[adammartinetti]

Hi there! I work at Cloudflare. Our global performance for Linux users on challenge pages looks good at the moment, but I'd love to take a closer look.

Could you send me an email with details you have available, (rayID, IP address + website, or HAR file) at amartinetti at cloudflare.com?

[doctor_radium]

See my comments below. Would appreciate you whitelisting the Opera Mini browser globally. I'll then be happy to take back some of the things I said.

[judge2020]

Whitelisting the Opera Mini browser how? Asking Opera Mini to include a signature with requests? Based on user-agent? In any case, browser behavior can and will be copied by bad actors if doing so is a get-past-cloudflare-free-card. That's why it's not just browser, it's browsing habits based on your IP and location in addition to fingerprinting where appropriate in order to allow legitimate users to prove they're human via captcha.

Edit: even if you just mean whitelisting their proxy ip... that doesn't do much good either. It's like asking to whitelist tor - those IPs are blocked because a good amount of spam or malicious traffic originates from them, not because there are x0,000 users on each.

[doctor_radium]

> Whitelisting the Opera Mini browser how?

> That's why it's not just browser, it's browsing habits based on your IP and location in addition to fingerprinting where appropriate

Mini is a barely configurable hosted browser with one IP, one location, and one fingerprint. It doesn't return anywhere near full HTML/JS/CSS, but highly cut-down code generated by Opera's server. Unless somebody has found a way to hack that server, I'm at a loss as to what damage it could cause.

This seems to me a case of sloppy use of overly broad security tools.

[johnklos]

How about you actually look at your own logs on your own servers, rather than expecting people you exclude from doing your homework for you?