiple generator failures that took the facilities entirely offline."
Meanwhile I’m sitting here wondering how a stupid power outage of all things in North America can affect Cloudflare the KV API from the UK?!
Come to the cloud they said…
It’ll be more reliable they said…
There’ll be geographic redundancy they said …
#techquestion if an image has been updated on a website hosted on a Uk server and served through #cloudflare and can be seen on UK devices, why isn’t it updating for devices in #Lebanon? Was done days ago as well. The text seems to be ok but not the image. Cloudflare cache has been purged too.
Oof. Cloudflare down is always great on Thursday night 😔
Ok, now that I'm home again I investigated a bit further and seems #cloudflare are having some issues on their side with multiple of their services. Though still weird that only the #IPv6 addresses of the #DNS servers are unreachable (or at least appear unreachable from within my network) and not the #IPv4 ones.
It would be reachable by #IPv6 directly. But the #IPv4 Traffic will have to be served by an #CDN.
Alternatives to #Cloudflare are welcome.
#Cloudflare often blocks my ISP connection on websites that use it, so why would I trust #CloudflareFonts? This #CDN gets zero approval from me. If anything, this #web #fonts service just creates yet another pocket for cache *alongside* #GoogleFonts (that majority of websites were brainwashed to use already). If it's what to #DeGoogle is, then I suggest avoiding extra hops and using #BunnyFonts instead.
👋🐰 Embrace the #Bunny!
Wait, #Cloudflare Fonts? Hahahhahhaahahh!!! 😂 Come on, now...
First foray into #11ty and I ❤️ it. Very little effort to get the base blog template running locally, pushed to #Git and deployed via #Cloudflare Pages. Time to start tweaking!
If you are using #cloudflare on your #website , stop. It is blocking legitamate traffic and is extremely unfriendly to people with #accessibility challenges. Just search cloudflare + infinite or stuck or broken. You will see what i mean. And this doesn't even touch on the #privacy , #security , or reliability risks of so much of the #internet running through a single service.
Please, tell your friends to stop relying on CloudFlare.
Why?
1) It's an intercepting proxy. All traffic is logged and shared (sold) to third parties - mainly the feds,
2) CF can inject a malicious payload,
3) CF adds unnecessary captcha to, inc but not limited to, privacy-aware visitors (VPN, TOR), or block them completely,
4) the internet is basically unusable with CF blocking browser addons,
5) If CF goes down, your website will go down, too. And yes, it does happen.
🚨 #Cisco wrecked.
⚠️ #Okta support hacked; #BeyondTrust first detected the breach and was the one that notified Okta, other public victims known so far include #Cloudflare.
Another #RiskyBiz doozy from @campuscodi for @riskybusiness https://riskybiznews.substack.com/p/cisco-ios-xe-hackers-cover-tracks-patches
Post >> Testing, testing • What I found in recent evaluations of web browsers and the new Cloudflare Fonts service.
So, today I deployed the 2nd microservice that I had split out from our monolith.
I’m a big believer in avoiding complications, so how did I know I needed microservices?
Both of these were aspects of our app that needed independent scaling from the rest of the app: while the main app scales quite predictably with user growth, these two services see huge fluctuations in usage, regularly increasing and decreasing 10-fold or more in a matter of hours, and without warning.
It also helped that these are logically quite self-contained, without strong dependencies on the state of the application.
Ultimately these two microservices now run on CloudFlare Workers, allowing near infinite scale, and geographic distribution, which is fantastic!
#microservice #microservices #monolith #webdevelopement #webdev #cloudflare #Cloud #
Post >> Cloudflare Fonts : my first look • The CFF offering works as indicated, but there’s one possible gotcha to consider.
https://www.brycewray.com/posts/2023/10/cloudflare-fonts-first-look/
#Google meldet größten DDoS-Angriff aller Zeiten
Die Attacke übertrifft den bisherigen Spitzenwert um das Siebenfache. Auch #Cloudflare und #AWS sind betroffen. Der Rekord wird durch eine neue Angriffstechnik namens Rapid Response ermöglicht.
Die Attacke erreichte 398 Millionen Anfragen pro Sekunde und war damit siebenmal größer als der bisherige Spitzenreiter aus dem Jahr 2022, berichtet #ZDNet #DDos #Cybersecurity https://www.zdnet.de/88412343/google-meldet-groessten-ddos-angriff-aller-zeiten/?utm_source=feedly&utm_medium=rss&utm_campaign=rss
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #40/2023 is out! It includes the following and much more:
🇺🇸 🗳️ D.C. Board of #Elections confirms voter data stolen in site hack
🔓 🪪 #MGM Resorts confirms hackers stole customers’ personal data during #cyberattack
🔓 🧬 #DNA testing service 23andMe investigating theft of user data
🔓 🎧 #Sony confirms #databreach impacting thousands in the U.S.
📱 💥 Lyca Mobile Group Services Significantly Disrupted by Cyberattack
🔓 🕵🏻♂️ #NATO investigating breach, #leak of internal documents
🔓 🇪🇺 European Telecommunications Standards Institute Discloses Data Breach
🔓 🏨 #MotelOne discloses data breach following #ransomware attack
🇰🇵 💰 North Korea's #Lazarus Group Launders $900 Million in #Cryptocurrency
🇧🇪 🇨🇳 #Alibaba accused of ‘possible espionage’ at European hub
🇨🇳 #China-linked cyberspies #backdoor #semiconductor firms with #CobaltStrike
🥸 Meet LostTrust #ransomware — A likely rebrand of the #MetaEncryptor gang
🇬🇾 🇨🇳 #Guyana Governmental Entity Hit by #DinodasRAT in #CyberEspionage Attack
🇷🇺 🇺🇸 #FBI most-wanted Russian hacker reveals why he burned his passport
🇺🇸 🏥 #FDA cyber mandates for #medicaldevices goes into effect
☁️ 🔓 Number of Internet-Exposed #ICS Drops Below 100,000
☁️ #Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via #SQL Server Instance
🦠 📈 #QakBot Threat Actors Still in Action, Using Ransom Knight and Remcos RAT in Latest Attacks
🔓 🍏 #Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day
🎣 🧑🏻💼 US Executives Targeted in #Phishing Attacks Exploiting Flaw in Indeed Job Platform
🦠 🏦 #Zanubis #Android Banking Trojan Poses as Peruvian Government App to Target Users
🦠 🇮🇷 Iranian APT Group #OilRig Using New Menorah #Malware for Covert Operations
🔐 ☁️ #Amazon to make #MFA mandatory for 'root' #AWS accounts by mid-2024
🛡️ 🧅 #Microsoft Defender no longer flags #Tor Browser as malware
👀 X-Force uncovers global #NetScaler Gateway credential harvesting campaign
🐛 💰 Zero-days for hacking #WhatsApp are now worth millions of dollars
🩹 #Cisco fixes hard-coded root credentials in Emergency Responder
🔓 Vulnerabilities in #Supermicro BMCs could allow for unkillable server #rootkits
🔓 🐧 Looney Tunables: New #Linux Flaw Enables Privilege Escalation on Major Distributions
🐍 Warning: #PyTorch Models Vulnerable to Remote Code Execution via ShellTorch
🩹 Microsoft Edge, Teams get fixes for zero-days in #opensource libraries
🔓 🔥 Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw
☁️ Cloudflare #DDoS protections ironically bypassed using #Cloudflare
📚 This week's recommended reading is: "8 Steps to Better Security: A Simple Cyber Resilience Guide for Business" by Kim Crawley
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-week-402023
https://torrentfreak.com/encrypted-client-hello-ech-effectively-defeats-pirate-site-blocking-231006/
CloudFlare has enabled Encrypted Client Hello (ECH) for all free plans. The new privacy feature makes it impossible for Internet providers to track which websites subscribers visit. As a result, it also renders pirate site-blocking efforts useless, if both the site and the visitor have ECH enabled.
#Cloudflare #EncryptedClientHello #ECH #Privacy #Encryption #Piracy #SiteBlocking
Men det er nok fordi jeg allerede har fyllt in data. Root tillater indeks-visning... #lol Det betyr at #cloudflare har ikke tatt den ned ennå.