@osma it doesn't matter how federated you are. Rogue governments will allow indiscriminate internet blocks, like what's happening in #Spain, where all major ISP are blocking some major CDN and cloud providers like #Cloudflare, #Vercel, Quic or CDN77 (affecting millions of legitimate websites) just because some of their users are using them to host illegal IPTV streaming of sports (!) #LaLiga #LaLigaGate
https://vercel.com/blog/update-on-spain-and-laliga-blocks-of-the-internet

#Proton VPN は #macOS にも #Android にももともとインストールはしてあったし、もともと無料プランで使ってたから、自分できることは実はあまり変わってはいないんだよな…
あと #Cloudflare の #WARP も VPN 的な気持ちインストールしていて使ってる

Recently I boosted a couple of links about cloudflare doing some sort of password re-use analysis on passwords they saw through their WAF. This was not a technical post. It was a call to attention. Some of the responses I got suggested that my post was misleading or blowing this way out of proportion. I assure you that neither of these are true.

Don't focus so much on the idea that #cloudflare has access to passwords that come through their systems. In better times I'd welcome such an effort. At least they didn't chastize someone who really loved a silly movie, like Netflix did long ago. Instead, focus on the fact that they are a company based in the United States meaning they are subject to the whim of a fascist regime that is proving it doesn't care about the letter of the law.

I'm not concerned about my password security for the sites that transit their service. I am a cishet middle class white male. I'm pretty low on the target list.

*** I AM concerned about the password security for at risk populations who access sites crucial for them, that transit through cloudflare. I'm concerned about the LGBTQIA+ population in the United States. I'm concerned about pregnant women. I'm concerned about Jews, and Muslims, and Bhuddists, and everyone else who doesn't fit into the narrow worldview of the fascist reich that is the republican party and their bootlickers. The FBI, Justice Department, State Department, etc no longer serve the american people. They serve an emperor. This is a time of great danger any website or service that attracts at risk populations should seriously consider if using some of cloudflare's features is worth it, or if they should take their business elsewhere.

#ally #uspol

Recently I boosted a couple of links about cloudflare doing some sort of password re-use analysis on passwords they saw through their WAF. This was not a technical post. It was a call to attention. Some of the responses I got suggested that my post was misleading or blowing this way out of proportion. I assure you that neither of these are true.

Don't focus so much on the idea that #cloudflare has access to passwords that come through their systems. In better times I'd welcome such an effort. At least they didn't chastize someone who really loved a silly movie, like Netflix did long ago. Instead, focus on the fact that they are a company based in the United States meaning they are subject to the whim of a fascist regime that is proving it doesn't care about the letter of the law.

I'm not concerned about my password security for the sites that transit their service. I am a cishet middle class white male. I'm pretty low on the target list.

*** I AM concerned about the password security for at risk populations who access sites crucial for them, that transit through cloudflare. I'm concerned about the LGBTQIA+ population in the United States. I'm concerned about pregnant women. I'm concerned about Jews, and Muslims, and Bhuddists, and everyone else who doesn't fit into the narrow worldview of the fascist reich that is the republican party and their bootlickers. The FBI, Justice Department, State Department, etc no longer serve the american people. They serve an emperor. This is a time of great danger any website or service that attracts at risk populations should seriously consider if using some of cloudflare's features is worth it, or if they should take their business elsewhere.

#ally #uspol

So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.

Let me put the important words in uppercase.

So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.

[Edit with H/T: https://benjojo.co.uk/u/benjojo/h/cR4dJWj3KZltPv3rqX]

https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/

#cloudflare #password #cybersecurity

So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.

Let me put the important words in uppercase.

So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.

[Edit with H/T: https://benjojo.co.uk/u/benjojo/h/cR4dJWj3KZltPv3rqX]

https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/

#cloudflare #password #cybersecurity

So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.

Let me put the important words in uppercase.

So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.

[Edit with H/T: https://benjojo.co.uk/u/benjojo/h/cR4dJWj3KZltPv3rqX]

https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/

#cloudflare #password #cybersecurity

I've been trying to de-corporate where I can but like. There's not really an alternative to #Cloudflare, right...? Aside from "a shit load of my own hardware"? Feels like an okay "no ethical consumption" write off for now

Cloudflare is the worst.

Banning people under 18 without warning, even when they want to use parental consent, is anti-youth entrepreneurship.

You build projects, buy domains, verify your identity, and they delete your whole account just for being young. ☠️

No second chance, no future. This affects many developers, and even Cloudflare themselves.

I'll never recommend Cloudflare, and I never will.

#Cloudflare #web #domain #www #youth

So much for the "open Internet." That died so long ago.

#Cloudflare

https://www.theregister.com/2025/03/04/cloudflare_blocking_niche_browsers/

So much for the "open Internet." That died so long ago.

#Cloudflare

https://www.theregister.com/2025/03/04/cloudflare_blocking_niche_browsers/

Based on Cloudflare’s Speed Test tool, my Internet connection download speed is 31Mbps. Detailed analytics help me better understand our user experience. Try it yourself at https://speed.cloudflare.com/ #speedtest #cloudflare

🌍 Something new is coming.

The way we build, secure, and scale in the cloud is evolving faster than ever. That’s why we’re bringing together top industry leaders to explore what’s next.

Real stories. Practical insights. A fresh perspective on the future of AI, security, and cloud innovation.

Stay tuned. 👀

#Cloudflare #Innovation #AI #CyberSecurity

odio decir esto, pero lo de cloudflare y movistar se arregla con una vpn como NORDVPN, EL ESPONSOR DE ESTE VIDEO

#Cloudflare #WARP の #macOS アプリ、マシンの再起動とかするとまた IPC Error という表示になっちゃうな

#Cloudflare #WARP アプリ繋がらなかったの、 #macOS アップデートしたからか。
再インストールしたら繋がるようになった

Anyone Can Push Updates to the DOGE.gov Website:
"These 'experts' left their database open."
https://www.404media.co/anyone-can-push-updates-to-the-doge-gov-website-2/

"The doge.gov website... is insecure & pulls from a database that can be edited by anyone...

doge.gov is seemingly built on a #Cloudflare Pages site that is not currently hosted on government servers...

#DOGE has secured administrator access to the codebases at various #government agencies, including the Dept of Treasury."

#Musk #Coup #Tech #Data #Politics #News #USA #Press

Help Needed with Cloudflare Zero Trust, Pages, and Workers for ReactFlux + MiniFlux Setup

Hi everyone,

I'm new to #Cloudflare and have been trying to set up a #SelfHosted project on my #RaspberryPi 500. I'm mostly self-taught, so I apologize if I misunderstand anything or miss important details. Here's my situation:

Current Setup

• I'm running the self-hosted #RSS feed reader #MiniFlux on my Raspberry Pi 500 (#ArchLinuxARM, installed via Pacman).
  
• The setup uses #Caddy as a reverse proxy, a #CloudflareZeroTrust tunnel, and Cloudflare Access for SSO.
  
• My #CloudflareAccess application is configured to allow all origins, methods, and headers. It has a policy that allows specific emails or login methods (e.g., GitHub).
  

What I'm Trying to Do

• I want to deploy ReactFlux, an alternative frontend for MiniFlux, on #CloudflarePages.
  
• Before setting it up fully, I tested the ReactFlux demo with my MiniFlux instance at https://rss.laniecarmelo.tech. However, ReactFlux couldn't log in.
  

Suspected Issue

I believe the issue is caused by Cloudflare Access protection blocking ReactFlux from accessing the MiniFlux API (https://rss.laniecarmelo.tech/v1/*).

What I've Tried So Far

1. I added another hostname (rss.laniecarmelo.tech/v1/*) to my tunnel configuration and created a new Cloudflare Access application with a policy set to "Bypass" for everyone. However, this didn't work—when testing the API endpoint in a private browser window, I'm still asked to sign into Cloudflare.
   
2. I also tried setting up the hostname with "Protect with Access" turned off but got the same results.
   
3. Next, I attempted to use a #CloudflareWorker written in JavaScript to bypass authentication for /v1/*, but it doesn't seem to be doing anything (or isn't being triggered).
   

What I Need Help With

• How can I properly configure Cloudflare so ReactFlux can access the MiniFlux API (/v1/*) while keeping the rest of my MiniFlux instance protected by Cloudflare Access?
  
• I've been stuck on this for a couple of days and would really appreciate any guidance or suggestions!
  

Thanks in advance for your help!

#SelfHosting #ArchLinux #Linux #RSSReader #tech #technology #RaspberryPi #RPi #RPi500 #RaspberryPi500
@selfhosting @selfhost @selfhosted

最新技術を音声で学ぶ！AIラジオ「Tech Post Cast」で情報収集を効率化
https://qiita.com/sumihiro3/items/105c0b74ef080ba05a5d?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #AWS #cloudflare #個人開発 #OpenAI #GoogleCloud

Not a single week passes, without me writing an email to a website owner that need to unhook their site's RSS endpoint from Cloudflare's claws.

Do it for the sake of preserving your reader's audience!

https://openrss.org/blog/using-cloudflare-on-your-website-could-be-blocking-rss-users

---
#rss #blogging #cloudflare

@torproject I see nothing there to address the elephant in the room -- the top problem from our top adversary:

#Cloudflare

Of course there needs to be a campaign against oppressive regimes but all Tor users worldwide are under DoS attack by Cloudflare. We have lost access to ½ the web and no 2024 efforts counter the loss of availability.

Also in 2024: archive.org went down for a day or so, at which moment all Tor users also lost access to archived Cloudflare sites.

Valtteri Laitinen (@valtlai) managed to get #Fedify running on #Cloudflare Workers!

#CloudflareWorkers #fedidev #ActivityPub

https://fedi.valtlai.fi/@valtlai/113906145660141267

Valtteri Laitinen (@valtlai) managed to get #Fedify running on #Cloudflare Workers!

#CloudflareWorkers #fedidev #ActivityPub

https://fedi.valtlai.fi/@valtlai/113906145660141267

Valtteri Laitinen (@valtlai) managed to get #Fedify running on #Cloudflare Workers!

#CloudflareWorkers #fedidev #ActivityPub

https://fedi.valtlai.fi/@valtlai/113906145660141267

Valtteri Laitinen (@valtlai) managed to get #Fedify running on #Cloudflare Workers!

#CloudflareWorkers #fedidev #ActivityPub

https://fedi.valtlai.fi/@valtlai/113906145660141267

Valtteri Laitinen (@valtlai) managed to get #Fedify running on #Cloudflare Workers!

#CloudflareWorkers #fedidev #ActivityPub

https://fedi.valtlai.fi/@valtlai/113906145660141267

Valtteri Laitinen (@valtlai) managed to get #Fedify running on #Cloudflare Workers!

#CloudflareWorkers #fedidev #ActivityPub

https://fedi.valtlai.fi/@valtlai/113906145660141267

Valtteri Laitinen (@valtlai) managed to get #Fedify running on #Cloudflare Workers!

#CloudflareWorkers #fedidev #ActivityPub

https://fedi.valtlai.fi/@valtlai/113906145660141267

Not a single week passes, without me writing an email to a website owner that need to unhook their site's RSS endpoint from Cloudflare's claws.

Do it for the sake of preserving your reader's audience!

https://openrss.org/blog/using-cloudflare-on-your-website-could-be-blocking-rss-users

---
#rss #blogging #cloudflare

@rysiek This is downplaying it way too much for my taste. Let me explain:

The rough location information is usually only available to servers. Now, even though I prefer zero trust, I would argue that trusting a messenger's server to not give away my rough location is way more reasonable than trusting the person that uploaded the data I'm downloading from the server.

**But in this case, the person that uploaded the data can extract the location I'm downloading it from.** This is big. It takes metadata to a whole different level.

I also want to quickly respond to the arguments:

That very rough radius could actually a pretty big deal in less populated areas.

The second argument is whataboutism. (And there are definitely apps that are not affected.)

Kinda agree with the third one though.

---

If I were #Signal, I would turn off the caching mechanism for now and urge #Cloudflare to rethink their statement. The privacy protection mechanisms are clearly lacking. Cloudflares position is simply not acceptable.

@08956495 @mykter Here are a few links that cover the cons of #Cloudflare:

* https://git.disroot.org/cyberMonk/liberethos_paradigm/src/branch/master/rap_sheets/cloudflare.md

* https://thefreeworld.noblogs.org/post/2024/03/20/comparison-of-the-human-disempowerment-severity-of-3-walled-gardens-facebook-google-and-cloudflare/

* https://thefreeworld.noblogs.org/post/2024/03/18/cloudflare-has-created-the-largest-most-rigidly-exclusive-walled-garden-in-the-world/

Not sure what generic advice on alternatives you will find. The best approach obviously depends on a number of factors like what you think you need CF to do for you and what your threat model looks like.

@mykter Yet another reason to laugh in the face of those who ignored the warnings about #Signal from years past:
https://github.com/privacytools/privacytools.io/issues/779

And WTF.. Signal thought it was wise to use #Cloudflare as a proxy. Fucking morons. Anyone who read the above thread years ago knows Signal makes foolish decisions and does not steer clear of mass surveillance risks.

And still today the Signal die-hard loyal patrons continue to pimp Signal. Just yesterday I saw some Signal promoting posts.

Question to signal users: do you use Orbot to route Signal over Tor? Does that work? If yes, this why I actually prefer Cloudflare hosts to block tor -- to do me the favor of not having to block at the firewall.

I would like to get my security house more in order by having an egress firewall that blocks all attempts to reach Cloudflare sites.

#Cloudflare’s #VPN app among half-dozen pulled from Indian app stores

https://techcrunch.com/2025/01/02/cloudflares-vpn-app-among-half-dozen-pulled-from-indian-app-stores/

#India #privacy #cybersecurity #censorship

Cloudflare Registrar でドメイン取得する #cloudflare - Qiita
https://qiita.com/khayama/items/fdda7884033b519aa1fe

ほう

Just installed a private Jellyfin server that I expose using #Cloudflare tunnels and privately using #Tailscale

https://github.com/gbraad-homelab/private-jellyfin

For example, storage is shared over the local network using webdav via Tailscale drive shares:

https://github.com/gbraad-homelab/private-jellyfin/issues/2

/cc: @jellyfin

For the first time in two weeks, all services are back online, and the #dashboard is glowing green again. The experiment of integrating #Tailscale and #Headscale with #Cloudflare has been shelved, and everything has been rolled back to its original state.

While this setup might work perfectly for some, I’ve decided to stick with native #WireGuard. This way, I maintain full control over my data and keep things simple and secure.

Gemini API + Cloudflare + Astro で作るアイスブレイクジェネレーター
https://qiita.com/yug1224/items/daab3ab50a74df57971d?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #cloudflare #AI #astro #AdventCalendar2024

Installed a private instance of Home Assistant, connected using #Cloudflare tunnels and #Tailscale

https://github.com/gbraad-homelab/private-homeassistant

I have played around with this before, but it is still daunting and confusing.

#homeassistant

【個人開発】嘘のポケポケのカードを作れるサービスを作った【コード全公開】
https://qiita.com/retoruto_carry/items/66725ea6fdd899d8f210?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #cloudflare #Remix #個人開発 #クソアプリ #Supabase

📝 DNS records and a Cloudflare security violation #Development #Webdev #Cloudflare

This site (was) hosted on Cloudflare Pages. In an effort to make scheduling more convenient for my mentee from Underdog Devs, I set up SavvyCal. Without giving it any thought, I added an easy to remember CNAME and pointed it at SavvyCal.

https://coryd.dev/posts/2024/dns-records-and-a-cloudflare-security-violation

Thanks everyone who responded to my question about finding an #AWS alternative. I've investigated everyone's suggestions and crunched the numbers. #Cloudflare R2 looks to be the cheapest option (cheaper than S3 even) but I'm uncomfortable with them hosting hate speech and terror organizations.

#FlyIO/ #Tigris is the second cheapest and they seem to be on the up-and-up so I am currently evaluating them. Thanks @titociuro for the suggestion, the onboarding process has been smooth so far!

#DevOps

#Development #Explorations
Understanding Round Robin DNS · How browsers and CDNs select which server to use https://ilo.im/160kw0

“It's an amazingly simple and elegant solution that avoids using load balancers.”

_____
#RoundRobin #DNS #CDN #Cloudflare #Browser #Chrome #Firefox #Safari #WebDev #Backend

Die #Telekom betreibt digitale Wegelagerei durch ihre #Peering-Politik. Seit Monaten leiden Millionen Kunden durch kaum nutzbare Geschwindigkeit beim Verbindungsaufbau zu #Cloudflare, EA, Netflix, etc. Stell dir vor du zahlst 60€/Monat um dann deine Spiele mit 120 kB/s zu laden. Die Foren sind voll davon aber medial erregt das irgendwie sehr wenig Aufmerksamkeit. Wieso berichtet kaum jemand darüber? Wieso ist das kein Fall für die Verbraucherzentralen? #AS3320

Using Cloudflare on your website could be blocking RSS users

#cloudflare #feed #rss

https://openrss.org/blog/using-cloudflare-on-your-website-could-be-blocking-rss-users?utm_medium=erik.in&utm_source=mastodon

We’re all set for GITEX GLOBAL – the world’s largest tech and startup event! 🌍💡 Get ready for a week full of insightful conversations, cutting-edge innovation, and transformative ideas.

The Cloudflare team will be there to share tech talks, AI experiences, and so much more! Don’t miss out on this incredible opportunity to connect and explore the future of technology. Visit us at Hall 8 Booth B40.

Stay tuned and come join us.

#GITEX2024 #Cloudflare #AI #TechInnovation #FutureOfTech

We are at GHC! Meet us at Booth 432 and learn all about our internship and new grad opportunities and how we can help build a #BetterInternet together!

#ghc24 #WomenInTech #LifeAtCloudflare #Cloudflare

#Cloudflare has demonstrated they do not care if they knowingly serve malware distributors as their customers.

Some how they think being a "pass through " cdn means they dont actually serve the traffic they do.

FTC should look at them

Happy 2nd anniversary to this tweet about Cloudflare booting Kiwi Farms.

Stripe HR investigated me for potential employee social media misconduct because an executive thought I was posting about Stripe willfully working with anti-trans, white supremacy, and antisemitic groups.

Screenshot source: https://twitter.com/JeremiahLee/status/1574839650438582308

#Cloudflare #Stripe #NoHateForProfit

Strong recommendation for keeping up with the cloudflare blog updates this week!

Some highlights:
* Image transformations on the free tier
* More models in workers AI
* A new hosted sqlite service where code is run right next to the db
* A new, persistent logging service for Workers
* CI for Workers
* Increased nodejs compatibility for Workers
* An upcoming container platform with GPU support next year 🤯

#cloudflare #dev

https://x.com/ValdikSS/status/1834368742278496677

#cloudflare #EncryptedClientHello

I'm not officially boycotting #Cloudflare, but boy am I tired of seeing this #captcha screen using #lynx over #tor.

Today, I received an email from a client with a "60 Day Domain Renewal Notice" from Cloudflare.
I love getting these emails because it means I get to plan yet another domain transfer away from these vultures.

In case you haven't noticed, Cloudflare operates as a domain registrar, offering cheap domain prices, but there's a catch that isn’t even mentioned in the fine print, at least not that I could find last time I checked.

Unlike other registrars, they automatically link your domain to their "free plan services," which forces you to use only their Nameservers as your sole authoritative DNS.

That's right, you can't change your authoritative DNS unless you upgrade to a "USD400/month business plan.

Feel free to check it yourself; it should be a scandal.

There are many reasons not to use Cloudflare, and this is just another one: Keep your clients/friends away.

#cloudflare #domains #dns

I cancelled #cloudflare pro subscription in May.

I got confirmation e-mails.

I got charged in June and July.

I created two tickets about it (first was auto-closed). I can not see the tickets in the interface (it is completely empty).

I only got an automated response explaining how to cancel a subscription (...).

Anyone else having this kind of problem? Obviously I want a refund. I'm not touching it (cancelling again) in the interface so they can have a look at it...

@cloudflare

🔒 Exciting times ahead! Today, I officially rejoin the team at Cloudflare, ready to dive deep into the latest in cybersecurity and cloud innovations. Looking forward to contributing to pioneering projects and tackling the evolving challenges in internet security. Let's make the digital world a safer place together! 🌐

#Cybersecurity #Cloudflare #TechForGood

Hetzner is the most admired cloud platform (75% want to continue working with it), but is only used by 5% of developers. Cloudflare admired by 68% (used by 15%), AWS admired by 63% (used by 48%), Azure admired by 60% (used by 28%), GCP admired by 56% (used by 25%).

#developer #survey #DevOps #cloud #hetzner #cloudflare #aws #azure #gcp

#Cloudflare reports almost 7% of internet traffic is malicious

https://www.zdnet.com/article/cloudflare-reports-almost-7-percent-of-internet-traffic-is-malicious/

#cybersecurity #bot

Released v0.4.2 of #LogTape, which is a zero-dependency #logging library for #TypeScript & #JavaScript! Since this version, it work well on #Cloudflare Workers out of box!

• JSR: https://jsr.io/@logtape/logtape@0.4.2
• npm: https://www.npmjs.com/package/@logtape/logtape/v/0.4.2

#CloudflareWorkers #log #logger

Wow, #Cloudflare added an option to block #AI #bots from scraping the website they host.

I wasn't expecting this level of pushback from a major Internet company
https://blog.cloudflare.com/declaring-your-aindependence-block-ai-bots-scrapers-and-crawlers-with-a-single-click

Yo, cloudflare, you're sales contact number in germany.. isn't you??!

Legit just called this number and it didn't work, tried swapping +49 for 0 and it took me to someone that was definitely not Cloudflare.

#cloudflare

Ni #cloudflare es invencible.

<b>Warning</b>: Undefined array key "ip" in <b>/var/www/uplo.ad/public_html/index.php</b> on line <b>20</b><br />

I guess it’s time for an #introduction

I do #TrustAndSafety stuff at #cloudflare

Making bad people sad makes me happy. There’s a T-shirt for that. Ask me.

In my (limited) free time I find data leaks and sometimes share them at https://rainbowtabl.es

Not gonna lie - I’m sad to see the #birdsite die.