• onlooker
    link
    fedilink
    arrow-up
    19
    ·
    4 years ago

    Try browsing the web using Tor or a VPN. You will spend the day doing Google recaptchas for like 90% of the websites you visit, I guarantee it. All thanks to Cloudflare. Recaptchas are also an issue in itself, because what solving recaptchas does is it teaches Google’s AI to better perform at image recognition without the user’s consent, but this is never pointed out to the user. Users are basically doing Google’s work for them without even knowing it.

    Then there was the whole Cloudbleed fiasco. Private messages, credit card info, passwords, etc. All kinds of stuff was leaked online, which was not a good look.

    Then there’s their uptime. It’s not great. How many times have you seen this image? Your PC’s fine, the website you’re trying to reach is fine, but Cloudflare is down. Thus, no website for you.

    I’m sure there’s more, this is just off the top of my head. If Cloudflare is the answer, I’d rather have the problem, honestly.

    • Golden
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      4 years ago

      Hum I did not know that the captchas were because of Cloudflare!

    • stanleypar11
      link
      fedilink
      arrow-up
      4
      arrow-down
      11
      ·
      4 years ago
      1. The captcha thing is configurable, it can disabled entirely
      2. Cloudbleed was fixed ages ago
      3. You’ve just cherry-picked an image showing a Cloudflare error, I guarantee you Cloudflare has much higher uptime than the actual host has
        • stanleypar11
          link
          fedilink
          arrow-up
          4
          arrow-down
          2
          ·
          4 years ago

          Yes, in the Cloudflare dashboard you can either make a Firewall setting to “Allow” access to 0.0.0.0/0 or you can set your security options to “Essentially Off”… or both

          I’ve just tried it against my site and haven’t seen a captcha prompt

          I believe no one ever bothers to configure these which is why Tor users run into so much trouble with captchas on CF sites

            • stanleypar11
              link
              fedilink
              arrow-up
              4
              arrow-down
              2
              ·
              4 years ago

              I’m sure theres a difference between the security setting “Essentially Off” and “Off” (which is reserved for enterprise customers only). It could possibly mean that there are still some ip ranges or ASNs which are still forced to have a captcha displayed to them with the “Essentially Off” setting, but I haven’t encountered any.

              Also I may have been mistaken about the Firewall 0.0.0.0/0 setting, it seems that Cloudflare’s “security level” is its own version of Firewall rules that apply even before the customer’s rules. So, for example if I set my site’s security setting to “I’m under attack” then I will be displayed with a javascript challenge even if I have the Allow all from 0.0.0.0/0 firewall rule enabled