[thrdbndndn]

Sorry for being kinda off-topic, but what's going on with these small(-ish) businesses configuring their websites to block users randomly through Cloudflare nowadays? I've seen this happened at least 5 times this week clicking random links, they are all local business websites.

I'm talking about https://www.caseys.com in this article, which gives me

    Access denied
    Error code 1020
    You do not have access to www.caseys.com.

    The site owner may have set restrictions that prevent you from accessing the site."

Is this a GDPR measure (but My IP is in Japan, not EU), anti-proxy measure (I do use one), or cost-saving measure?

[foooobaba]

Well, Casey’s is not actually smallish, it’s a fortune 500 company publicly traded on NASDAQ (CASY) and has a market cap of over 9 billion.

[thrdbndndn]

I guess that makes it even worse. Large companies surely want people around the world to visit their websites for brand recognition even if they don't operate in their regions.

[weekay]

This really is a hard stop being applied on Cloudflare WAF rules to stop any traffic from geo locations a sys admin believes would stop threats and also reduce their bandwidth utilisation. If companies don’t have business interest outside or their territory/ country the new trend seems to be just geo block that domain. While https://investor.caseys.com/ is accessible from Europe for eg., the main site isn’t . This isn’t a GDPR thing just a playbook some of the cyber security and ops team seem to be applying across various retail companies now a days .

[evrimoztamur]

This, I believe, is the free DDoS guard that people opt into because it's free.