Thank you for sharing these steps! Very helpful for those looking to allow Tor traffic on Cloudflare relays. #CyberSecurity #Cloudflare #TorTraffic

Or don't be an anti-freedom douche and stop using one of the worst centralizing influences on the internet. 🙄

Cloudflare are like the tongue-lolling tail-wagging half-coyote pup that just killed your chickens. Akamai and most hosting providers are all coyote, and some of them are rabid. (Originally wrote "dingo", then realised no Americans would understand the reference)

Please show me another solution that offers similar services.

I know what dingos are, but, sure. I can't stand seeing all the cloudflare intrusions just because I'm running an effing VPN. 🙄

(Hugs) I'm using Tor bro, I know the pain. Archive.org is the aspirin of non-KYC internet use

I don't know. What did people do before cloudflare? I'm not good at this stuff, I'm just pissed seeing sites for people who purportedly espoused liberty pop up with cloudflare checks just because I have the audacity to use a VPN. It's gross. I am just complaining. I don't know enough to have an offered solution. I just know it's effing wrong.

Or a lightning node that is on a network that is silently blocking Tor. Don't leave zaps on the Tor table.

We used to have customers bounce because our sites loaded too slowly. And we got ddosed. Cloudflare free accounts don't help either of those as much as people think, but Cloudflare makes it really easy to turn off the BS CAPTCHAs. People don't, though, because panicky normies

Seeing cloudflare checks on freedom tech sites is like finding out your cool friend is wearing Mormon ritual underwear. You’ll still be friends, but…

I legit LOLed at this comment!

That's... Pathetic. *sighs*

here 4 the lulz ✊

“I know no safe depository of the ultimate powers of the society but the people themselves; and if we think them not enlightened enough to exercise their control with a wholesome discretion, the remedy is not to take it from them, but to inform their discretion.” -T. J. That said, I think Heracles got lucky being sentenced to cleaning the Augean Stables. Informing normies is much, much ickier, and we don't have demigod powers...

Yes. Gosh, I wasn't expecting this conversation to go classical. Way to class up the joint! Lol

And why can't I effing zap you, dude? Come ON!

this is an example of what nostr will fix, and why NIP-42 is so important if you ask for some kind of distinctive identity at the gate, they have to keep making new ones to come at you again if you know the identities, then you treat them nice, and you give them more data sooner, than those who didn't identify as someone known most web apps have no notion of gating access and dropping queries, this is why cloudflare has done so well nostr will change this because we are building a protocol that is outside of regular HTTP request/response logic and basically just have to do this the spam and dos attacks haven't even started yet, but by the time there is enough users to be worth mounting attacks hopefully you all will understand that we won't succeed with this unless we understand how to deal with these attacks at the protocol level instead of making dumb apis only if people have nostr identities and they are past customers you can just reduce the rate limiters on responses and voila... you can then also use social graphs to make good guesses about whether a user deserves to have an easy ride in or not web of trust is going to be a very big part of how this works, and right now, CF is doing this for you, and forwarding all that user information back to the NSA for analysis

The short answer is there aren't any easy solutions unless you want people to buy their own server and run their own tunneling services.

Making new identities is cheap (unless one grinds for a vanity address like yourself!) NIP-42 can help but is no silver bullet, sadly. Even NIP-05 is no defense when nostrich.house is renting verified identities at 1 sat per hour. Human moderation at relays is the only reason Nostr hasn't become Usenet already. I've sent a draft of another partial solution to a friend on Nostr, if she likes it she can lobby her friends into adding it to clients.

Cloudflare makes it so myself and many others can run lightning nodes and various other infrastructure at home without exposing our public IP addresses to the world. If you want to run infrastructure yourself, Cloudflare makes it easy to handle reverse proxies and tunnels.

yeah, i'm on my own wireguard tunnel to a fixed IP address and still get endlessly captcha and check this box bullshit when i have a FUCKING LOGIN COOKIE on the sites in question this is something we can fix with nostr, because NIP-42 NIP-42 NIP-42 NIP-42 elliptic curve signatures are a super power that will let us break out of the cage seriously, you see my NIP-05 on nostrudel is yellow, that's because of cloudflare, and because my current VPS has fucked with my reverse proxy and are basically deleting my http headers and replacing with their own, wrong headers the VPS support even lied to me that they don't have any relationship with CF no, there's no way you get this:

CORS Tester - Test a URL for valid CORS headers

Use this little tool to test a URLs CORS headers. Test CORS by HTTP method. Shows header information and gives tips on fixing CORS issues.

without cloudflare firewalling your 443 and 80 ports on your internet interfaces accept-ranges: bytes cf-cache-status: DYNAMIC cf-ray: 8756d5bb40fd26ec-OTP connection: keep-alive content-length: 338 content-type: application/json date: Tue, 16 Apr 2024 20:13:15 GMT last-modified: Tue, 16 Apr 2024 20:11:00 GMT server: cloudflare oh no, the VPS has no relation to CF *cough* fucking romanian liars

True enough. Dynamic DNS does this too. Tor does this even better, but needs more adoption.

If we had a similar and cost effective solution, I'd move to it in a heartbeat to help decentralization self hosting a bit.

Dynamic DNS doesn't hide your IP though. It just gives you a hostname where the underlying IP changes but the DNS hostname stays the same. We're essentially using Cloudflare for privacy, but also allowing Cloudflare to see everything 😂 so it's private to the world, but not to Cloudflare are their partners.

explain this then: nevent1qvzqqqqqqypzqnyqqft6tz9g9pyaqjvp0s4a4tvcfvj6gkke7mddvmj86w68uwe0qyt8wumn8ghj7etyv4hzumn0wd68ytnvv9hxgtcpzamhxue69uhhyetvv9ujumn0wd68ytnzv9hxgtcqyqe4whmxv36dn957qv40lrx7nf4ujxdvpgdq3krkn5kv0qc9gpd9vhm8amj i'm running this on my vps and was happily using said VPS over a wireguard connection and it was very convenient for enabling me to get inbound websocket connections to my test relay and occasional custom instance of coracle or nostrudel you don't need cloudflare to have a fucking wireguard tunnel to a VPS but when your VPS shoves a cloudflare on your port 80 and 443 you get cors errors that prevent NIP-05 from working so, yeah, nah, fuck cloudflare, fuck them right in the ass

CORS is always a pain in the ass.

first time i've encountered this problem, and it's because cloudflare is fucking with my http headers

Absolutely. They do this with mine too and it makes things a pain in the ass.

Well, yeah. I do. Actually. Stop giving away yield as a product just because something is free/cheap. That's how we got to this fiat mess in the first place.

I'm not even at that point yet and it's so slimy. Ugh. UGH!

Most of this message might as well be Quechua to me, except the last line, which made me almost laugh OUT LOUD next to my sleeping baby 😆

It'd be quite difficult to find a truly equally feature-rich alternative. Not many, if any, exist. Fastly, Sucuri, Imperva, etc all suck and Akamai is too expensive for average indie dev. Fortunately, their CEO seems fairly rational compared to others in big tech. Worth a read.

The Verge

Why Cloudflare CEO Matthew Prince is the internet’s unlikely defender

Cloudflare’s Matthew Prince joins Decoder to explain what Aristotle has to do with internet infrastructure.

I suspect your insights are correct. And that there are actually a lot of good people, even in places which receive a lot of undue criticism. My personal… i don’t know.. soap box? Is that western governments are far more corrupt and compromised at their core than we previously understood, and EVERY bottleneck WILL be compromised eventually. No matter how good the people in that bottleneck are. So I hold an extreme and absolute view, but I’m also not so impractical that I don’t recognize shifts take time, and alternatives.