| ▲ | mlyle 6 days ago |
| I don't trip over CloudFlare except when in a weird VPN, and then it always gets out of my way after the challenge. Anubis screws with me a lot, and often doesn't work. |
|
| ▲ | dijit 6 days ago | parent | next [-] |
| The annoying thing about cloudflare is that most of the time once you’re blocked: you’re blocked. There’s literally no way for you to bypass the block if you’re affected. Its incredibly scary, I once had a bad useragent (without knowing it) and half the internet went offline, I couldn’t even access documentation or my email providers site, and there was no contact information or debugging information to help me resolve it: just a big middle finger for half the internet. I haven’t had issues with any sites using Anubis (yet), but I suspect there are ways to verify that you’re a human if your browser fails the automatic check at least. |
| |
| ▲ | zorked 6 days ago | parent | next [-] | | CloudFlare is dystopic. It centralizes even the part of the Internet that hadn't been centralized before. It is a perfect Trojan horse to bypass all encryption. And it chooses who accesses (a considerable chunk of) the Internet and who doesn't. Anubis looks much better than this. | | |
| ▲ | jijijijij 6 days ago | parent | next [-] | | It's literally insane. After Snowden, how the fuck did we ended up with a single US company terminating almost every TLS connection? | | |
| ▲ | jgalt212 2 days ago | parent [-] | | They don't have to terminate every TLS connection. That's just the happy path. |
| |
| ▲ | robertlagrant 6 days ago | parent | prev [-] | | > It is a perfect Trojan horse to bypass all encryption Isn't any hosting provider also this? | | |
| ▲ | dijit 6 days ago | parent [-] | | Not necessarily. FaaS: Yes. IaaS: Only if you do TLS termination at their gateway, otherwise not really, they'd need to get into your operating system to get the keys which might not always be easy. They could theoretically MITM the KVM terminal when you put in your disk decryption keys but that seems unlikely. |
|
| |
| ▲ | piltdownman 6 days ago | parent | prev | next [-] | | It could be a lot worse. Soccer rights-holders effectively shut-down the Cloudflare facilitated Internet in Spain during soccer matches to 'curb piracy'. The Soccer rightsholders - LaLiga - claim more than 50% of pirate IPs illegally distributing its content are protected by Cloudflare. Many were using an application called DuckVision to facilitate this streaming. Telefónica, the ISP, upon realizing they couldn’t directly block DuckVision’s IP or identify its users, decided on a drastic solution: blocking entire IP ranges belonging to Cloudflare, which continues to affect a huge number of services that had nothing to do with soccer piracy. https://pabloyglesias.medium.com/telef%C3%B3nicas-cloudflare... https://www.broadbandtvnews.com/2025/02/19/cloudflare-takes-... https://community.cloudflare.com/t/spain-providers-blocks-cl... | |
| ▲ | ehnto 6 days ago | parent | prev | next [-] | | Now imagine your government provided internet agent gets blacklisted because your linked social media post was interpreted by an LLM to be anti-establishment, and we are painting a picture of our current trajectory. | | |
| ▲ | petralithic 6 days ago | parent | next [-] | | I don't have to imagine | |
| ▲ | thrown-0825 3 days ago | parent | prev [-] | | most of the people on this site work or worked for companies who enabled this or specifically sold it as a feature we are all complicit |
| |
| ▲ | kedihacker 6 days ago | parent | prev | next [-] | | Anubis checks proof of work so as long as JavaScript runs you will pass it. | |
| ▲ | Dilettante_ 6 days ago | parent | prev [-] | | A "digital no-fly-list" is hella cyberpunk, though. | | |
| ▲ | ehnto 6 days ago | parent [-] | | The question might become, what side of the black wall are you going to be on? Seriously though I do think we are going to see increasing interest in alternative nets, especially as governments tighten their control over the internet or even break away into isolated nation nets. | | |
| ▲ | pjc50 6 days ago | parent [-] | | Paradoxically, the problem with an "alternative net" (which could be tunneled over the regular one) is keeping it alternative. It has to be kept small and un-influential in order to stay under the radar. If you end up with an "alternative" which is used by journalists and politicians, you've just reinvented the mainstream, and you're no longer safe from being hit by a policy response. Think private trackers. The opposite of 4chan, which is an "alternative" that got too influential in setting the tone of the rest of the internet. | | |
| ▲ | dijit 6 days ago | parent [-] | | Not necessarily, Yggdrasil flies under the radar because it's inherently hard to block. Tor even more so, the power of Tor is that the more people use it: the stronger it becomes to centralised adversaries. The main issue with Tor is the performance of it though. | | |
| ▲ | thfuran 5 days ago | parent | next [-] | | I thought that the main issue with tor was that so many of the exit nodes are actually the FBI. | | |
| ▲ | dijit 5 days ago | parent [-] | | You don't ever have to leave the Tor network. I host IRC on a hidden service, and even Facebook (lol) offers a hidden service endpoint. All that is needed is for a critical mass of people and a decent index: and we successfully have reinvented "the wired" from Serial Experiments: Lain |
| |
| ▲ | flkenosad 6 days ago | parent | prev [-] | | The truth is the internet was never designed or intended to host private information. It was created for scientists by scientists to share research papers. Capitalists perverted it. |
|
|
|
|
|
|
| ▲ | binaryturtle 6 days ago | parent | prev | next [-] |
| I'm on an older system here, and both Cloudflare and Anubis entirely block me out of sites. Once you start blocking actual users out of your sites, it simply has gone too far. At least provide an alternative method to enter your site (e.g. via login) that's not hampered by erroneous human checks. Same for the captchas where you help train AIs by choosing out of a set of tiny/ noisy pictures. I often struggle for 5 to 10 minutes to get past that nonsense. I heard bots have less trouble. Basically we're already past the point where the web is made for actual humans, now it's made for bots. |
| |
| ▲ | inejge 6 days ago | parent | next [-] | | > Once you start blocking actual users out of your sites, it simply has gone too far. It has, scrapers are out of control. Anubis and its ilk are a desperate measure, and some fallout is expected. And you don't get to dictate how a non-commercial site tries to avoid throttling and/or bandwidth overage bills. | | |
| ▲ | account42 6 days ago | parent [-] | | No, they are a lazy measure. Most websites that slap on these kinds of checks don't even bother with more human-friendly measures first. | | |
| ▲ | mschuster91 6 days ago | parent [-] | | Because I don't have the fucking time to deal with AI scraper bots. I went harder - anything even looking suspiciously close to a scraper that's not on Google's index [1] or has wget in its user agent gets their entire /24 hard banned for a month, with an email address to contact for unbanning. That seems to be a pretty effective way for now to keep scrapers, spammers and other abusive behavior away. Normal users don't do certain site actions at the speed that scraper bots do, there's no other practically relevant search engine than Google, I've never ever seen an abusive bot hide as wget (they all try to emulate looking like a human operated web browser), and no AI agent yet is smart enough to figure out how to interpret the message "Your ISP's network appears to have been used by bot activity. Please write an email to xxx@yyy.zzz with <ABC> as the subject line (or click on this pre-filled link) and you will automatically get unblocked". [1] https://developers.google.com/search/docs/crawling-indexing/... | | |
| ▲ | account42 6 days ago | parent [-] | | > Normal users don't do certain site actions at the speed that scraper bots do How would you know when you have already banned them. | | |
| ▲ | mschuster91 6 days ago | parent [-] | | Simple. A honeypot link in a three levels deep menu which no ordinary human would care about that, thanks to a JS animation, needs at least half a second for a human to click on. Any bot that clicks it in less than half a second gets the banhammer. No need for invasive tracking, third party integrations, whatever. | | |
| ▲ | account42 6 days ago | parent [-] | | That does sound like a much human friendlier approach than Anubis. I agree that tarpits and honeypots are a good stopgap until the legal system catches up to the rampant abuse of these "AI" companies. It's when your solutions start affecting real human users just because they are not "normal" in some way that I stop being sympathetic. |
|
|
|
|
| |
| ▲ | alperakgun 6 days ago | parent | prev | next [-] | | I gave up on a lot of websites because of the aggressive blocking. | |
| ▲ | johnklos 6 days ago | parent | prev [-] | | FYI - you can communicate with the author of Anubis, who has already said she's working on ways to make sure that all browsers - links, lynx, dillo, midori, et cetera, work. Unless you're paying Cloudflare a LOT of money, you won't get to talk with anyone who can or will do anything about issues. They know about their issues and simply don't care. If you don't mind taking a few minutes, perhaps put some details about your setup in a bug report? |
|
|
| ▲ | necovek 6 days ago | parent | prev | next [-] |
| It's the other way around for me sometimes — I've never had issue with Anubis, I frequently get it with CF-protected sites. (Not to mention all the sites which started putting country restrictions in on their generally useful instruction articles etc — argh) |
|
| ▲ | Pinus 6 days ago | parent | prev | next [-] |
| I’m planning a trip to France right now, and it seems like half the websites in that country (for example, ratp.fr for Paris public transport info) require me to check a CloudFlare checkbox to promise that I am a human. And of those that don’t, quite a few just plain lock me out... |
| |
| ▲ | ta988 6 days ago | parent | next [-] | | And a lot of US sites don't work in France either, or they ban you after just a couple requests with no appeal... | |
| ▲ | Symbiote 6 days ago | parent | prev | next [-] | | I find the same when using some foreign sites. I think the operator must have configured that France is OK, maybe neighboring countries too, the rest of the world must be checked. | |
| ▲ | alibarber 6 days ago | parent | prev [-] | | It's not hard to understand why though surely? You might have to show a passport when you enter France, and have your baggage and person (intrusively) scanned if you fly there, for much the same reason. People, some of them in positions of government in some nation states want to cause harm to the services of other states. Cloudflare was probably the easiest tradeoff for balancing security of the service with accessibility and cost to the French/Parisian taxpayer. Not that I'm happy about any of this, but I can understand it. | | |
| ▲ | inferiorhuman 6 days ago | parent [-] | | The antagonists in this case are not state sponsored terrorists, instead it's AI bros DDoSing the internet. |
|
|
|
| ▲ | thayne 6 days ago | parent | prev | next [-] |
| I get one basically every time I go to gitlab.com on Firefox. It is easy to pass the challange, but it isn't any better than Anubis. |
|
| ▲ | NoGravitas 6 days ago | parent | prev | next [-] |
| Even when not on VPN, if a site uses the CloudFlare interstitials, I will get it every single time - at least the "prove you're not a bot" checkbox. I get the full CAPTCHA if I'm on a VPN or I change browsers. It is certainly enough to annoy me. More than Anubis, though I do think Anubis is also annoying, mainly because of being nearly worthless. |
|
| ▲ | wongarsu 6 days ago | parent | prev | next [-] |
| For me both are things that mostly show up for 1-3 seconds, then get replaced by the actual website. I suspect that's the user experience of 99% of people. If you fall in the other 1% (e.g. due to using unusual browsers or specific IP ranges), cloudflare tends to be much worse |
|
| ▲ | immibis 6 days ago | parent | prev [-] |
| You must be on a good network. You should run one of those "get paid to share your internet connection with AI companies" apps. Since you're on a good network you might make a lot of money. And then your network will get cloudflared, of course. We should repeat this until every network is cloudflared and everyone hates cloudflare and cloudflare loses all its customers and goes bankrupt. The internet would be better for it. |
