Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "cloudflare"
-
Today, I learned the shortest command which will determine if a ping from your machine can reach the Internet:
ping 1.1
This parses as 1.0.0.1, which thanks to Cloudflare, is now the IP address of an Internet-facing machine which responds to ICMP pings.
Oh, you can also use this trick to parse 10.0.0.x from `10.x` or 127.0.0.1 from `127.1`. It's just like IPv6's :: notation, except less explicit.8 -
"Oh, he is asking that much money for this website? I will create that for only $250 with WordPress. He is just trying to use you"
You fucking wanker. What you don't understand is that you are pushing the companies to a fucking black hole that they won't be able to recover from.
He shows an example of a website which takes 30 sec to load. It's full of hundreds of dreadful plugins. He chose the shittiest stock pictures to make it look "pretty".
When I point out his fucking shite website takes this long to load, he says if the company wants to make the website fast, they will need buy the premium plan of CloudFlare. WHAT THE FUCK are you even talking about?
Not only that, the example website, doesn't even have any SSL. He is saying that the other company didn't want to pay for the SSL. Ever heard of fucking StartSSL or LetsEncrypt?
It's people like you who is responsible for making half of the web an insecure, slow, low-performance space which is prone to hacking.
WordPress was made for blogging. KEEP IT THAT WAY. Stop trying to make your high-performance CMS or eCommerce website with this shite.20 -
Google: this sha-1 collision is really gonna fuck up the internet more than anything else today
Cloudflare: hold my beer
CloudBleed2 -
Weekend so far:
Chrome Update FUCKED UP my website.
Tried to update my server to Ubuntu 16.04. That FUCKED UP in the middle and I didn't have any recent backup.
Went back to old backup. But didn't see any changes in the website. Was wondering that for 1 hour.
Forgot that my website was using cloudflare caching. In the meantime I have changed my DNS settings.
Out of frustration removed website from cloudflare. That FUCKED UP the DNS further.
Now I have no idea how long it will take the DNS to update.
FUCKING F M L6 -
I get a call: "Hey the site is down. Fix it!"
Worked on my workstation, not on my phone => DNS issue.
Local cache: "All OK"
ISP's DNS: "No record"
Google DNS: "Server error"
MXToolbox: "All OK"
CloudFlare DNS: "Domain? What domain?"
After a day of fucking around with configs and wanting to strangle the customer support guy, I just started pressing buttons, until suddenly, it worked. Turns out I'd accidentally enabled DNSSEC on a domain, that wasn't configured for it.
Lesson learned: There is no official DNS error code for "DNSSEC failed somewhere upstream". If you're lucky, you might get something useful out of the authoritative server, but apparently not on Mondays.8 -
So apparently two "senior" "laravel-engineers" spent a total billed 35 hours trying to figure out a "critical bug" which "doesn't happen locally".
I went to the dev-console, saw it is generating http urls (fronted by cloudflare https, running on http server-side) and fixed that in maybe ~15 minutes, fucking morons.9 -
"Hmm, I wonder if Cloudflare has a limit to the amount of data I can store in the CDN"
*Uploads a shitton of crap to a Nextcloud server and caches everything via cloudflare*
So far - 300GB stored.3 -
Found this on mastodon:
I sometimes imagine that somewhere there must be a Ministry for Messing Up the Internet. It would be like a Monty Python sketch.
Each day a new idea would arrive in the intray of an official who looks like a young John Cleese. They would form a large pile of papers.
[reads] "Make a protocol so complicated that nobody can understand it. No the Sematic Web has already been tried".
[reads] "Ban all the cat photos for spurious copyright reasons. No, we already have an upload filter in progress to do that".
[reads] "Fill Tim Berners-Lee's socks with elephants. No - much too silly."
"Ah yes, [reads] make a giant man in the middle that everything on the internet has to go through like a sausage machine and get squirted out on the other side, hopefully in the correct order. Bernard, get Cloudflare on the phone immediately."
@bob@soc.freedombone.net2 -
Sometimes the design decisions of big companies amazes me.
I wanted to contact support of Cloudflare. The only way to submit a new support query is by logging into the account first.
My problem is that I can not log into my account. What a bunch of retards.4 -
The company I work for (very big IT consultancy) has made the absolutely genius decision to put a block on the corporate proxy for GitHub. GITHUB. Because no fucking software developer ever needs to visit there. Their reason? "We don't want people publishing our intellectual property". Mate, I can fucking guarantee you that if unscrupulous bastards want to publish code against our T&C's, they will do so. Why make every body else's job harder and block it?!
But the best bit, you can submit a request (that is accepted without question) to get yourself an exemption. WHY THE FUCKING FUCK HAVE THE BLOCK IN THE FIRST PLACE THEN
To add to their fucktardery, they blocked the CDN that hosted stackoverflows css and JavaScript last year (CloudFlare) weeks after the alleged hack was fixed, and seemingly without any research at all. This obviously rendered stackoverflow unusable. Because again, why would a company full of engineers need to go there.
Morons.4 -
Apple was founded and gmail was launched on 1st of April. Now to the list,
Cloudflare launches https://1.1.1.1 on April 1st.3 -
MAINTENANCE OF STACKOVERFLOW PLANNED
SHARE TO YOUR NEAREST DEV FRIENDS
Stackoverflow and its relative partners will be closed for two days due to maintenance, new design, and moving server infrastructure from United States to 1km below the Switzerland Alps for extra layers of security. This decision was made by the recent CloudFlare data leak.
Now our servers will be able to handle data leaks because even though the data was leaked, it will fill the empty places in the rocks resulting inaccessible from attackers.
Stackoverflow and its relative partners' maintenance estimated time is February 29 - 30. We will try to finish as fast as possible and bring you guys the best experience. If the maintenance delayes, we will tweet via @StackStatus or post details in our status blog.
Thank you for your support and have a happy day.
Best regards,
Stack Exchange team6 -
Holy shit my server survived a DNS amplification attack!
I thought my iptables rules were not very effective, since I kept seeing 1-2 ANY requests getting through my pihole (only to be ignored by the upstream cloudflare server).
Turns out, they never actually *kicked in*, until now.
The craziest part is that one ip belongs to the Ministry of a country!! :O
Eat that, motherfuckers! God I love it when this shit actually works!5 -
Read an article that said "a successful DDoS attack [costs an organization] about $100,000 for every hour the attack lasts, according to security company Cloudflare"
And while I don't doubt the number, it still should read
"...$100,000 for every hour the attack lasts, according to company selling DDoS protection, Cloudflare"3 -
Every damn time, on every damn website! Why Cloudflare why??rant i am the same person i was 5 minutes ago what do ya need cloudflare? you fucking with me? 4th tag20
-
> clicks Twitter shortcut
*dns probe failed*
"oh, is cloudflare dns down?"
> goes to cloudflarestatus.com
*dns probe failed*
"ah, right dns isn't working..."6 -
Cloudflare listed as an advertising company, so much for your privacy.
https://crunchbase.com/organization...18 -
LOL Have I Been Pwned has pwned itself, cost-wise. Here the steps:
1) Go all in on cloud shit like Azure
2) Think you're a smartass
3) Trick the cost side with even more cloud, this time Cloudflare
4) Be not quite as smart as you think
5) Enjoy your 7000 EUR bill
6) Make some tweaks and continue with step 2.
Source: https://troyhunt.com/how-i-got-pwne...
Bonus laughter: he's a "Microsoft Most Valuable Professional", though not an actual employee.22 -
Had a configure issue on a site running through CloudFlare hosted at WPEngine. Support on chat guy says "can I take a look at your setup" so I screenshot him! He says they're are new ways to point to WPEngine whilst using SSL so I say OK and he points me to a support article which seems accurate. He then says now I want you to change two records so I say ok (not thinking) which I do (stupidly)
Result site no longer reachable.
What do I do now? He says very seriously "you need to wait 24-48 hours for the DNS to propogate"
"Your joking it's a huge site with 20k visitors per day with advertisers on it"
"I'm sorry there is nothing I can do until the DNS YOU changed has propagated"
"I changed?" "Yes you changed the CloudFlare settings"
"You told me to!"
"Is there anything else I can help you with?"7 -
DECLARING CLOUDFLARE WEEK
DISCLAIMER : THZ CLOUDBLEED
Hey guys remember when gitlab was something blah blah? Now lets talk about cloudflare for a week!9 -
<!DOCTYPE html>
<head>
<title>hiCloudflare</title>
<link rel="stylesheet" src="main.css" />
</head>
<body>
<h1> Don't mind me, just taking my buffers for a walk</h1>
<script type=2 -
*Writes Voting platform*
*Uses ips to stop duplicate voting*
*Notices how lots of the IPS are similar*
*investigates*
*Traces IP*
London? Cloudflare?
Oh shit. Cloudflare HTTP proxy...
fail.5 -
I should just quit. I am not paid enough to deal with this pissing contest.
Reviewer:
Need to add instructions (on readme) for installing pnmp, or if possible, have the top-level npm i install it (lol).
Also, it looks like we are no longer using lerna? If that's right, let's remove the dependency; its dependencies give some security audit messages at install.
Me:
it's good enough for now. Added a new ticket to resolve package manager confusions. (Migrate to pnpm workspaces)
Reviewer:
I will probably be responsible for automating deployment of this (I deployed the webapp on cloudflare pages and there is no work that needs to be done. "automating deployment" literally means replacing npm with pnpm). I disagree that it's good enough for now.
Imagine all readmes on github document how to install yarn/pnpm.
Lesson learned:
If you think an OOP static site developer can't handle modern JS framework, you are probably right.2 -
The company I am currently working for is partnering with another startup. Nothing special about that. We should integrate their API into our system. I wasn't involved in the process when it came to checking there API and if it would work with our Systems. The Person who did that already left the company so I was left behind with some internal documentation. In that Documentation is already written that API is basically trash....
After I started integrating the API I found more and more flaws in the design. They are not sending any responses that would help, when a param is missing or the authentication isn't correct, only 500's . I got some documentation from the partner company so i thought it will be fine as long as the Documentation would be accurate. Turns out the documentation isn't even close to be up to date. Wrong content types wrong endpoints, wrong naming. Basically we could not work with that. We shortly contacted the partner Company. After a few WEEKS we got a response that they updated the Documentation what was right but still not everything was correct. At this point I lost my mind. I researched a little bit about them, the company is founded from 2 young people who basically came strait out of the University and doest have any experience or idea how to build an API. I investigated a little bit there websites.
They have an Admin panel on the base domain from their API but it is only accessible via HTTP. Like WTF , They use HTTP for an Admin Panel this must be a joke right?
They use Cloudflare without a HTTP to HTTPS redirection ???
I really had not that much time to research in there website but if I find these things in 5 minutes I don't want to know what I can find in like an hour.
At the end we will still use them as partners because surprise surprise our company already sold the product that uses their API.
I know that I will be the person who has to help fixing this shit when it breaks and it will break 1000% JUST FUCK THIS SHIT. FUCK THE PARTNER COMPANY. FUCK THERE API.2 -
I provide hosting for my clients. About 3 months ago I discovered that the hosting company that I'd been using had been swallowed up by EIG, which explained why the tech support had gone downhill.
So, I jumped to another hosting company. Same shit different company!
Apparently the fact that my browsers sit at "connecting" for up to 30 seconds, and I get a "could not connect to" message half the time while I'm trying to fucking work on a deadline is the fault of some plug-in in a WordPress installation!
Oh yeah? Why then does this shit happen when I'm working on a pure html/css site?
Why then did it start happening after they "updated" my shared server?!
Oh, but the bastards suggest that I buy Cloudflare or pay for more space!
You fuckers made my work take 3 times as long, and you made an important migration fail!
Network places make mistakes. We all do. That's cool. Fucking own up to it, talk to me like a techie, and DON'T TRY TO BLAME IT ON ME OR MY TOOLS!
Fuck you! I think I'm gonna give Google Cloud a try, and do this shit myself!7 -
@linuxxx
I have a suggestion for you,
Please set up an Unbound resolver so people does not have to depend on big actors like Google, Cloudflare or quad9.13 -
My client's using some legacy server side software. I set it all up nice and isolated with proxmox, tunneled it through cloudflare, got the folks to do their install on a windows vm, passthrough their licensing usb. Hosted GLPI on it too (system inventory) and so on.
Wait for it. Windows Server refuses to accept local or domain passwords. WTF. Even went ahead and did a Utilman reset on it which lets you use an admin cmd prompt to the login screen where you could reset the password. Insane that it was even possible, but no good.
Client blamed linux for it, I switched over to Windows Server on baremetal. I setup Hyper-V thinking it should be just as capable as KVM.
Nope.
Guess what, you can't pass through usb for licensing (the legacy software). MOFOS DECIDED TO install it baremetal. I couldn't even get hyper-v to create a decent virtual network. It keeps changing all my network adapter settings. I COULDN'T EVEN PASSTHROUGH PCIE NETWORK CARDS.
This feels like an eternally stagnated, mossy soup of abandonware.
FUCK YOU WINDOWS. You've been sore pain the ass for EVERYONE.2 -
When your websites start returning 502 errors all of a sudden and you can't figure out why. Clear PHP artisan cache, restart Nginx, make sure PHP-FPM is running. Still 502 errors. Then you find out Cloudflare is down. 😐😐😐
This was me last night.3 -
Fucking non technical managers and their shitty clients to whom they suck their tiny weiners need to realise that I cannot reorder elements every 10 minutes to the shape of their fart comming out of their ass, test it, deploy it, trigger webhook, clear cloudflare cache, and meanwhile be sure that it's written in quality manner for future upkeep with commits that have sense.Hope deadline driven development dies in hell where it belongs
-
What my twitter looks like after Cloudflare decides to randomly close all my websocket connections from my free Discord bot, leaving it to die from arbitrary rate limits.
-
Fuck the NBN - you aussies will know!
So apparently Fixed IPs are not a thing for HFC connections unless you have a business account.
Are you fucking kidding me?
Although I didn’t pay for a fixed ip on adsl and it states it’s “dynamic”, mind you it hasn’t changed in 6 years... so it may aswell be fixed right? Right?
Now I have to go explore DDNS with Cloudflare, looks like a api call on ip change will do the trick but urgh.
Ps: I finally.... made it to the nbn - well that’s next week...
only 3 years overdue since my first “NBN ready” letter 😂2 -
Just came across a video telling how cloudflare fetches real random data for their generators: Lava lamps, radio active properties and a chaotic pendulum
https://youtube.com/watch/...8 -
This is fucking rediculous.
A client wanted me to make them a image download resistant galary.
They said they had seen some other site that is "impossible" to download pictures from. This just is not true, they were overlaying transparent images over the images.
Two days after I do that, set up everything on their server, and disable hotlinking in their CloudFlare, without being contacted at all, I've received a not-as-described PayPal dispute.
They said someone downloaded their picture and that I said it would be impossible.
How is this possible? The fuck PayPal? I'm going to lose this damn dispute which was gonna pay half of my rent.11 -
Favourite API.
That's a hard one.
I guess it's a toss up between Salesforce APis and Cloudflare.
Both are straight forward and work within minutes of getting started, and both are well documented to the point, you only need a basic understanding of what you are doing or trying to manipulate to get it up and running.
If only AWS could do the same 😅1 -
me: *hosting docker registry for our team*
me: *sets up ssl and cloudflare dns and shit*
me: *tries to push to registry*
my pc: *413 rEQuEst EnTITy tOo LarGe*
me: *spends 4 hours scrutinizing the shit out of my nginx configs*
me: *finally finds cloudflare sitting there rejecting all of the requests... that cheeky bastard* -
I just want to say,
wow the Cloudflare API is awesome.
In less then an hour (from a blank file - to automation and tested) I was able to setup a DDNS task that basically just pulls my public ip (see https://devrant.com/rants/2050450/... for details) comparing it to the current DNS records for and update them if anything has changed in the past 30 minutes.
So kudos to these guys letting me in next to no time having a simple yet elegant way of dealing with my missing static ip.
Why can’t all APis be this simple?3 -
Either CloudFlare itself has decided to join the fun of attacking my DNS server, or somebody is just spoofing their IP in the UDP packets.
Crap, my ipset script is basically useless now, since the real source could be from anywhere :(
Any suggestions on what could I do to make this attack stop? It's not causing any real issues (at least for now), but it's still annoying as hell.
Get fucked, stupid skiddie who keeps manually changing the ip source in his script10 -
Before you fire me and delete me as admin from managing your website, also be sure to check on and have me transfer to you the third-party stuff, like Cloudflare or Mailchimp. Remember how I had to set these up on my own on your behalf (because you don't know what you're doing and those alerts would disappear into your unmanaged inbox)? Think first to make sure you have full control over your WHOLE site. You see, what happens when I delete those accounts is no longer my problem once I walk out the door.8
-
!rant
I've seen some rants about people complaining about websites using the 'www' subdomain, so I'd like to take this opportunity to try to explain my opinion about why sites might use it.
I use to feel the same way about not having the www subdomain. It felt like an outdated standard that serves no purpose. But I have changed my option...
Sometimes certain servers have other services running other than just the website, such as ssh, ftp, sql, etc., running on different ports. What if you want to use a web proxy and caching service similar to cloudflare or a cdn? We'll you can't, because they won't allow traffic to flow through to your other ports.
That's where the www subdomain comes in. Enable your caching and cdn on your www subdomain, and slap a 301 redirect from your primary domain on port 80 or 443 to the www subdomain. This still allows you to access your other services via the domain name while still gaining the benefits of using a cdn.
Now I know you could use an 'ftp' subdomain or the like, but to each their own in that regard.7 -
Mozilla will update the browser to DNS-over-HTTPS security feature to all Firefox users in the U.S. by default in the coming weeks.
According to the report of TechCrunch : Whenever you visit a website ; even if it's HTTPS enabled, the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. DNS-over-HTTPS or DoH encrypts the request so that it can not be intercepted or hijacked in order to send a user to a malicious site. These unencrypted DNS queries can also be used to snoop on which websites a user visits. The feature relies on sending DNS queries to third-party providers such as Cloudflare and NextDNS which will have their DoH offering into Firefox and will process DoH queries. Mozilla also said it plans to expand to other DoH providers and regions.10 -
Some hacker went through a lot of trouble to get around a minimum order amount on our site. And they’re still hitting us after Cloudflare issued a bunch of blocks. Well, there are some back doors I have to finish closing. I guess I’m lucky I’m just inheriting this site and I’m not the one who built it. But I’m still unlucky because I have to fix this mess. But damn hacker, why’d you go though all this trouble to get around existing validation. Go find another site to charge $1 amounts and test your stolen credit card info. Pretty please 🥺
-
Fascinating read about the inner workings of the worldwide web and gross incompetence.
Cloudflare - How Verizon and a BGP Optimizer Knocked Large Parts of the Internet today
Massive route leak impacts major parts of the internet
"It doesn't cost a provider like Verizon anything to have such limits in place. And there's no good reason, other than sloppiness or laziness, that they wouldn't have such limits in place."
https://blog.cloudflare.com/how-ver...9 -
How can I use a custom DNS server on my schools network?
They seem to block any DNS that isn't their own. I've tried 8.8.8.8 and the new cloudflare one. Both blocked, it's a real issue because their default dns dies for about a minute every 12/24 hrs causing my VPN to go down.
How do they even block external DNS servers?5 -
I already wrote a rant about this yesterday, but since I'm a sysadmin trying to convert to dev.. I dunno, maybe it's not a bad idea to muddy the waters a bit and talk about why not to be a sysadmin.
Personally I think it's that the perceived barrier to entry is just too high, while it isn't. You don't need a huge Ceph cluster and massive servers when you're just starting out. Why overbuild an appliance like that if it's gonna start out at maybe 5 requests a minute?
Let's take an example - DNS servers! So there's been this guy on the bind-users mailing list asking how to set up a DNS server on 2 public servers, along with a website. Nothing special I guess - you can read the thread here: https://0x0.st/ZY-d. Aside from the question being quite confusing, there was advice to read RFC's, get a book, read the BIND ARM, etc etc. And the person to deny this? No one less than Stephane Bortzmeyer, one of the people who works for nic.fr (so he maintains the .fr TLD) and wrote some of those RFC's as part of the DNSOP working group in the IETF. As for valid reasons to set up a DNS server? Could just be to learn how the DNS works, or hell even for fun. As far as professional DNS servers go.. this (https://0x0.st/ZYo9) is the nugget that powers the K root server, one of the 13 root servers that power the root zone of the internet, aka the zone apex. 2 RJ45 connections, and a console connection. The reason why this is possible is the massive recursor networks that ISP's, Google DNS, Cloudflare DNS, Quad9, etc etc provide. Point is, you don't need huge infrastructure to run a server!
Or maybe your business needs email. How many thousands of emails per second are you gonna need to build your mail server against? How many millions will you need to store? If your business has 10 employees and all of those manage about 10k emails total.. well that's easy, 100k emails total. Per second? Hundreds of emails per second per employee? Haha, of course not. Maybe you'll see an email a minute at most. That is not to say that all email services are like this - it is true that ISP's who offer email to their customers, and especially providers like Microsoft and Google do need massive mail servers that can handle thousands of emails per second. But you are not Microsoft or Google. So yeah, focus on the parts of email that are actually hard.. and there is plenty.
Among sysadmins you have this distinction between "professional" sysadmins and homelabbers. I don't mind the distinction itself but I think both augment each other. If you've started out by jumping into a heap of legacy at an established company, you will have plenty of resources, immediately high complexity, and probably a clusterfuck right away. But you will have massive amounts of resources. If you start out with a homelab, you will have not many resources, small workloads, and something completely new for you to build and learn with. And when running a server like that, you'll probably find that the resources required are quite small, to provide you with your new services. My DHCP servers take 12MB memory each. My DNS servers hover around the 40MB mark. The mail server.. to be fair that one consumes around 150. But if you'd hear the people saying that you need huge servers.. omg you need at least a TB of RAM on your server and 72 cores, massive disks and Ceph!1!
No you don't. All that does is scaring people away and creating a toxic environment for everyone. Stop it.1 -
Cheapskate's website deployment stack for new projects:
namecheap ($10 domain) + heroku (free hosting) + mailgun (free email) + Cloudflare (free SSL) = $10/year3 -
How do you counter DOS attack? I have one online service where an idiot just calls curl command to one endpoint.
Although my service is working and server performance is not affected, I found it annoying.
Cloudflare could be a solution, the reason I did not use before is user might have to wait a few seconds before seeing the app, but if no choice then.17 -
Pretty much Python automation on steroids.
https://github.com/konradhalas/...
Dacite is an integral part in it, cause it makes most auto generated API wrappers like Cloudflare API "maintenable".
Getting dicts, converting via Dacite to defined data classes...
Then using TOML to define e.g. output parameters (e.g. list of classes / properties one needs)...
... To export them via Pandas to anything what one needs.
It's just so comfortable.
Definining data classes, sprinkle the API calls and dacite in it, some definition via TOML, done.
Yes, lots of dark vodoo / behind the scenes magic... But ... It removes all this annoying fucked up boilerplate writing that takes ages and makes it frustrating.
As long as the data wrapper (e.g. clousflare API) generates Dicts, its really minutes to get an export working.
If you know the pain of having to deal with multiple accounts, different formats (e.g. different companies)… hours of manual copy pasting to aggregate the data etc.
Then you can maybe understand why I love this so much.
Data classes and dacite makes painful confusing workflows so much nicer and self documenting, I get wet in my pants while writing this. :) -
About 5 years ago I stopped pirating and started supporting companies by buying subscriptions or software ( mostly games, apps I use at work, tv shows / movies streaming services ). If it requires payment, I paid the price.
Companies started to screw both customers by delivering shitty products and employees by laying off ( I'm not in a big company, never will be but I feel bad for all the employees that are in this situation )
Started pirating everything, closed almost all of my subscriptions, currently building my home server for git, local ai and anything I need.
Now I'm planning to do some research to find some good replacements for cloudflare and a friendly host provider that is not all greed and doesn't have a history of massively laying off employees just because they overhired or overpromised.
Fuck you greedy capitalist pigs.2 -
For all the privacy focused people out there, Cloudflare and APnic announced (about 2 days ago) that they created a privacy-first super fast dns server (1.1.1.1 and 1.0.0.1)
https://1.1.1.1/3 -
Why does noone implement autoupdater, especialy on linux side? Is there a reason i dont get? Sure, most system stuff is better in apt, but if i install servers, i do not want to wait for these stupid linux release timings! If it were hard, id understand. But most of this is possible with something like GitHub API and 20 Minutes of time. I mean, yeah backwards compatibility and what not, but then handle that internaly.
Example: I use dnsmasq on a raspberry pi. RPI is running raspbian. Raspian is debian 8. Debian 8 has a version of dnsmasq with a pretty annoying bug, which prevents me from using dnssec, as i cant open any cloudflare pages. Why, o why isnt this updated at MY will? Then, if it isnt, why is it so impossible hard to compile this myself, no docs for that, no binaries, NOTHING? Dear server devs, please add atleast basic autoupdate functionality without having to rely on the base os.
Or, give me easily deployable binaries, if you cant write something integrated.12 -
So I just had this thought that nlegs.com (NSFW) kinda feels like a test.
When I first found it, and it still is, the front-end/layout is basically a BootStrap grid.
It was super easy to scrape.
Then over time, the owner made small tweaks and changes which felt like "oh you guys are still here.... let's make it a bit harder and see who drops out next"
So it got more and more tricky to scrape or fool the site.
But it never became completely unfoolable. I figured if he signed up for Cloudflare, that probably make it impossible to scrape....
Well I was curious today so did a whois.... And one of the things it mentioned was Cloudflare...
So now I'm like.... Hmmm.... What???!!! Ok.... ¯\_(ツ)_/¯10 -
I moved my website to aws and I managed to use cloudflare, load balancer (to skip around route53), ec2 and RDS with no programming skills. Starting to enjoy this :D
-
rust claims dropbox, firefox and cloudflare all use it.......
firefox's performance has steadily dropped
dropbox's performance was always awful
and cloudflare is that weird software i see when i try to view sex cam caps that limits me to 2 mins a day......
my love is not growing.16 -
PSA Cloudflare had a bug in there system where they were dumping random pieces of memory in the body of HTML responses, things like passwords, API tokens, personal information, chats, hotel bookings, in plain text, unencrypted. Once discovered they were able to fix it pretty quickly, but it could have been out in the wild as early as September of last year. The major issue with this is that many of those results were cached by search engines. The bug itself was discovered when people found this stuff on the google search results page.
It's not quite end of the world, but it's much worse than Heartbleed.
Now excuse me this weekend as I have to go change all of my passwords.3 -
Old old organization makes me feel like I'm stuck in my career. I'm hanging out with boomer programmers when I'm not even 30.
I wouldn't call myself an exceptional programmer. But the way the organization does it's software development makes me cringe sometimes.
1. They use a ready made solution for the main system, which was coded in PL/SQL. The system isn't mobile friendly, looks like crap and cannot be updated via vendor (that you need to pay for anyway) because of so many code customizations being done to it over the years. The only way to update it is to code it yourself, making the paid solutions useless
2. Adding CloudFlare in the middle of everything without knowing how to use it. Resulting in some countries/networks not being able to access systems that are otherwise fine
3. When devs are asked to separate frontend and backend for in house systems, they have no clue about what are those and why should we do it (most are used to PHP spaghetti where everything is in php&html)
4. Too dependent on RDBMS that slows down development time due to having to design ERD and relationships that are often changed when users ask for process revisions anyway
5. Users directly contact programmers, including their personal whatsapp to ask for help/report errors that aren't even errors. They didn't read user guides
6. I have to become programmer-sysadm-helpdesk-product owner kind of thing. And blamed directly when theres one thing wrong (excuse me for getting one thing wrong, I have to do 4 kind of works at one time)
7. Overtime is sort of expected. It is in the culture
If you asked me if these were normal 4 years ago I would say no. But I'm so used to it to the point where this becomes kinda normal. Jack of all trades, master of none, just a young programmer acting like I was born in the era of PASCAL and COBOL9 -
EVERY FUCKING TIME I HAVE TO ASK FOR SOME DNS CONFIGURATION OTHER THAN A SINGLE "A" RECORD THE TI HEAD MANAGES TO FUCK UP...
WHAT THE FUCK IS SO HARD DUDE???
CNAME? OK!
FUCKINGSUBDOMAIN > FUCKING.ALIAS.COM
THIS TIME OUR FUCKING PROVIDER CANT MANAGE ROOT DOMAIN CNAMES SO WHAT DID HE DO?
SIMPLE SAID "ALL DONE" AND ONE WEEK LATTER PEOPLE ARE COMPLAINING BECAUSE THE FUCKING ROOT DOMAIN ISN'T WORKING...
COME ON DUDE, JUST KILL YOURSELF.
AND FOR THE FUCKING MILLIONTH TIME: DOMAIN REGISTAR AND DOMAIN MANAGER ARE TWO SEPARATE FUCKING THINGS! YOU CAN REGISTER YOUR FUCKING DOMAIN ON GODADDY AND MANAGE IT ON FUCKING CLOUDFLARE BY CONFIGURING THE FUCKING DNS SERVERS5 -
I already ranted about this particular designer and his need to mess with the client's server configurations.
Last time he thought it would be a good idea to use cloudflare for the 1 visitor per day website. And because he missed adding some important subdomains, the admin and register page didn't work. And oc the client called me in the night and during work because I destroyed her system.
And the worst is that this designer tries to redesign everything for 3 years. Every time he sends me new stuff, something is missing. Then I write him, that xyz is missing and he doesn't respond for months. Then the client calls me, why I still didn't finish the redesign and I have to discuss with her about the designer missed something. Then the designer writes the next time, that he will send me new stuff because the design will change again.
Oh, and I already wrote, that the designer is the client's boyfriend, so he probably sits beside her when I have to defend myself about not being able to finish the redesign.1 -
Finally something good in the name of Privacy. I hope this is NOT a joke !!!
https://blog.cloudflare.com/announc...2 -
Person: *has issues with bots* (probably just stuff like Google's crawler n stuff)
People trying to "help": "Use CloudFlare"
...
...
Could you all please bugger off with CloudFail?6 -
Yesterday, the Project Manager forwarded an email from a staff member who worked on a donations campaign. Staff member was confused about a Cloudflare challenge that appeared before the user was sent to the donation page. It’s a less than 5 second JavaScript check. He thought it looked fishy.
I had to explain that it’s a security measure that’s been up for almost a month. PM knows this but left it to me to explain because ownership of the site is on me. The donations page and api gets hit by a lot of bots because it’s a public api and there are no security measures like captchas to deter the bots. I’m inheriting this website and I didn’t build it.
Staff member says other staff want to know if the Cloudflare page can be customized so it looks more legit. Um, Cloudflare is a widely known legit service. Google it.
A few thoughts pop into my head:
1. Engineering communicated to stakeholders about the Cloudflare messaging a month ago.
2. Wow, stakeholders don’t share relevant info with their staff who aren’t on these emails.
3. Woooow, stakeholders and staff don’t look at the website that often.2 -
Does anybody knows if letsencrypt SSL works with Cloudflare or not?
Because I'm unable to use letsencrypt SSL while using free version of Cloudflare :(5 -
So a client came today to me saying his domain that I setup some time ago isn't working on a specific russian internet provider, checked everything and then came across a blogpost stating cloudflare IPs are blocked. Researched further and it came out that those fucking retards from the "Federal Tax Service of the Russian" blocked a ton of cloudflare IPs because russian online casinos used them like a year ago.
Then checked another domain he had a problem with and the godaddy IPs were also banned - even more extreme they were banned for like 14 incidents, what the fuck, had to create a new account to get a new ip/nameservers assigned from cloudflare, jesus fucking christ.1 -
CLOUDFLARE WARP IS OUT BOYS HYYYYPE
oh yeah I forgot: https://warp.plus/kUKsu
you might need this to sign up to Warp directly, not sure but give it a go1 -
Damn you OVH... You and your goddamn deals again... Now I ended up buying 2 domains for a project again. We all know I'll leave the domain in my cloudflare "keychain" without using it until it expires, because I'll find a fancier and more fun project 😅
I'm at 12 domains right now... I think I might be addicted 🤔
Btw, theres a sick deal going on over at OVH, .com is only 1,20€... Better get your project domain which you'll probably never use again now 😂4 -
Should cloudflare have taken down their servers to protect their clients? Which is worse, the leak live or the downtime?1
-
Holy fuck I'm tired of domain.com... I bought my domain with them about a year ago, and quickly I discovered how shit they are.
I can almost never access the console, the default view most of the time loads, although even that is incredibly slow. When the console loads, all settings regarding my domain are just loading. Every once in a blue moon I can actually access the settings and do something.
I got tired of it, and started transferring the domain to Cloudflare. That's where I messed up, and didn't know I had to verify the transfer twice, so the domain ended up expiring during the transfer process. Now domain.com has my domain completely locked down, pointing it to one of those 'expired' nameservers.
So three days ago I thought fuck it, I'll pay domain.com to renew the domain, maybe that'll get the domain transferred, or at least get my domain open again, so I can receive emails again, because in all my nerdiness I decided to set up a custom email using 'name@customdomain.com'. So I haven't been able to receive any emails for two weeks now.
Anyway, three days later the status of the domain is still 'pending renewal', and I can't for the life of me figure out how something like this isn't completely automated, and the domain isn't just working again.
So just now I decided to contact their live chat, and even they can't change the nameservers on my domain, and I have to be transferred to a specialist, who will then contact me by mail within 24-48 hours. Fuck I hate domain.com, and I'll certainly never buy from them again4 -
Some interesting reads I came across yesterday:
- Github got DDOSd with 1.35Tbps via memcached
-- https://githubengineering.com/ddos-...
- Troy Hunt, the creator of https://haveibeenpwned.com/ released "Pwned Passwords" V2 and talks about his partnership with cloudflare, how he handles traffic, why he chose SHA1 for the passwords, how he together with a cloudflare engineer thought of a solution to anonymize password checks and more
-- https://troyhunt.com/ive-just-launc...1 -
looks like cloudflare doesn't believe in free speech. thoughts?
https://new.blog.cloudflare.com/ter...
section 230 not to mention the first amendment means platforms are not liable for user created content. objectivity is a must. cloudflare breaks the social compact with this decision.12 -
How do I make my blog https? I have a blog using Jekyll and GitHub pages. I have a custom domain so I tried cloudflare free SSL plan - destroyed my DNS records. Haha. Any good post for me to follow and get that green padlock?8
-
To add a bit more context to my last rant.
The following situation happened today and similar situations are at the moment common as fuck.
Situation started roughly 1 1/2 months ago as a deployment failed.
Seemed to be a DNS problem for the devs, so my basic assumption was that they checked their shit.
As I was and I am currently more than swamped, told them it had to wait if it is an DNS issue...
Well.
Backstabbing product manager complained to upper management as it took so long.
Backstabbing manager even went so far to propose alternative solutions - think of switching product to work around issue and throwing away a year of development of a 5 man team...
So additional to my work I had to deescalate and prevent complete nonsense.
Today I finally found time for the problem.
After 2-3 hours of turning every stone inside the DNS setup, cloudflare, loadbalancers, etc...
Well. Devs. Don't trust them.
Turned out the devs misconfigured the environment entirely.
Its not so obvious in this product as it is rather complicated, though the devs documentation explicitly mentioned that if one overrides the configuration for e.g. several languages, one has to make sure to set two env variables for TLS mode...
There was only one set.
:(
8 fucking weeks of backstabbing and blaming others while they could have just read their own fucking documentation and fixed that shit in 5 minutes.2 -
On holiday with parents and gf...
Wifi here forces you to use their DNS (using Google's or Cloudflare or any other DNS is blocked)...
Can't use my OpenVPN either...
fuck...12 -
Cloudflare cached a dynamic page, only because the url ends with a get parameter "&doc=file.docx".1
-
Just created a Cloudflare worker that sends messages to the backend over PubSub. Feeling pretty bad-ass right now.3
-
Talk about giving me a headache..
Mmh k, so i want to move my current domain to cloudflare.
Go to current provider, their site report a previous provider has the record but that provider says they have nothing left.
Great.
Contact current provider and they tell me to contact cloudflare, cloudflare tells me to resolve that issue with my previous provider....
Starting to feel like just dropping it and getting a new ... -
Recently our management department discovered the advantages of setting up CloudFlare DNS and their CND for a website. In our case that made perfect sense and also helps a lot with the performance.
A while ago someone noticed that in the backend of the CMS the site uses, stuff that is being loaded via AJAX is not loaded at all and just displays an empty container.
3 hours into debugging I discovered why: Someone thought it would be a good idea to base a condition on whether there was a certain HTML comment inside an element, rather than using a class or something else.
A comment.
The HTML minifier removed that, so I ended up having to disable HTML minifying, at least for the backend.
Thanks, whoever thought it would be a good idea to base logic on the existence of a comment.1 -
Thank you Cloudflare for replacing my MX records with A's, so that I now don't have a working mailserver, but also subdomains linked to my 404 page! Cloudflare you are great, where can I terminate the contract? When I import the confirguration in my friend's nameservers, it works. When I import it in my domain registrars nameservers, it works. When I import it in the cloudflare's nameservers, everything fucks up and it makes freaking subdomains. And that bullshit even displays MX records on their DNS dashboard! FUUUUCK
-
Anyone knows of a good MX (email service)?
I recently protected my webhosting with cloudflare, now just looking for a separate mx server because the current one is exposing my website's real IP12 -
My manager and I setup Cloudflare for one of our websites because we’ve noticed bot activity. Stakeholders have their feathers ruffled because ONE fraudulent payment got through during the first 24 hours of using Cloudflare. Um, there’s no miracle solution and we didn’t promise you miracles.
Manager and I aren’t sweating it because 1) we’re still learning Cloudflare, 2) we’re still familiarizing ourselves with the website because it used to be maintained by an outside agency, and 3) things were much worse a few months ago before any mitigation efforts were put in place. We finally setup Cloudflare because the fraud tools for our payment processor could only do so much.
We’re both honestly surprised a situation like this hasn’t come up before in all the years the website existed.4 -
Me, enables SSL on one domain with cloudflare all went well, even added origin ssl all good.
Friends domain, set up the right and same way, but server says no i have no idea what www.examaple.com is, ... I never created a key for that wtf so right now website are dead .. thanks cf3 -
Another day, another malware. Also inviting you to my twitter again lol.
https://twitter.com/SariBezliGurme/...
I wonder what it takes to get a special contact from Cloudflare or Fortiguard to report these things faster :3 -
In today's episode of "Am I paranoid already?" - Caching Bind resolver forwarding queries to a DoH client connecting to Cloudflare
A fun little thing to configure, and now, anytime I am on my VPN, all my DNS traffic should be completely untrackable.
Does that make me paranoid? Maybe a little... But, the knowledge that noone - not even my ISP, can see what I am doing on the internet, is kinda... Heartarming.
Now, all that's left, is for eSNI to roll out and get implemented by all major web browsers, and most snooping will be completely done for...4 -
In addition to being able to lookup DNS queries over Twitter, telegram (even literal ones), devRant, HTTP(s), TLS and even the DNS protocol itself - Cloudflare will now offer DNS-over-HAM in London.
Sources:
- Heise Online (German): https://heise.de/newsticker/...
- Original Tweet: https://mobile.twitter.com/jgrahamc...1 -
We all make mistakes and cloudflare is a pretty clear example of that where they used == instead of >=
-
I will transfer my domains from Google Domains to Cloudflare or Namecheap tonight. What a disaster. I don't trust Squarespace. They are shady. Ugh. Google ruined another product. EDIT: GOOGLE SOLD ITS DOMAIN BUSINESS TO Squarespace.1
-
What did I do while down for the count with Covid?
* Setup a static React site
* Hosted the site at Cloudflare Pages
* Protected the page through CF access
* Extracted the JWT
* Setup a Rails API to validate the token
Now I have static React UIs with a nice rich API backend.2 -
Hey. I'm still very new to CloudFlare and I have a question.
Let's say that I have 4 sub domains: a.test.com, b.test.com, c.test.com, d.test.com. They're all under the same domain (test.com).
I have a page rule setup specifically for a.test.com, where "Disable security" is set to On. I did this as a temporary solution so that I can figure out the problems that a.test.com has when the security is enabled (had users complaints regarding not being able to send requests with CF security On), so that it is still accessible while I try to fix it..
By turning disabling security for a.test.com, do I put others (b, c, d) at risk? I had someone telling me that it is possible for attackers to make use of a.test.con (unprotected by CF) in order to attack the other sub-domains. "a.test.com has no protection so attackers can use it to send requests to other secured subdomains, cross-site attack" or something along that line.
I don't get this. I thought page rule is supposed to be active only for the domain where it's being set up and the rest will still be secured, and that if attacker manages to attack the other subdomain its due to the others not having secure applications inside of it.
Dunno if that person was telling the truth or tried to mess around with me with their joke!
Thanks!5 -
I got situation here,
I am getting 524 error from cloud fare. I sent some data using AJAX, process it and then return the result. Since the data is large and have some SQL manipulation on it so it take a lot of time. I put the process in back end. But still even for 10k records it took 4-5 minutes to process, Issue is everything works fine but since cloud fare response time is 1-2 minute so it through 524 error (as it does not getting any response within its time frame). How I am suppose to tackle this. May be using job scheduler now ? My client simply refuse to send small data. My Friend is suggesting don't use ajax, simply reload the page. But again data is too much so page loading will also through 524 error. Kindaa stuck here. Any idea/suggestion how I can proceed.
Language I am using PHP. Database, MySQL and SQL.
Hmm Here is some more explanation
https://github.com/marcialpaulg/...
But not working
Here is also something
https://stackoverflow.com/questions...
But I am thinking why redirecting ? It doesn't make sense to me7 -
Any advice for debugging a 520 error from Cloudflare?
I know this isn’t SO but Ive been having the toughest time finding a decent way to find the cause of a 520 error from Cloudflare.
I have a droplet of Digital Ocean running Apache 2.4X and randomly throughout the day I will get 520 errors in the browser’s Networking log.
Naturally, there’s nothing even noted in the Apache error log or access log. And Cloudflare has no logs on this in the console.
If I retry the request it will go through with no problem.
Anyone experienced something like this?5 -
Any tips to speed up wordpress site. I have googled and tried as many solutions I can except adding cdn. I have minified images, html, css and js. I have used caching on the server with litespeed cache. There are not many plugins on the site.
The plugins installed are elementor, litespeed, orbit fox, wp-optimize, updraft plus and wpforms lite. The site takes around 4 to 5 seconds to fully load. I am doing this for a releative(don't worry he is sane and I am doing pretty simple stuff for him which is simply not worth charging). I cannot use cloudflare cdn since they need nameserver access and the hosting service used is hostinger which have put a lot of dns records which I don't understand and don't wanna mess with unless it is the last option.12 -
Ever since i added cloudflare to my site i get this error. everything exploded and the site no longer loads (i had to set cloudflare so i can use gitbook docs so im forced to use cloudflare even tho i dont want to use it). Anyone had this problem before and knows a fix?5
-
So half of the Internet is down again.
Jfc Cloudflare, you just gonna let Russia, China, and Skynet fuck with you like that?
Bitch ass. -
Just built out my first app using Cloudflare Workers, Typescript, and DurableObjects. Holy shit, this is nice stuff.
It's taken little to no time to build out:
* JSON API written in Typescript
* JWT verification against my OAuth backend (SAML support too)
* CI Automated Deployments including unit tests
* DurableObject support
* 3rd party HTTP calls + caching (built in to the framework!) to reduce network latency and hiccups.
* Cron-like tasks on each stored object so they can awaken the app on a schedule and update themselves as necessary
* Rapid deployment to new environments
The local testing with coordinated "miniflare" is dreamy too.