I don't understand how CloudFlare is intermediating the traffick in this case. How can CloudFlare block the sites if they aren't hosted on CloudFlare or using CloudFlare services? Are they acting as an ISP in the UK?

[–] cyrano@lemmy.dbzer0.com 7 points 1 day ago (1 children)

They cache a lot of the internet so like the infra of the internet after the isp

[–] Coopr8@kbin.earth 5 points 1 day ago (1 children)

So the ISP redirects the request from the primary host to the CloudFlare cache under some conditions? but wouldn't that be ineffective at blocking the sites of the browser still attempts to pull from the primary host first? I'm assuming this must be mediated by the ISP somehow otherwise it would just be a browser setting to only pull from the primary host of the domain.

[–] cyrano@lemmy.dbzer0.com 4 points 22 hours ago

Cloudflare operates as a reverse proxy between a user’s browser and the origin server of a website or application. When a user requests a webpage, the request is first routed through Cloudflare’s global network instead of directly to the origin server. Cloudflare then forwards the request to the origin server, retrieves the content, and sends it back to the user.

It is doing that by being authoritative DNS provider and providing useful features in case of attack but imagine that everyone start using cloudflare then it become the authority DNS wise.

[–] MrSoup@lemmy.zip 2 points 1 day ago (1 children)

Maybe it includes dns. Using quad9 would bypass this.

[–] guybrush_threepwood_MP@lemmy.dbzer0.com 2 points 9 hours ago

I bumped into at least one site blocked by cloudflare. When accessing the site, I'm redirected to:

https://www.cloudflare-terms-of-service-abuse.com/stream.ts

So far it happens when I try the landing page of the site, if I go pages I visited in the past I can reach the intended site. Maybe the name resolution is cached.

I haven't tested it much but I'm using Quad9 and it's not making any difference.

Cloudflare seems to be the SOA for the affected sites and then it sets *.ns.cloudflare.com as the primary source and dns.cloudflare.com as the administrator.

To my understanding Quad9, being a recursive DNS resolver, is not the main DNS authority in this case. Quad9 will reach out to cloudflare to refresh the records when the TTL expires and then cloudflare can return a different IP for the domain.

Either affected sites stop using cloudflare, or we reach them via TOR, if they have that option.

[–] Cevilia@lemmy.blahaj.zone 66 points 1 day ago (4 children)

It's almost as if making one organisation the gatekeeper to a quarter of the internet is a bad idea...

[–] sakuragasaki46@feddit.it 3 points 12 hours ago

I recently had issues because CloudFuck blocked the IP of one of my VPS's effectively breaking npm (JavaScript package manager)

[–] cyrano@lemmy.dbzer0.com 6 points 1 day ago

A quarter only?

[–] jubilationtcornpone@sh.itjust.works 11 points 1 day ago

[–] MangioneDontMiss@lemmy.ca 13 points 1 day ago

Who knew?

[–] laconiancruiser@lemmy.zip 15 points 1 day ago (1 children)

Watch the stars on FlareSolverr soar.

[–] AnarchistArtificer@slrpnk.net 9 points 1 day ago (1 children)

The constant stream of piracy related utilities that end in "rr" never ceases to amuse me.

Bonus joke! "What's a pirate's favourite letter of the alphabet?"

(People often say Arrrrr! here, especially if you seed that context earlier in the conversation)

"You'd think so, but actually it's C"

[–] kalpol@lemmy.ca 1 points 22 hours ago* (last edited 22 hours ago) (1 children)

I don't get it ..unless qbt is written in C

[–] AnarchistArtificer@slrpnk.net 3 points 19 hours ago (1 children)

It's because C sounds like "sea". It's a joke that's more about the sea-faring kind of pirate than the online kind

[–] kalpol@lemmy.ca 1 points 12 hours ago

Ahhh ...ha haha...ha...............ha

[–] breb@piefed.social 4 points 1 day ago

are there any alternatives?