based cloudflare
CF aside, I’m not the biggest fan that Ladybird decided on Swift, since it’s such an Apple-centric language. Wish they’d sponsored Servo instead.
Servo kinda died when the main people left
Swift is open source (Apache 2) and is a very pleasant language to work with. I would have gone with Rust, personally, but I can’t fault anyone for choosing Swift. It’s a very underrated language.
Cloudflare PR. Fuck them. Blocking VPNs from accessing websites is very open web of you.
Cloudflare blocks VPNs at the request of whoever is running the server. There are tons of websites running on Cloudflare that work with VPNs.
There are also many Lemmy instances that are intentionally blocking VPNs because they have to to stay afloat.
Exactly. My employer uses Akamai, which is larger than Cloudflare. Akamai provides the ability to block traffic from Tor, traffic from VPNs, traffic from any countries you desire, and so on. They also provide managed lists of countries listed in things like ITAR so you can easily block them if you want.
Nope. Cloudflare use a complex set of fingerprinting tools that determine security scores. It’s literally social credit system for web user agents and the site admits have little control over that.
While true that there are security scores, the site admins set which score (if any) to block at. So, they do have control over that. Same goes for the bot fight mode as well. So, site admins do have control over whether or not to block based on the associated score, just not over the calculation itself unless configured otherwise.
The control is very limited unless you’re enterprise subscriber and even then CF is super sneaky and doesnt actually report the real world. I had a few clients where they were clearly suffering losses due to cf implementation (you could literally see sales dip when cf is enabled) but they didnt believe me because cf dashboard doesn’t report false positives or anything of that sort and they had no in house analytics to really understand the issue.
It’s literally not limited. If you don’t put a WAF rule based on the score then it doesn’t get blocked based on the score. It’s that easy. I’ve got clients and my own site on Cloudflare, so I know how it works. You don’t even need the pro subscription to do that.
You control the score but not how its calculated. My score is incredibly high just because I’m on Linux with Firefox - how important is that to you as an e-commerse site admin?
I said that in my original comment:
just not over the calculation itself
If you don’t use the score, it’s not a factor. I don’t use the score at all for my clients. You are not required to use it.
I’m using a VPN with my cloudflare reverse proxies right now. That blocking is configured by the website owners, not Cloudflare.
It is Cloudflare that creates this functionality and gives access to it to its customers though.
I didn’t say they didn’t. But if a site is blocking you, that’s the site admins configuring that, not Cloudflare.
For what it’s worth when you set up your site on cloudflare you get to choose how strict you want security to be and what URLs it applies to, or just disable it and use it only as a CDN. Or even disable routing entirely and use it only as your DNS.
It would be nice if they were more clear that enabling some features might block legitimate users though.
Isn’t Ladybird adopting Swift as their preferred language? I’m slightly confused on why Ladybird over Servo. But I am sure people at Cloudflare have more knowledge than me. So I guess there is a good reason.
Yep, they’re moving from C++ to swift.
How does that work?
Working with raw buffers and memory in Swift is a frustrating experience.
I’m a big fan of Swift, but when I drop to systems level I don’t feel it’s a good fit.
Here’s the dev’s post: https://x.com/awesomekling/status/1822236888188498031
(Sorry for Xitter link)
Thanks, I couldn’t figure out how to convert the x.com URL to xcancel. Do you just change the domain?
Yep
Awesome to hear!
The best way to test a language for a project is definitely this bake-off method, so I do trust they did their due diligence.
fuck cloud flare
How come?
How can people not see that any single corporation standing between us and 20% of the entire interweb is a bad thing? You think this time they are going to turn out to be the good guys?
Why blame Cloudflare though? Make your own service or push other companies to offer their services for free like Cloudflare. If Cloudflare is “fucked” like you want to, do you think the web will become more free? No, those 20% of the web will either be gone(because it’s not free anymore), or will move to those really big corps that own the other 80% of the web.
What’s a good alternative?
Not using cloudflare
What’s the alternative to survive all the attacks and bots cloudflare blocks?
Cloudflare doesnt want an open web, wtf… More ridiculous fake posturing from big tech.
I think they do
If everything is big tech and walled gardens. what is cloudflares role?
Same roll it is today? Sell spyware and data hosting.
Big tech and walled garden operators don’t need Cloudflare for that. They can roll their own, for less.
Why does CloudFlare not want an open web? I don’t know why they care. Can someone please explain? Is it because they sometimes block VPNs?
They do.
The basis for the FUD is that Cloudflare controls a lot of the web since they’re used as a CDN, DDOS mitigation, domain registration, etc. However, what the FUD fails to mention is they don’t provide most of the infrastructure for the web, Amazon AWS, Google Cloud, and Microsoft Azure totally dwarf their footprint. DDOS protection and whatnot may be provided largely by Cloudflare, but not the rest of the web stack.
Cloudflare very much doesn’t want one or two companies to dominate the web because that’ll kill their business model. The more diversity there is on the web, the more attractive their services are, because people are willing to pay for things to just work.
I can explain. Cloudflare does not block VPNs, some website owners choose to block VPNs using Cloudflare services.
Cloudflare itself is very open to VPNs, like you can use their free services to proxy your VPN over their network bypassing country providers blocking. You’ll have to pay a lot for such service in Amazon or Azure.
So their business model is that poor people can receive cool services for free providing marketing for their business clients to pay for even better services. And they do provide cool services for free and even better services for reasonable payments.
Closed web means Google, Amazon and Azure own their business and the web. They don’t want that neither in business sense nor in moral sense.
Edit. I’d like to emphasise that Cloudflare is the only CDN that provides their basic services for free to common people, making the web available to common people, making the web more free.
I’ve seen a couple of threads here where people shit on Cloudflare(including this one). They are stupid, don’t know how the web works and are out of their minds.
Cloudflare wants the web to be made of web pages. But they also have an interest in the web being at least slightly dangerous (so there’s an incentive to buy their protection services), and at least somewhat hard to make work well when served from a potato (so there’s an incentive to use their CDN to shave off those milliseconds of latency). And, as a large provider of excellent and often free services, they end up as an administrative single point of failure and thus a potential point of control. It’s a lot easier to wiretap one Cloudflare DoH resolver than thousands of ISP routers across dozens of ISPs, for example.
None of this is because Cloudflare is somehow Bad People; they’re powerful and thus dangerous, but not, as far as I can tell, evil. The worst thing about them seems to be that they’d prefer to stay out of content moderation completely rather than try to find and boot all the Nazis, which looks like it might be an incorrect position that is possible to support with arguments.
they’d prefer to stay out of content moderation completely rather than try to find and boot all the Nazis
With how loose this word(and others) is used nowadays by people from Israel, USA, Russia, Africa and maybe other countries I prefer Cloudflare to stay that way.
They are the equivalent of the Dune universe’s Spacing Guild.
They who control the MLP fanfic, controls the webiverse.
Idk, but a lot of Lemmy instances also don’t play nice with VPNs. Some of them are using Cloudflare, but idk if all the ones blocking VPNs are the ones using Cloudflare. But bot traffic is a big problem, and Cloudflare poses a solution to that. It’s not the ony solution, but it is a pretty good one.
You can’t really have a free social media network and not have it block VPNs. At least not with large public instances.
Care to elaborate, or are you just saying things to get a reaction?
Cloudflare alternatives anyone?
I’d say Bunny CDN is pretty good, but here’s a more complete list: https://european-alternatives.eu/alternative-to/cloudflare
Omarchy mentioned!!
Ladybird instead of Servo? And then some obscure desktop environment? What the fuck are they even trying to achieve here? We already got some big names and they’re betting on the small ones?
Ladybird has been a serious competitor for months, and its ideology is excedingly good and user-oriented, so thats why
Idk why they sponsored Omarchy, but it looks cool, altough I dont see what they’ll get from that
Omarchy is a Linux distro.
And I think ladybird is a bit larger of a project than servo, and they can’t sponsor every single browser engine.
Ladybird has ambitions of being an actual end-user browser, servo seems to only have ambitions of being a browser engine.
Servo seems more useful to me. Think Blink and Webkit.
Chromium is a browser. WebKit is an engine. Maybe you meant Blink?
My bad, yes.
Ladybird needs to be careful who they accept money from
