Well my IP (regular plain residential Asian ISP) is blocked on this site. Zealous Cloudflare-blocking is breaking the web.

(also thanks for the useful message telling me to "contact the website owner... while blocking me from the website where the contact info should be)

▲ dylan604 4 hours ago | parent | next [-]

I'm not defending Cloudflare, but what is a better solution? If small websites can just be DDOS'd out of existence because some group thinks it'll be funny, what protections do they have? It takes too much equipment and know-how to stop an attack for people to be able to survive online. The next thing you'll hear about is a monthly service fee to the hackers as a protection racket just like the mob.

▲

somenameforme 3 hours ago | parent | next [-]

The site's also blocked for me, also on a normal residential IP. Making your site inaccessible for people out of fear that somebody might make it inaccessible for people feels reminiscent of blockading the strait because you don't want the strait blockaded.

▲

Alive-in-2025 2 hours ago | parent | next [-]

occasionally a major site that I subscribe to blocks me with cloud flare. It was either nyt or a similar news site I subscribe to. I couldn't even get to any 'give me feedback' page because cloudflare was blocking. When cloudflare decides to block you, it should give you a contact page for that website so you can send them an email or tell them.

I work around this by using my phone connection with phone chrome.

▲

dantillberg 3 hours ago | parent | prev | next [-]

> feels reminiscent of blockading the strait because you don't want the strait blockaded

I think this is a poor analogy, unnecessarily politicizing the topic.

It might be a good analogy the other way around, if hackers DDOSed the website as revenge for partial IP-based blocking, in order to apply pressure to the website operator to remove IP-based blocking. But that wasn't the topic.

	▲	pocksuppet 5 minutes ago \| parent [-]
		It's accurate. The USA is doing "Iran can't blockade the strait if I blockade the strait!" and Cloudflare is doing "Hackers can't take your site offline if I take your site offline!"

▲

expedition32 3 hours ago | parent | prev [-]

The internet is killing itself.

And no I do not blame small website owners they just have to live with this mess same as everyone else.

▲

Dylan16807 3 hours ago | parent | prev | next [-]

The better solution to blocking entire continents is probably doing nothing.

For DDoS resistance... Well I can imagine a world where a tech in the same area as IPFS or freenet gives backup access to websites that are overloaded.

▲

sethops1 2 hours ago | parent | next [-]

> tech in the same area as IPFS or freenet

Are we getting that before or after personal jet packs, flying cars, and my tacos delivered via tacocopters?

I'll protect my sites with Cloudflare until then, thanks.

▲

warkdarrior 2 hours ago | parent | prev | next [-]

> For DDoS resistance... Well I can imagine a world where a tech in the same area as IPFS or freenet gives backup access to websites that are overloaded.

As a small website owner, I can use Cloudflare or I can wait for this imagined tech.

	▲	lstodd an hour ago \| parent [-]
		You can use CF and lose relevance. Or even go beyond that and outright geoip-block . Ofc it's your choice. For some reason there are many small sites I have no problem visiting and then there are those CF users which may or may not work at any given moment, forcing me to ignore them. Well, good luck. You are cutting yourself from the internet, not cutting me off.

▲

exe34 2 hours ago | parent | prev [-]

Would IPFS need to be a part of the browser? Or is there an easy to use browser out there that runs on IPFS? If you need the average user to go find proxys, it won't work.

▲

sandeepkd 2 hours ago | parent | prev | next [-]

Makes me wonder if the company protecting against the DDOS would have motivation to encourage or facilitate the DDOS efforts too, makes them the protection racket itself.

If DDOS is really the problem we want to solve then it would be awesome if one can do it without looking into the packet. SSL terminating at some centralized third party provider is way too much power.

▲

bshaughn 2 hours ago | parent | prev | next [-]

Websites should have a lean markdown or .txt page for each human friendly webpage. A lot of the surge in bots is because of LLMs. Its insane that a technical documentation web page can use 200MB + of memory, when the core information I care about is << 1 MB of text. at the path of least resistance for many people is to have claude code hit 20 of such pages.

This is something that would be perfect for cloudflare to host and sell as a service - static web pages via their CDN network.

I do not work in web development, so im sure there are plenty of details im ignorant of, but the TLDR of "how to fight accidental DDOS because of AI tooling " is make it easier for them to get the content they want.

▲

deely3 4 hours ago | parent | prev | next [-]

And don't forget about kids safety!

▲

PunchyHamster 4 hours ago | parent | prev | next [-]

nah they will be selling their service to both hackers and their targets

▲

sph 3 hours ago | parent | prev [-]

How many small websites served by Cloudflare risk being DDOS'd? How many small website owners would incur serious loss of livelihood if they are DDOS'd for a few days? Is DDOS risk so important that the web needs a protection racket?

> If small websites can just be DDOS'd out of existence

DDOS doesn't destroy websites. It just makes them unreachable until the disgruntled person decides it's been running long enough.

Please stop exaggerating a very real problem only a few entities on the web have; what you are perpetuating is FUD, which enables companies like Cloudflare to kill the web.

> The next thing you'll hear about is a monthly service fee to the hackers as a protection racket

How do you not even see the irony of this?

▲

ivanmontillam 2 hours ago | parent | next [-]

> DDOS doesn't destroy websites. It just makes them unreachable until the disgruntled person decides it's been running long enough.

You can be absolutely destroyed if your hosting provider later hits you as a Website Owner with an excess traffic bill.

	▲	pocksuppet 2 minutes ago \| parent \| next [-]
		Fire your provider then. They're probably not paying for inbound traffic (most orgs are billed on the dominant traffic direction, so inbound for eyeballs and outbound for hosting), so it's pure extortion on their part.
	▲	lstodd 43 minutes ago \| parent \| prev [-]
		While it is entirely possible to enter such a contract with a provider, it is your fault in the end. Don't maybe enter them?

▲

dylan604 2 hours ago | parent | prev [-]

> Please stop exaggerating a very real problem only a few entities on the web have; what you are perpetuating is FUD, which enables companies like Cloudflare to kill the web.

I'm not exaggerating, I'm just playing what if. That's a game where you think of random things that could go wrong, and then deciding if it is worth the expense. Just because maybe you can't think of things of varying plausibility does not make me exaggerating. We already see ransomware working from the hacker's perspective. There's no reason to think that greed will not come into play. If I can think of it, there's no reason to think that hackers are not also considering various ways to expand on ransomware as a service

>> The next thing you'll hear about is a monthly service fee to the hackers as a protection racket

> How do you not even see the irony of this?

How do you not? If every hacking group can come along and extort any site they choose to pay them a protection fee, there's no way websites will accept any of this. Compare that to paying a single legit service protecting against all of those hacking groups. Can't imagine why people would be willing to do that.

▲

therein 2 hours ago | parent [-]

This is the same mindset that wants to make it illegal to sell kitchen knives with sharp tips.

	▲	dylan604 2 hours ago \| parent [-]
		How do you come to that conclusion? It's so far off of what I said that you've got some splainin' to do

▲ theflyinghorse 2 hours ago | parent | prev | next [-]

I don't understand why cloudflare is loved by tech people. They ARE breaking the web.

▲ isodev 4 hours ago | parent | prev | next [-]

It's amazing how after all these years, tech world still believes it's a good idea to sell the entrance to their websites and services to the same bouncer. Cloudflare not in the mood for your IP/ISP/Country? Tough cookies.

▲

llm_nerd 3 hours ago | parent [-]

In this case a site is geoblocking. It's an affiliate station is Wisconsin, serving up local news. Sites have been using things like MaxMind and blanket blocking entire regions long before Cloudflare.

If you've run a site like that, pretty soon you realize 100% of the traffic that hits you from Asia, Russia, the Middle East and even Eastern Europe / the Baltics is exploit detection scripts and is just noise in your logs. Okay, 99.999999% as once every decade something ends up on HN and gets a broader audience.

▲

isodev 3 hours ago | parent [-]

This is such a narrow PoV and I don't see how it relates to Cloudflare currently being de factor gatekeeper for every web properly of consequence.

What's the point of publishing news or content on the web if you don't want it to be accessible? What about locals who travel? What about locals who share links with others?

	▲	llm_nerd 2 hours ago \| parent [-]
		You brought up Cloudflare, when in reality this site went into their caching services configuration and purposefully enabled geofencing restrictions. They could have done this a million ways, and Cloudflare is basically irrelevant to this conversation, and is utterly fungible. >What's the point of publishing news or content on the web if you don't want it to be accessible Because you don't want the burden of far away users who will never represent a penny of income for your content? This is a weirdly entitled comment. Quite aside from certain countries disproportionately account for malicious traffic, often there are legal issues that come into play as well. This is why many regional sites block EU locations because they don't want the compliance costs for users that aren't their base.

▲ Mickelby 2 hours ago | parent | prev | next [-]

If you run a website then you quickly learn that 99% of traffic is bots/spam/scam/ai, and will overwhelm your resources. You can block it with the click of a (Cloudflare) button. There is nothing to consider here.

▲ not_a_bot_4sho 3 hours ago | parent | prev | next [-]

> (also thanks for the useful message telling me to "contact the website owner... while blocking me from the website where the contact info should be)

I hit this a lot with Firefox VPN and it's ridiculous

▲ sammy2255 2 hours ago | parent | prev | next [-]

You could use a search engine to find their contact information

▲ kogasa240p 5 hours ago | parent | prev | next [-]

Microsoft has decided not to move forward with its proposed site for a data center in the Village of Caledonia after facing significant community pushback from residents. Posted and last updated

VILLAGE OF CALEDONIA, Wis. — Microsoft has decided not to move forward with its proposed site for a data center in the Village of Caledonia after facing significant community pushback from residents.

PREVIOUS COVERAGE | Microsoft data center proposal continues to divide Caledonia residents as rezoning plans move forward

“Based on the community feedback we heard, we have chosen not to move forward with this site,” a Microsoft spokesperson said in a statement Wednesday.

The tech giant’s decision comes after hundreds of residents voiced opposition to the project over recent weeks. More than 2,000 people signed a petition opposing a rezoning proposal that would have allowed the data center to be built on 244 acres of land.

Watch: Microsoft pulls plug on plans for 244-acre data center in Caledonia after community pushback

The proposed site was situated on County Line Road and State Highway 32, southwest of the WE Energies Oak Creek Power Plant, and was surrounded by farmland and residential properties.

47032805-Concept Site Plan - Project Nova by TMJ4 News

Despite abandoning this particular location, Microsoft indicated it remains interested in investing in Southeast Wisconsin.

The spokesperson said the company looks forward to “working with the Village of Caledonia and Racine County leaders to identify a site that aligns with community priorities and our long-term development goals.”

TMJ4’s Jenna Rae, who has been following this story, reached out to Todd Willis, the village administrator, who provided the following statement:

    “Nothing official has been submitted to the Village regarding their pending application, and have no comment until such time.”

- Todd Willis, Village Administrator

Resident Prescott Balch told TMJ4 that his phone did not stop ringing on Wednesday morning, as people delivered the news. PRESCOTT BALCH TMJ4 Prescott Balch lives in Caledonia. Balch welcomed the news that Microsoft is changing plans to bring a data center in the area.

"We're ecstatic that those arguments held water and ultimately convinced a large corporation to back off, so great day here in Caledonia," Balch said.

Village trustee Nancy Pierce says she learned about the change from a news article.

"I have a lot of respect for Microsoft, making the decision when they say they listened to the constituents. They also listened to board questions both at the planning commission at the board level. I believe that they took a lot of different pieces of information into play," Pierce stated. Nancy Pierce TMJ4 News Nancy Pierce is a village trustee in Caledonia.

Both Pierce and Balch made it clear that they are not opposed to working with Microsoft in Caledonia.

As the tech giant looks for a new site, there is hope that there are improvements to the overall process.

"I would’ve liked to been able to engage directly with Microsoft much earlier in the process. We were not allowed to do that. I think that became an obstacle for a lot of different points and reasons," Pierce explained. "I feel like now they would come forward much quicker and engage directly with the community, really get to understand the community."

"There are people that have an opinion about what they want to do with their village, and that was absent in this to me. That's the real message of this thing," Balch explained. "Let's help Microsoft find the right spot in southeast Wisconsin."

▲ PunchyHamster 4 hours ago | parent | prev | next [-]

block was enabled by site owner, not cloudflare. If they used something else they'd just blanked block ASN IP blocks

	▲	zinekeller an hour ago \| parent [-]
		And as stated by others, it's about not complying with GDPR et al. Heck, this is not even Cloudflare, it's AWS Cloudfront!

▲ 2 hours ago | parent | prev [-]

[deleted]