[dylan604]

I'm not defending Cloudflare, but what is a better solution? If small websites can just be DDOS'd out of existence because some group thinks it'll be funny, what protections do they have? It takes too much equipment and know-how to stop an attack for people to be able to survive online. The next thing you'll hear about is a monthly service fee to the hackers as a protection racket just like the mob.

[somenameforme]

The site's also blocked for me, also on a normal residential IP. Making your site inaccessible for people out of fear that somebody might make it inaccessible for people feels reminiscent of blockading the strait because you don't want the strait blockaded.

[dantillberg]

> feels reminiscent of blockading the strait because you don't want the strait blockaded

I think this is a poor analogy, unnecessarily politicizing the topic.

It might be a good analogy the other way around, if hackers DDOSed the website as revenge for partial IP-based blocking, in order to apply pressure to the website operator to remove IP-based blocking. But that wasn't the topic.

[pocksuppet]

It's accurate. The USA is doing "Iran can't blockade the strait if I blockade the strait!" and Cloudflare is doing "Hackers can't take your site offline if I take your site offline!"

[Alive-in-2025]

occasionally a major site that I subscribe to blocks me with cloud flare. It was either nyt or a similar news site I subscribe to. I couldn't even get to any 'give me feedback' page because cloudflare was blocking. When cloudflare decides to block you, it should give you a contact page for that website so you can send them an email or tell them.

I work around this by using my phone connection with phone chrome.

[expedition32]

The internet is killing itself.

And no I do not blame small website owners they just have to live with this mess same as everyone else.

[Dylan16807]

The better solution to blocking entire continents is probably doing nothing.

For DDoS resistance... Well I can imagine a world where a tech in the same area as IPFS or freenet gives backup access to websites that are overloaded.

[warkdarrior]

> For DDoS resistance... Well I can imagine a world where a tech in the same area as IPFS or freenet gives backup access to websites that are overloaded.

As a small website owner, I can use Cloudflare or I can wait for this imagined tech.

[lstodd]

You can use CF and lose relevance. Or even go beyond that and outright geoip-block .

Ofc it's your choice.

For some reason there are many small sites I have no problem visiting and then there are those CF users which may or may not work at any given moment, forcing me to ignore them.

Well, good luck. You are cutting yourself from the internet, not cutting me off.

[Gander5739]

You can use CF and lose, say, 10% of your audience (number pulled from thin air). Or you can not use CF, be taken down by scraping bots or a dos attack or whatever and lose 100% of your audience.

[sethops1]

> tech in the same area as IPFS or freenet

Are we getting that before or after personal jet packs, flying cars, and my tacos delivered via tacocopters?

I'll protect my sites with Cloudflare until then, thanks.

[Dylan16807]

Go ahead, just don't set up enormous IP blacklists on cloudflare please

[exe34]

Would IPFS need to be a part of the browser? Or is there an easy to use browser out there that runs on IPFS? If you need the average user to go find proxys, it won't work.

[pocksuppet]

Just host the site. Are you expecting to get DDoS'd? Why? And what will be the consequences if you are?

Someone said it's like protecting yourself from stabbings by banning kitchen knives, but it's more like protecting yourself from stabbings by wearing thick rubber armor at all times, that also happens to be filled with spy cameras somebody else owns. It's a bit of an overreaction to a very rare threat, don't you think?

[sandeepkd]

Makes me wonder if the company protecting against the DDOS would have motivation to encourage or facilitate the DDOS efforts too, makes them the protection racket itself.

If DDOS is really the problem we want to solve then it would be awesome if one can do it without looking into the packet. SSL terminating at some centralized third party provider is way too much power.

[deely3]

And don't forget about kids safety!

[bshaughn]

Websites should have a lean markdown or .txt page for each human friendly webpage. A lot of the surge in bots is because of LLMs. Its insane that a technical documentation web page can use 200MB + of memory, when the core information I care about is << 1 MB of text. at the path of least resistance for many people is to have claude code hit 20 of such pages.

This is something that would be perfect for cloudflare to host and sell as a service - static web pages via their CDN network.

I do not work in web development, so im sure there are plenty of details im ignorant of, but the TLDR of "how to fight accidental DDOS because of AI tooling " is make it easier for them to get the content they want.

[dylan604]

Problem is there's no way to ensure that the bots will only suck in the bot friendly file instead of scraping the whole site. The bot owner would never be able to guarantee that the site doesn't have data not in the bot friendly file. Any time you have to maintain two sets of files is pretty much guaranteed that one will be out of sync at some point. Not all sites are driven by a database that generates files on the fly.

[PunchyHamster]

nah they will be selling their service to both hackers and their targets

[sph]

How many small websites served by Cloudflare risk being DDOS'd? How many small website owners would incur serious loss of livelihood if they are DDOS'd for a few days? Is DDOS risk so important that the web needs a protection racket?

> If small websites can just be DDOS'd out of existence

DDOS doesn't destroy websites. It just makes them unreachable until the disgruntled person decides it's been running long enough.

Please stop exaggerating a very real problem only a few entities on the web have; what you are perpetuating is FUD, which enables companies like Cloudflare to kill the web.

> The next thing you'll hear about is a monthly service fee to the hackers as a protection racket

How do you not even see the irony of this?

[ivanmontillam]

> DDOS doesn't destroy websites. It just makes them unreachable until the disgruntled person decides it's been running long enough.

You can be absolutely destroyed if your hosting provider later hits you as a Website Owner with an excess traffic bill.

[pocksuppet]

Fire your provider then. They're probably not paying for inbound traffic (most orgs are billed on the dominant traffic direction, so inbound for eyeballs and outbound for hosting), so it's pure extortion on their part.

[lstodd]

While it is entirely possible to enter such a contract with a provider, it is your fault in the end. Don't maybe enter them?

[dylan604]

> Please stop exaggerating a very real problem only a few entities on the web have; what you are perpetuating is FUD, which enables companies like Cloudflare to kill the web.

I'm not exaggerating, I'm just playing what if. That's a game where you think of random things that could go wrong, and then deciding if it is worth the expense. Just because maybe you can't think of things of varying plausibility does not make me exaggerating. We already see ransomware working from the hacker's perspective. There's no reason to think that greed will not come into play. If I can think of it, there's no reason to think that hackers are not also considering various ways to expand on ransomware as a service

>> The next thing you'll hear about is a monthly service fee to the hackers as a protection racket

> How do you not even see the irony of this?

How do you not? If every hacking group can come along and extort any site they choose to pay them a protection fee, there's no way websites will accept any of this. Compare that to paying a single legit service protecting against all of those hacking groups. Can't imagine why people would be willing to do that.

[therein]

This is the same mindset that wants to make it illegal to sell kitchen knives with sharp tips.

[dylan604]

How do you come to that conclusion? It's so far off of what I said that you've got some splainin' to do