[uconnectlol]

> Not entitled

I'm saying what Cloudflare should do as reasonable engineers. It's not a question of entitlement. IP blocking is never valid aside from temporary DDoS mitigation. Eventually, those IPs will get reassigned or the attacker will get bored, and you have to stop blocking at that point or else you will just block legitimate users, since IP addresses do not represent individual people.

Your analogy is invalid. The captcha we're talking about here is not for filtering messages. To further nip this argument in the bud: Most sites that have a Cloudflare captcha to view anything at all will still require more captchas, email confirmation, and often phone confirmation before being able to sign up and post. Then this last idea that IP blocking stops hackers is just not even plausible (queue flood of posts arguing about the diminishing returns of repurposing firewalls/av/block lists for mitigation of low quality automated exploit attempts).