What a ridiculous response from cloudflare. They absolutely do have the ability to whitelist an IP address, and asking someone to go to every site that’s protected by cloudflare is so stupid that it’s funny they even suggested it.
“Just go ahead and call the site owners of the 750,000 websites you’re currently blocked from accessing.”
If this isn't a trivial thing to undo, that makes me sceptical of the ability of CloudFlare to manage its own infrastructure. The action of unblocking one IP address, or at minimum triggering a re-evaluation of its reputation, is such an important base piece of functionality - what else can't they manage in their own system? If they can do it, why is it layered behind so much bureaucracy?
And such uncaring dismissal. How completely helpless this must make the user feel.
Also note, Cloudflare blocks IPs of legitimate automated "good bots" by default, like RSS feed fetchers (1), but allows traffic to some of the most aggressive bots on the web, like Google bot and all sorts of AI bots (2).
Of course, Cloudflare always tries to put the blame on the website owners which just enable a list Cloudflare provides them. Assuming the author is right, it's Cloudflare's fault for not vetting their data, not the website owner.
I'm surprised he could even make that post on their forums, being in the same situation several times before, Cloudflare is obviously dogfooding and you can't even try to get support if their systems blocks you. Smart move.
All of a sudden I'm seeing loads of "are you human" checkboxes from Cloudflare too. One of the better captchas, but I'm not sure why it's a recent thing for me.
So cloudflare added an IP to a blacklist that they curate, which is then offered to it’s many customers to automatically use, and then claims that fixing false positives is out of their hands?
This is some amazingly blatant corporate gaslighting.
Hmm. What ISPs do this? Perhaps institutions like universities?
Having to spend time verifying every alleged false positive would be expensive, and doing it for anyone that asks would undermine the security of their offering. I suppose they could temporarily delete if and see if it gets flagged as risky again.
I’d be intrigued to hear more information about this person’s ISP, location, etc.
> This guy should do as said and just ask their ISP for another address to NAT from.
Have you ever tried to contact an ISP before?
Maybe it's because I live in the USA where we usually have a whopping 2 choices for providers, but it's a MASSIVE pain to get them to do basically anything rudimentary, like replace a modem. I can't imagine calling up Comcast and trying to get them to change something like this...
Those of us who run ISPs have just as much trouble getting large corporations like Cloudflare or Ticketbastard to respond to blocked IP address issues like this. I know as I have tried to fix things on behalf of my users in the past, and it was impossible to get anywhere with anyone. The issue was magically "fixed" several years after the problematic IPv4 /22 was put into service. For reference, it was a direct allocation from ARIN. It's not like the old days when NOC contacts actually responded to emails reporting problems.
I doubt most sites are aware of the problems that Cloudflare causes.
- Lots of blogs (often product features and whatnot) that I would read and share with interested friends are broken because Cloudflare blocks their RSS feed. These companies are losing high quality traffic and referrals.
- I regularly turn away from sites because a significant number of the pageloads are delayed.
Both of these probably show up on the dashboard as "Threats Stopped". The user probably doesn't realize that a significant number of these are would-be customers.
> Both of these probably show up on the dashboard as "Threats Stopped". The user probably doesn't realize that a significant number of these are would-be customers.
My favorite experience with CF remains the time I got blocked by them and then... I think it was the same day, but very shortly thereafter... I got an email from them bragging about how many "threats" the block every day. Like... yeah, that number means something different to me than it does to your marketing team.
What do you mean, "So?" This is maybe one step below being removed from the ability to have a checking account. He has been removed from Internet commerce with Zero Recourse and even gaslit by the company harming him.
This will keep happening because people like you will just flippantly continue saying, "It's not my problem." It will become your problem soon. As companies continue ignoring completely screwing a slowly growing percentage of people, that demographic will do what he will likely do next, call his local congressional representative to grab your company by the metaphorical ear.
Internet companies have incredible legal privilege right now. As expected, they are now abusing it as they have grown large enough. I'm glad these companies are filled with people like you because you don't even mask yourself. That is what will make the boot come down faster and harder.
I believe that cloudflare should at least have some kind of form where users can make their ip trustworthy. They can still be suspected for a period of time and in case there is another sign of malicious behaviour then they can get banned for even longer. Just ignoring them and throwing infinite amounts of redirects and captchas seems like a terrible experience for normal users.
btw, you writing has such a dismissing, arrogant and undermining tone that I would downvote you if I could.
“Just go ahead and call the site owners of the 750,000 websites you’re currently blocked from accessing.”
reply