Can I ask you. For all intents and purposes, what is the difference between Cloudflare and a regular host except an expiry time on the content they host?
Cloudflare:
- Makes a website available through their IP addresses
- Resolves a site's DNS
- Stores the content of the website on their servers, to serve to clients. The fact that there's an expiration on that content is of no consequence.
The fact that the final source-of-truth lies offsite makes no difference.
If I rent a regular, run of the mill server and have it proxy all requests to a different server, does that suddenly make the first host bulletproof to any and all scrutiny?
Cloudflare likes to pretend they are a neutral entity, impartial, just like regular Internet Providers but they are decidedly not. They are being paid by their customers to store and serve their content from their servers and to perform traffic filtering.
... which are unknown because CloudFlare's service includes "hide your backend".
If CloudFlare provided a way to find out the host of a website they run, and gave said host a way to find out what servers specifically are hosting it, they'd have a much better argument, because they'd make it easy for anyone to use the legal system to go after offenders.
I don't know how easy it is for US citizens or law enforcement to get that information from CF, but from what I've heard, it's very, very hard to do so from Europe, and will basically only be used for major crimes, but not for a common "scam a granny" operation. CF is essentially providing cover for these.
CloudFlare forwards all abuse claims to the providers, so filling an abuse with CloudFlare is practically equal to filling it with the providers. The only difference is that you don't know who the providers are.
It's not. They do forward it, but the provider can simply chose to ignore it, since it's not addressed to them and there's no legal implication - it's purely informational for them, letting them know that CF has received a complaint.
If you're in the US, probably. If you're outside the US, from what I understand, they require you to file in the US (or have US law enforcement work on your behalf).
For all intents and purposes, that means they don't for anyone outside the US, except for very high profile cases. For everything else, they're providing a legal shield.
Cloudflare: - Makes a website available through their IP addresses - Resolves a site's DNS - Stores the content of the website on their servers, to serve to clients. The fact that there's an expiration on that content is of no consequence.
The fact that the final source-of-truth lies offsite makes no difference. If I rent a regular, run of the mill server and have it proxy all requests to a different server, does that suddenly make the first host bulletproof to any and all scrutiny?
Cloudflare likes to pretend they are a neutral entity, impartial, just like regular Internet Providers but they are decidedly not. They are being paid by their customers to store and serve their content from their servers and to perform traffic filtering.