Sign in / up

Fsck Cloudflair

This topic was created by asdf .

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. asdf

    Fsck Cloudflair

    With the recent NSA BS many of us these days are using tor and nothing makes the internet suck more that captcha serving specialist Cloudflair which good ol Reg is using as well. I understand the need to protect from the baddies, spammers and bots but that is a small minority using tor to visit your site. As a workaround for the tor users by the way hit http://www.unblockwebsites.us before El Reg for yet more latency but no captcha bullshit. Oh well at least there is some sort of work around.

    2 0 Reply
    1. asdf
      Reply Icon

      Re: Fsck Cloudflair

      Bah of course its CloudFlare but its much more like the annoying flair from Office Space and thus the mix up.

      0 0 Reply
    2. firu toddo
      Reply Icon
      Facepalm

      Re: Fsck Cloudflair

      Interesting that The Register bangs on about privacy and security but make it as difficult as possible for privacy freaks like me to connect to the site without effectively registering for tracking with Crudflair. And doesn’t use HTTPS for the connection.

      There also seems to be an assumption the tor=bad guy. So tor nodes are forced to Crudflair for crapcha verification, and the crapchas are getting more aggressive. Two six character images twisted in to colour contrasting pasta bow shapes at a low resolution.

      Crudflair suggest that the targets of this hassle and levels of hassle are under the control of the customer. In this case our beloved Vultures. Any chance of sorting this mess out guys?

      3 0 Reply
      1. Marco Fontani
        Reply Icon

        Re: Fsck Cloudflair

        There also seems to be an assumption the tor=bad guy

        Nope, if that was the case we'd have simply banned known tor exit nodes IPs, or 403'ed known tor user-agents (or both).

        That doesn't mean that a lot of hurt can't come from tor connections, though!

        So, forcing traffic from known-possibly-bad locations to answer a captcha in order to progress through is a kind of "acceptable middle ground" between "yup, go ahead, possible robotic connection with possibly malicious intentions" and "fuck off, tor user".

        If your tor browser clears cookies every time you close it, and you tend to close it ten times per day… well, each time your browser will seem to Cloudflare to be a "new" one, and you'll have to answer the captcha.

        Crudflair suggest that the targets of this hassle and levels of hassle are under the control of the customer

        Yes, that's right.

        The "security level" on cloudflare has been set to "medium" six months ago. As such, connections with a "threat level" > 14 are shown a captcha. A "threat level" of 10 is considered "high" by Cloudflare - so we're doing quite right in only blocking > 14.

        Even with that security level system in place there's still a lot of shit traffic that goes through, though, so it's unlikely we'll want to lower it anytime soon.

        3 1 Reply
  2. Callan

    Ya - CF has just started doing that for me - 9-11 clicks just to visit a webpage hosted by them.

    I use a fulltime VPN just for privacy (Live in Australia - 'nuff said.), I tend to be very "non-persistent" with my browsing, and I'm more likely-as-not to click away from the site, rather than go through a "pick the picture" captcha (with confirmatory dialogue boxes BEFORE and AFTER the "game". )

    El-Reg. Anything you can do your end to stop this short of bullshit?

    Julian

    3 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      We are on medium settings

      Julian - sorry that this is not working for you - but see Marco's answer above. Cloudflare helps us to mitigate ddos attacks and it reduces latency and very affordable prices. More than 1 million websites use Cloudflare - so this is going to be a problem for you whatever we do.

      2 0 Reply
      1. Known Hero
        Reply Icon

        Re: We are on medium settings

        @DrewC "More than 1 million websites use Cloudflare"

        I think he is expecting you to lead by example ;)

        3 0 Reply
  3. Marco Fontani

    I've "recently" (weeks, not days) modified Cloudflare's settings and made requests coming from Tor only require browser client-side "proof of work" in order to be validated, instead of making their system sometimes force a captcha on requests.

    I've not seen any more comments on the forums to the tune of "fsck cloudflair captchas" since, but wondered if you, the actual _users_, noticed any difference… or just didn't care :)

    1 0 Reply
    1. Michael Wojcik Silver badge
      Reply Icon

      I've just started getting the Cloudflare captcha bullshit. If I see it one more time, I'm going to stop commenting. Probably going to stop reading the site, too.

      And I'm not using Tor.

      2 0 Reply

  4. This post has been deleted by its author

  5. Vimes

    On a not entirely unrelated note:

    http://www.engadget.com/2016/04/03/tor-and-cloudflare-fight-over-blocking/

    (incidentally would it not be possible to detect URLs in comments and automatically add them as hyperlinks rather than force them to be added manually?)

    0 0 Reply

    1. This post has been deleted by its author

  6. Vimes

    @1980s_coder

    You deleted your post?

    Coward... :)

    1 0 Reply
  7. ElReg!comments!Pierre
    Unhappy

    Possibly related recurrent TLS F**k-ups

    These days I'm seeing a LOT of TLS errors when connecting to El Reg (comments, articles, frontpage, the whole lot). That's from at least 3 independant connections from my side (unrelated IPs) and 4 different machines, 3 different browsers. It often causes lost comments (back to blank form, please retype...). In fact I have now resorted to typing my comments in a text editor (Vim, since you ask, because that's the best text editor ever, obviously ;-) ).

    This started as intermittent but is now >50% of my attempted connections to El Reg. Sometimes agremented by a CloudFlare exhortation to activate JavaScript, or else (some sort of redirection then kicks in, and I am served the desired page regardless of JS activation. Sometimes.)

    My F5 key kindly asks you to sort your shit, pretty please.

    Comment copy / pasted from Vim because I may get yet another TLS error on the first few tries

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon