Feedback - your repeated Cloudfare security checkbox sucks.

DanyL

Valuable Member
View Badges
Joined
Jan 13, 2023
Messages
1,624
Reaction score
2,003
Location
Middle East
Rating - 0%
0   0   0
Hi Dany - you appear to be conflating and/or reframing parts of what I said. I have no interest in further developing a pointless conversation that does not aide the OP or R2R.

I simply gave the OP the most likely causes, based on simple facts. I also explained the general issue with the risk of loosening filters to accommodate what is likely a small portion of the user base that is inconvenienced. Sometimes there are no easy fixes for things was the point. That decisions is of course is up to R2R and whoever manages their DNS and firewall.

I don't really care to get into the weeds with edge cases, geopolitical IP issues, or the actual features of each CF tier (a product that you admit to not being overly familiar with) or quibble about what sites get what kind of traffic or what level of filtering that they need or what particular threats or attack vectors they need to worry about.

FWIW - I am not a "researcher" - this is what I do hands-on every day with more traffic sources and endpoints than I care to discuss here. Simply put, this is an area that I have specific expertise in. But, thank you for offering your take.


It may or may not help, depending on what is triggering the Turing test. There is a lot more involved than just IP.
No, I’m not trying to conflate or reframe what you have said, at least not that I’m aware of. Read again what I wrote and what are the possible reasons you pointed out in your first couple of comments here, this could be intimidating to someone not familiar with it, and I believe I gave reasonable explanation to what have happened, eliminating most of the options you pointed out there.

Yes, I made it very clear that I’m not working with CloudFlare, and my field isn’t related directly to IT, websites nor defending them either - that doesn’t mean I don’t have background in this field however.

Yes, I am a “researcher” - I’m not quite sure whether you quoting it was supposed to be an insult or..?
Should I really care about it? No, of course not. But it was noted.

Pointing out statistics is indeed not a cutting proof, but is something that clearly shows that R2R CF configuration is different than other - both large (Oranges) and similar (Apples) sized websites, meaning there is a middle ground compromise. Combining this with my actual expertise to determine wether any device in my network was compromised, as well as speaking with multiple local members across my country about the behavior of this issue - I rightfully came up with a reasonable explanation.

English isn’t my first language and I usually spend a lot more time read and write proofing my discussions, which I obviously don’t do for casual comments on the forums, but hopefully this distilled my point in a way that you may understand it better.

Admittedly, I always respected your opinions and ability to discuss different matters prior to this last comment.
I’m not sure what triggered you, or whether It’s just me imagining the tone in there.
I hate to assume, so I’m giving you the benefit of the doubt.

Have a good day.
 
OP
OP
2una

2una

Active Member
View Badges
Joined
Dec 27, 2016
Messages
475
Reaction score
417
Rating - 0%
0   0   0
Looks like the problem is not a large one.
I have a VPN so tried it out.
US - no CF as expected
Australia - no CF
UK - no CF
Sweden - no CF
Germany - no CF

Seems the 2 I did get CF on is Israel + South Africa
Where do we pick up our bad guys badge from?
 

BeanAnimal

5000 Club Member
View Badges
Joined
Jul 16, 2009
Messages
6,131
Reaction score
10,561
Rating - 0%
0   0   0
Hi - I am not upset -- and yes there may be some loss of context and tone both with typing and language.

I tried to point out that there is no argument of benefit to be had here and to that end I am not sure exactly what the point is.

I think the only disagreement may be how easy it is to fix or even diagnose issue like this given the platforms involved -- and that is not something either of us have access to solve. So we had a brief conversation about that, but there is not much more helpful that can be said from either of us.

You have a good day as well, thank you again for your perspective.
 

BeanAnimal

5000 Club Member
View Badges
Joined
Jul 16, 2009
Messages
6,131
Reaction score
10,561
Rating - 0%
0   0   0
Seems the 2 I did get CF on is Israel + South Africa
Where do we pick up our bad guys badge from?
Two different badges...

SA ISPs historically do not police their outbound traffic and therefore it is a haven for an extremely high number of SPAM and BOTNET endpoints -- but the overall address space is not that large at less than 7 million total IPs. It is a "wild west" kind of thing.

Israel - again not an overly large address space (~8 million) and there is an extremely high volume of non-browsing traffic from Israeli IPs, including cybersecurity firms, intelligence-related activity, research crawlers, and automation (both malicious and legitimate) that dominate that small address space.
 

DanyL

Valuable Member
View Badges
Joined
Jan 13, 2023
Messages
1,624
Reaction score
2,003
Location
Middle East
Rating - 0%
0   0   0
Hi - I am not upset -- and yes there may be some loss of context and tone both with typing and language.
I always appreciated your comments, so it seemed very unusual, sudden and uncalled for. I’m glad it wasn’t the case.

I tried to point out that there is no argument of benefit to be had here and to that end I am not sure exactly what the point is.
Well, this is where our views differ.
I see a HUGE benefit to my end to prove that it isn’t some widespread problem with my country being blocked by CF, but rather a problem limited to the configuration of R2R specifically, which for this I presented my findings, and consequently disproved some of your points.

The way you seem to present it (or at least the way I view your argument) - is that it is justified, and not in R2Rs control unless they pay for an enterprise account - which I strongly disagree with, given the behavior of CF on literally any other website using it, and knowing the amounts of money an enterprise tier costs which most of these sites wouldn’t be able to afford.

I think the only disagreement may be how easy it is to fix or even diagnose issue like this given the platforms involved -- and that is not something either of us have access to solve. So we had a brief conversation about that, but there is not much more helpful that can be said from either of us.
I do believe it is a difficult issue to diagnose, and even more so when those in charge and with the technical knowledge aren't experiencing it, which immediately lead them to assume it is something that isn't in their ability to fix, or requiring features that aren’t available on their tier.

Given that I have been personally experiencing it, and I am capable enough to diagnose it from my end - it does give me credibility on the matter from a different angle than yours and revs, and it also provides enough evidence that it is an isolated issue with R2R, which should have a solution to it.


Israel - again not an overly large address space (~8 million) and there is an extremely high volume of non-browsing traffic from Israeli IPs, including cybersecurity firms, intelligence-related activity, research crawlers, and automation (both malicious and legitimate) that dominate that small address space.
It’s very easy to point fingers at what seem to be the most obvious reason - and it only proves my point from earlier.

You probably aware that it isn’t any different than the traffic coming out of a few more locations in the world, some of which are located in the US, too.

Perhaps CF is restricting it due to the war? Sure, this makes more sense and actually did happen - but than, it doesn’t make sense why when they lifted the restrictions that were applied when the war erupted, R2R kept behaving like this to this day, and it is alone in that category.


@revhtree Just to say it out loud - the experience of using R2R in this condition is absolutely unbearable.
I want to say that you’re getting used to it - but no. I simply stopped writing comments as long as the ones I written here and much less inclined to comment in general, due to the fact that I’m not able to properly quote messages, mention other people, upload attachments, seeing replies that occur while I’m writing my own, and basically anything that needs a valid token, which requires me to constantly refresh the page to get it working again, only to then discover that everything I written in the past few minutes is gone, because of course saving drafts doesn’t work either. Sure, I now copy-pasting between refreshes - but sometimes I forget or didn’t press the right button when I’m on mobile, and than have to rewrite it from scratch, which becomes frustrating very quickly and causes my comments to either be blunt compared to what they originally should’ve been, or to be scratched completely which is usually what I end up doing in this scenario.

P.S - if CF ever does an ICO, this post alone would worth a few millions of dollars.
Many tokens have been sacrificed to bring it to you, so use it well and don’t let them go to waste
 

BeanAnimal

5000 Club Member
View Badges
Joined
Jul 16, 2009
Messages
6,131
Reaction score
10,561
Rating - 0%
0   0   0
The way you seem to present it (or at least the way I view your argument) - is that it is justified,
Sorry you got that impression. Justified was not (at all) the context, rather just the reality that it is a byproduct of current filter parameters creating false positives.

and not in R2Rs control unless they pay for an enterprise account -
I do think it is out of their control, rather my point was that the settings are much less granular than you assume them to be.

It’s very easy to point fingers at what seem to be the most obvious reason - and it only proves my point from earlier.
I typically apply Occam's razor for early diagnosis of a problem :)

@revhtree Just to say it out loud - the experience of using R2R in this condition is absolutely unbearable.
I don't disagree with how absolutely frustrating that must be for you and do hope that they can find a reasonable balance that will alleviate some of the frustration.
 

DanyL

Valuable Member
View Badges
Joined
Jan 13, 2023
Messages
1,624
Reaction score
2,003
Location
Middle East
Rating - 0%
0   0   0
I do think it is out of their control, rather my point was that the settings are much less granular than you assume them to be.
If it was out of their control, than it should’ve been out of many other websites control using the same tier, wouldn’t it?

You see where our claims clash?

As for configuration granularity of the basic tiers, I was aware of it even from before this thread, just from the ridiculous drama with CF from last year. So I never really even tried to contradict this claim. I’m aware of it.

And I do understand the claim that R2R may need some more restrictions than smaller websites, but isn’t able to afford the granularity of an enterprise tier that well funded websites have - but given the amount of websites using CF I visited since this problem started, I find it extremely hard to believe R2R would be the only one affected, and in that case - I allow myself to assume a misconfiguration is likely in play here.

typically apply Occam's razor for early diagnosis of a problem :)
That’s part of human nature, hence why I was able to predict it ;)
But once more information is available, I do believe we need to adjust accordingly.

P.S - My Herbie just started gurgling out of no where (really).. must have heard I’ve been discussing with you here :face-with-hand-over-mouth:
 

BeanAnimal

5000 Club Member
View Badges
Joined
Jul 16, 2009
Messages
6,131
Reaction score
10,561
Rating - 0%
0   0   0
If it was out of their control, than it should’ve been out of many other websites control using the same tier, wouldn’t it?
If other sites don’t have the same issue they are not using the same configuration. That likely means turning something off or altering a rule, that’s been the point all along. I can’t speak for R2R to say if the reduced level of filtering is acceptable to them or not. There is not a lot to misconfigure.

I personally find CF to be less than ideal for anything more than DNS proxy and caching on lower tiers due to lack of options. But it is easy and affordable.

There just isn’t much else to say. I do understand the frustration though and hope that they can find a way to sort it out for some of you.
 
Last edited:

TOP 10 Trending Threads

WHAT WAS THE REASON FOR THE MOST RECENT FISH PASSING IN YOUR TANK? WHAT DID YOU LEARN?

  • Suspected natural causes/Advanced age.

    Votes: 5 7.4%
  • Illness/Disease.

    Votes: 11 16.2%
  • Environmental Incompatibility/Parameter Issues.

    Votes: 3 4.4%
  • Prey for another reef inhabitant.

    Votes: 2 2.9%
  • Disappearance - Presumed as passed.

    Votes: 15 22.1%
  • Jumping out of the tank.

    Votes: 16 23.5%
  • Fish aggression from other reef inhabitants.

    Votes: 4 5.9%
  • Equipment Failure.

    Votes: 3 4.4%
  • Other (please explain).

    Votes: 9 13.2%
Back
Top