Cloudflare sucks !

Portal Home > Knowledgebase > Articles Database > Cloudflare sucks !

Posted by cpanellover, 06-10-2011, 11:46 AM
hi, First i don't use cloudflare.A while back i reported a site that whas distrubuting several spamtools ("xshit garbadge") and whas using cloudflare dns servers to there abuse departement.Some dude replyed to my email stating "cloudflare does not host websites" *sigh* even the biggest computer noob knows that.Cloudflare has been known for there "pay for an account and do anything you like behavior" well i have one to say to cloudflare Spammers are using your service to hide there ass do something about it !!!! I guess cloudflare is happy as long as the money keeps on rolling in even if it's money from **** spammers Words cannot express my HATE for spam so if the company providing the service(s) refuses to take action they should be shutdown I also have 1 whish for cloudflare.I wish them a (D)dos that blows them offline for the next 1000 years
Posted by quantumphysics, 06-10-2011, 12:13 PM
let me guess, x rumer? also, please don't publicly post your questionably legal wishes.
Posted by cpanellover, 06-10-2011, 12:19 PM
Bingo correct
Posted by drspliff, 06-10-2011, 01:39 PM
What cpanellover described doesn't seem to be against the CloudFlare TOS and is perfectly legal (albeit a slightly grey area). So why should CloudFlare do anything about it? Just because a nobody on the internet doesn't like a site... I've found CloudFlare are handling DMCA notices and other legal issues extremely well, so in cases where there *is* legal protocol (entirely unlike your situation) they are doing just fine. The only way you could get any progress would be to provide a very convincing argument for CloudFlare to change their TOS. I suggest starting a thread on their support site, possibly following up with Damon Billan.
Posted by cpanellover, 06-10-2011, 02:07 PM
helping spammers hiding there ass is most likely not legal ...
Posted by cenourinha, 06-10-2011, 03:42 PM
Please read about mod_cloudflare, you can get the real IP of the spammer: https://www.cloudflare.com/wiki/Log_Files CloudFlare helps you stop Spammers by using Project Honey Pot data: http://www.projecthoneypot.org/index.php
Posted by cpanellover, 06-10-2011, 04:06 PM
that's a thing i strongly dislike to Cloudflare == Projecthoneypot this is on one side running a antispamnetwork and on the other side earning money on one and the same spamming gangs speaking about being "doublefaced"
Posted by damoncloudflare, 06-10-2011, 05:15 PM
Hi, Since CloudFlare isn't a hosting provider, we couldn't take any actions that would effectively cut their site down or take anything else down. We can, however, release the IP address of the server so you can report it to the abuse department of the hosting provider. "pay for an account and do anything you like behavior"" I don't see how this ties into the issue at all. We also offer free accounts, which would be a larger percentage domains overall. And I don't see how we would *make money* from spammers (we don't provide domain registration or hosting).
Posted by cpanellover, 06-11-2011, 05:58 AM
really ? then you need a glasses Cloudflare pro is not free ($20/month for the 1st $5/month for each additional website) you're not gonna convince me that all that spammers are runnig on a free cloudflare account... what you could do is disallow them to use the service so it's easier to find there true host..... that service is helping them hide there ass Cloudflare and those "whois proxys"(both are not related) (whoisguard comes to my mind) are a pain in the ass i can't understand why nobody sees that Spammers hide there real identity spam forums including mine and i have to clean up the mess next time i'll send the bill to Cloudflare($5000000 / spam issue i have to clean)
Posted by drspliff, 06-11-2011, 07:53 AM
I have a single site which pushes 80 million hits and 500 gb of bandwidth per month through CloudFlare on a free account and it works absolutely fine. I expect the spammy site you have a grudge against gets an order of magnitude less traffic, probably doesn't use SSL or any of the 'advanced/pro' features and as such would work absolutely fine on a free account. If you really want their IP address check out the MX records for their domain, it'll probably go straight through to their web host. I'm giving up now, cpanellover just doesn't seem to comprehend what CloudFlare is or why his arguments are utterly laughable.
Posted by cenourinha, 06-11-2011, 09:54 AM
CloudFlare do not host any dinamic content or script that would spam your forum. It works like a CDN with additional features.
Posted by quantumphysics, 06-11-2011, 10:24 AM
he means people selling spammertools like senuke and xr are hiding behind cloudflare ton ot get reported to abuse
Posted by damoncloudflare, 06-11-2011, 10:31 AM
he means people selling spammertools like senuke and xr are hiding behind cloudflare ton ot get reported to abuse" If someone files an abuse report with CloudFlare, we will release the IP address of where the site is hosted.
Posted by quantumphysics, 06-11-2011, 10:35 AM
Will you notify the site owner that the IP was disclosed and to who also?
Posted by damoncloudflare, 06-11-2011, 10:38 AM
really ? then you need a glasses Cloudflare pro is not free ($20/month for the 1st $5/month for each additional website) you're not gonna convince me that all that spammers are runnig on a free cloudflare account..." "Spammers hide there real identity spam forums including mine and i have to clean up the mess next time i'll send the bill to Cloudflare($5000000 / spam issue i have to clean) [/QUOTE]" Again, we're not a hosting provider. We're more than happy to release the IP address of where the site is hosted for any complaint. "what you could do is disallow them to use the service so it's easier to find there true host..... that service is helping them hide there ass" We couldn't do anything to pull their sites down. This has to be done at the hosting level. We're also not the internet content police. Let me put it this way: Let's say someone made a complaint about your site. Would you like us to pull down your site because one person made a complaint? There's a reason there is a process in place to address these issues. ""really ? then you need a glasses Cloudflare pro is not free ($20/month for the 1st $5/month for each additional website) you're not gonna convince me that all that spammers are runnig on a free cloudflare account..."" Again, this doesn't factor into the equation at all. We also don't provide any of the following: 1. Hosting. 2. Mail. 3. Domain registration. CloudFlare Pro accounts simply offer more features than free accounts. It has nothing to do with your concern.
Posted by damoncloudflare, 06-11-2011, 10:41 AM
Yes, we do notify site owners when pretty much any complaint occurs (only exception really is with a petty complaint, which happens more often than you think). A petty complaint is something like: "Someone said something untrue about me". At the same time, we also encourage people to contact the site owner directly with any concerns.
Posted by eva2000, 06-11-2011, 11:34 AM
couldn't you do so under section 11 Prohibited uses clause of your TOS http://www.cloudflare.com/terms.html ?
Posted by cpanellover, 06-11-2011, 11:40 AM
ah finally somebody who sees the point... you get a free beer
Posted by cpanellover, 06-11-2011, 11:42 AM
so if i reported that site under my real name you would reveal my name to the account owner ? hmmm privacy law violation... oooh yeah contacting a spammer to close down his moneysource smart move
Posted by cpanellover, 06-11-2011, 11:52 AM
said by a nobody.... also you refer to "tos" it's not because it isn't mentioned there that it's legal the law noobie the law so according to you this is legal if it's mentioned in you so (howly) tos IT IS NOT LEGAL who's the nobody now ?
Posted by drspliff, 06-11-2011, 12:25 PM
I have already stated that there are two situations where your complaint would have any validity at all: 1) If it's against the CloudFlare TOS 2) If it's illegal in the United States or the country hosting the website. 3) It is not a 'privacy violation' for a proxy/cache service to pass on the contact details of somebody making a formal complaint. From reading the CloudFlare TOS it seems 1) has no grounds. Perhaps you should read them too. CloudFlare obviously have the right as a private company to not do business with particular customers, but they have no legal obligation. From extensive research I have not found a single case, let alone any valid legal interpretation where a proxy/cache service, a web host or the person running the website selling xR* style spamming software would be against the law. The burden of proof is in your hands, if you do find a bill or legal precedent in the United States which says otherwise - please share it with us all. For now you can help yourself by not making superfluous and legally baseless claims, you're just acting childish.
Posted by cpanellover, 06-11-2011, 12:36 PM
allright since you lack the mental ability to understand it let me write it down for you SPAM IS ILLEGAL !!!!!!
Posted by DevMonkey, 06-11-2011, 01:12 PM
I would have expected that CloudFlare would take down illegal sites which they are proxying personally. Well, not take down the site but stop serving it through the CloudFlare network. I don't think the OP has put their point across very well but I certainly agree with them. Edit: the ToS has little to do with this either, if the ToS doesn't "allow" them to stop serving sites in these cases then they need to update it and take action, in my opinion of course.
Posted by drspliff, 06-11-2011, 01:55 PM
Please cite the laws or legal precedent which make this illegal, as I said - the burden of proof is on you since you are the one making the claims.
Posted by cpanellover, 06-12-2011, 01:57 AM
http://www.email-marketing-reports.com/canspam/eu/ Last edited by cpanellover; 06-12-2011 at 02:03 AM.
Posted by drspliff, 06-12-2011, 10:02 AM
Some of the earlier and absolutely essential points are, please correct me if I am wrong: CloudFlare is a company operating within US jurisdiction. What you were claiming to be illegal was: people selling software to automatically post forum comments or through contact forms, primarily used for SEO. You claim CloudFlare has legal obligation under US law to not provide services to them. Which somehow resulted in you linking to a page of resources specific to laws in the EU and its member states. Good job, I must award you a "so close, yet so far" trophy. Secondly: the CAN-SPAM Act of 2003 is specific to e-mail and the Telephone Consumer Protection Act of 1991 is specific to FAX, SMS and telephones. The extent of their remit is very clear, and are not applicable to forum/comment spam unless you can find a valid interpretation of "commercial electronic mail message" which includes forum/comment spam. If you want a definitive answer I suggest you contact a lawyer who specialises in these matters, I'm sure they'll be willing to enlighten you for a reasonable fee. Last edited by drspliff; 06-12-2011 at 10:16 AM.
Posted by cpanellover, 06-12-2011, 12:32 PM
that is rediculous spam == anything that involves/generates money i wish all that jerks (i'm verry polite now) would find a job by actually doing something besides sitting on there ass and posting there **** nevertheless they have a enemy for life i will fight it forrever wheter it's legal or not.You could be right that that laws only cover email/sms etc i fail to see the difference however... spam is spam and it sucks like a piece of ...
Posted by damoncloudflare, 06-12-2011, 10:11 PM
We're more than happy to release the IP address of the site in question. Contact us with the request and we will get back to you within a day. You can then report your issues with the domain to the hosting provider and/or any law enforcement authority to have it investigated.
Posted by swilly, 06-12-2011, 10:37 PM
The difference is you are trying to have them enforce something that is not illegal. The CAN SPAM laws, particularly apply to email or faxing. If someone is sending you an email, then yes it would be against the law in the US. You really need to contact a lawyer to advise you of your rights. Because you are making claims that are baseless and factually incorrect. PS: If it is a problem, do what thousands of other people do, and install akismet or 100 other solutions. Heck, maybe even install Cloudflare - I hear they can block unwanted comments Last edited by swilly; 06-12-2011 at 10:40 PM.
Posted by InfiniteTech, 06-13-2011, 02:27 AM
It is illegal. You are abusing a foreign network with unwanted and unsolicited content, be it email or straight HTTP. You can either sue them or block them. Which seems more economical and time-saving? Whatever the accepted norm is, does not have to be the only legal course of action. You can do both or either one.
Posted by swilly, 06-13-2011, 02:58 AM
And you received your JD from where? Or do you just play an attorney on the internet. I would also LOVE to hear what precedent you are basing these claims on. As I am sure cloudflare would. Especially since their CEO is an Adjust professor at a Chicago Law school and has a little more sense as most of us than you.
Posted by InfiniteTech, 06-13-2011, 03:10 AM
That was from my experience. 8 years in the business, we've stumbled over these blocks. p.s. How hard was it for you to understand my post? I though it was pretty self-explanatory. Are you by any chance a provider or work as a network op/abuse dept. for a provider?
Posted by cpanellover, 06-13-2011, 09:05 AM
i use akismet but it's an interim solution i don't want it blocked i want it stop <> Last edited by bear; 09-24-2011 at 12:02 PM.
Posted by flam316, 06-13-2011, 10:51 PM
I'm having trouble finding a comment of yours that has a bit of truth in it: CloudFlare BLOCKS spam; they don't cause spamThey offer a FREE service, which most of their clients use (although they do offer a paid service as well)They have an extremely smart teamThey are constantly rolling out improvements, new DCs, and features Last edited by bear; 09-24-2011 at 12:02 PM.
Posted by cpanellover, 06-14-2011, 02:03 AM
allright time for some facts .... Still having trouble finding the "truth" ? :rolleyes:
Posted by flam316, 06-14-2011, 07:13 AM
Simply put, yes. In the OP, you stated you never used CloudFlare. And I never mentioned anything about you using CloudFlare anyways. Read what I wrote before you reply, please.
Posted by cpanellover, 06-14-2011, 08:25 AM
the truth is in post #35 look at the namservers since i have to spell everthing out (hmm can't think yourself ?) so a spammer blocks spam lol that's funny
Posted by flam316, 06-14-2011, 09:44 AM
I saw the nameservers, but that's irrelevant. I want hard proof that they spam. Post screenshots or it didn't happen. I have a hard time believing that a service that protects against spam spams themselves.
Posted by quantumphysics, 06-14-2011, 09:53 AM
they don't. it's just that they're instant activation and as such, spammers are hiding behind them to not reveal their real ip...
Posted by cpanellover, 06-14-2011, 02:46 PM
i give up you're just to .... to understand if you find that irrelevant by the way i never said cloudflare whas spamming it's there "we're not a host" attitude that irritates me this indicates spam friendlyness the "we're not a host" is technically true but they should disallow there service to be used by spammers as an anonymizing service
Posted by cpanellover, 06-14-2011, 02:48 PM
finally somebody who understands the point...
Posted by drspliff, 06-14-2011, 03:50 PM
But... they really aren't a host. How does stating a blindingly obvious fact make them spam-friendly? Last edited by drspliff; 06-14-2011 at 03:57 PM.
Posted by flam316, 06-14-2011, 08:54 PM
Even if people are spamming behind CloudFlare, what makes it CloudFlare's fault? CloudFlare themselves are not the spammers here. Even if there were spammers behind their network, they would be right on it... I've worked with them long enough to know that they are on top of everything. In fact, it's much more likely that this thread is spam than spammers BEHIND CloudFlare's network. Please post some sort of proof.
Posted by cpanellover, 06-15-2011, 03:02 AM
Service provider is responsible for everything they provide goooch you're as d... as that other guy True not themself by users of the service.... i think YOU are a spammer that's scared ... you're so dumb....
Posted by drspliff, 06-15-2011, 04:31 AM
Again - legally and practically untrue. Please see 17 U.S.C. Sec. 512. Limitations on liability relating to material online [DMCA Safe Harbor provisions]
Posted by cpanellover, 06-15-2011, 08:02 AM
well well http://www.webhostingtalk.com/showthread.php?t=1039101 you're a cloudflare ass kisser (not that it surprises me though It may be they can't be held responsible legally but for f... sake do something about the spammers
Posted by DevMonkey, 06-15-2011, 10:46 AM
Domain name: ******unleashed.com Name Servers: kip.ns.cloudflare.com nina.ns.cloudflare.com IP Address: 199.27.134.81 (CloudFlare) So, it's safe to say that the webiste http://www.******unleashed.com/ is also being hosted (served up) by CloudFlare, even if CF is just a proxy through to another host. Now I'm not saying it's illegal to host such a website but doesn't it make you think? CloudFlare are supposed to be preventing spam and here they are hosting websites which serve as a tool to spam. For example "NEW Comment Bombing Mod (Value of 79.95)". CloudFlare, if legally allowed (I would have thought so, it's their own network), should be booting these sites off in my opinion if they're really here to fight spam. Of course the website will pop up elsewhere but why should CF help them out in the mean time! Edit: Ummm OK, so WHT has the website in question filtered (or part of it) - I'm not going to risk having my account disabled by sharing it but that just proves that the kind of site in question is UNWANTED.
Posted by damoncloudflare, 06-15-2011, 11:06 AM
Similar to the other part of the discussion, we're not a hosting provider and our ips only show because we're acting as a reverse proxy for sites. If you have a legitimate complaint against any domain on our service, we're more than happy to release the IP address of the site in question so you can report it to the hosting provider and/or any other authority. We can't just boot sites off of the internet and act as a censor.
Posted by cpanellover, 06-15-2011, 11:08 AM
yeah that word is censored but i know what you mean
Posted by cpanellover, 06-15-2011, 11:15 AM
why not ? i only see one reason you're earning money on serving those spammers... (next he will reply they all run on a free account) which i don't beliieve...
Posted by drspliff, 06-15-2011, 11:50 AM
At this point I don't think you're willing to accept anything which about CloudFlare which conflicts with your personal convictions.
Posted by cpanellover, 06-15-2011, 11:58 AM
depends on whether people are telling the truth or not usually when my nose itches something is going on
Posted by eming, 06-15-2011, 12:06 PM
well, you sort of are to be honest... Content is served by your proxies, so you are technically hosting it. The content is on your servers... I am pretty sure that you would be just as liable as any other host on WHT. Perhaps not, but you can be liable if you decide not to... D
Posted by flam316, 06-15-2011, 01:36 PM
CloudFlare offers a great service, better than a lot of those for which you have to pay thousands of dollars for. It is a free service that actually WORKS. I have no problem promoting them. Thank you for providing some sort of factual evidence. This domain should be reported. Hey, Damon. In this instance, I don't think this works. I remember you guys said the same thing for LulzSec, but they weren't using your service do hide themselves (or something of the sort). It would be innapropriate to censor them, but in a situation where spammers are using CloudFlare IPs to hide themselves, I feel it is necessary to give them the boot. In the video on the CloudFlare homepage, it says "CloudFlare is like a community watch". A community watch against "the bad guys of the internet", right? But what if a "bad guy" joins your service? In a normal community watch, he/she would be kicked out instantly because that is exactly what the community watch is fighting against. This situation can is directly correlated to the situation we have on our hands here. If there are spammers using CloudFlare IPs and are apart of the CloudFlare community watch, than they should be kicked out. Not to mention that websites under CloudFlare are susceptible to spam from these domains because they use CF IPs. Maybe you should send this to Matthew, Damon. If you don't believe it, why don't you try it out for yourself? They kind of don't host anything. They keep a cached copy for a while, but that's not really hosting because they don't have the original file. To cpanellover: WHT is not a place to troll.
Posted by InfiniteTech, 06-15-2011, 03:39 PM
This must be a joke of some sort that I didn't understand. Like Ditlev just mentioned, You are the one who is going to be held responsible for that content (along with your customer) because you are making the content available to the public. The data is being served of your network regardless of where it originates from. Period. The "true" hosting provider wont be responsible (or atleast not as much as you) since they are not making the content publicly available. There is no argument in this matter at all. Please consult with another attorney, you're current legal consul is playing with you.
Posted by KarlZimmer, 06-15-2011, 07:39 PM
Seems CloudFlare might be a bastion for illegal activity, etc. then? It seems Lulzsec, http://www.lulzsecurity.com, is also hosted with CloudFlare.
Posted by damoncloudflare, 06-15-2011, 07:50 PM
There is no argument in this matter at all. Please consult with another attorney, you're current legal consul is playing with you." -We have consulted with the best attorneys in technology law. -The content is stored at the origin server, which is with the hosting provider. We don't have access to any site's server. -We don't cache all content (only static content)
Posted by flam316, 06-15-2011, 07:51 PM
Now this is where what Damon said comes true: CloudFlare doesn't sensor content. LulzSec isn't using CloudFlare as a hacking vessel. They are simply using to keep their own site up from constant DDoS attacks. In actuality, it helps the CloudFlare system in general. Read this article about CloudFlare and LulzSec.
Posted by damoncloudflare, 06-15-2011, 07:58 PM
Hey, Damon. In this instance, I don't think this works. I remember you guys said the same thing for LulzSec, but they weren't using your service do hide themselves (or something of the sort). It would be innapropriate to censor them, but in a situation where spammers are using CloudFlare IPs to hide themselves, I feel it is necessary to give them the boot." I've talked about these situations (and others) with Matthew in quite some detail already. Again, we can release the IPs of the host server for an issue with any domain if we receive a valid complaint. We also work with law enforcement when contacted about an issue with any domain. "situation where spammers are using CloudFlare IPs to hide themselves, I feel it is necessary to give them the boot." There's a reason that companies have procedures in place to deal with these things. While I can empathize with anyone having issues of any sort, the emotional part of it has to go out the window & has to be set by following procedures or policies.
Posted by KarlZimmer, 06-15-2011, 08:33 PM
I was not trying to say it was bad. I'm also against censorship, simply pointing it out that that seems to be the sort of clientele it is attracting. We've also gotten complaints about not censoring content and defended it, just check our Wikipedia article, etc.
Posted by cpanellover, 06-16-2011, 02:04 AM
and that one is linking to torrents illegal in the us...
Posted by cpanellover, 06-16-2011, 02:12 AM
flam316 always has an excuse ready to "goodtalk" cloudflare if you talk like that there's always an excuse ... what did cloudflare do to make you lick there ass
Posted by cpanellover, 06-16-2011, 02:33 AM
never mind found the answer myself .... those accounts are all free i assume
Posted by Sparrow-Sean, 06-16-2011, 02:48 AM
Lulz - Would certainly make this a hacking haven to e-mails & spammers a like
Posted by InfiniteTech, 06-16-2011, 09:45 AM
You cache it or not no one bothers. Data is being transmitted to the public by your network. Carriers in between aren't going to be held liable since the data does transmit through their network but nothing is accessible directly off their servers. If you have consulted with an attorney, good. But just keep an eye.
Posted by xtrac568, 06-16-2011, 09:59 AM
SPOT ON. When CDN operates in a reverse-proxy way, it does not matter if data is cached or not internally. Also you don't really know whats going on when you hit a CDN node, or that you are even hitting the CDN..
Posted by vx|brian, 06-16-2011, 10:27 AM
We have been one of the first partners to adopt CloudFlare, we used the API and we have our own implementation of their control panel in our platform. They do not host any of the content, it is cached in servers scattered around the world in order to make sites load better and faster. They do not however allow anyone to use CloudFlare. While the doings of "LulzSec" is questionable, it's not up to CloudFlare to decide who uses them or not, they're simply providing a service to improve websites. However, this does not mean that CloudFlare lets anything slip. We have always had a contact with them who would notify us if there was any phishing sites placed on a hosting account and we would take action promptly. In all means, I take CloudFlare's side in this, because they cannot start reviewing all content that goes through their CDN, deciding what is "okay" to host and what is not, however, in the event that a report comes in regarding a site where action must be taken, they are ready to take action.
Posted by InfiniteTech, 06-16-2011, 12:02 PM
Okay, let me ask you this. If you are going to use the "acts only as a proxy and nothing more" dialogue. Why take down the phishing site? You are only being a proxy in this circumstance too. As for the LulzSec, here you go: http://lulzsecurity.com/releases/senate.gov.txt Now that file rests as a cached copy on CloudFlare's servers. Doesn't it? It does not matter if you fetch it from origin and pass the rest on or store a copy of that on your disk. It is still being served off your server (server's RAM). CloudFlare is hosting this content and is making it publicly available. Period. I don't know why people are arguing about this.
Posted by eming, 06-16-2011, 12:05 PM
100% agree Do you think Limelight or Akamai would get away with caching warez/DMCA content? I doubt it. And Cloudflare is no different.
Posted by vx|brian, 06-16-2011, 02:26 PM
I understand where you guys are coming from, however, we have to put things in place where CloudFlare does not control the content it hosts. If a phishing report comes in, they will take it down and take action. Clearly, the concerned parties in this issue have not taken any action, so who is CloudFlare to decide the validity of content. They have to remain somewhat neutral.
Posted by InfiniteTech, 06-16-2011, 02:41 PM
Certainly not. They HOST the content (RAM or HDD does not matter) and make it available to the Internet. Explain me this: Why process reports on a phishing report?
Posted by cpanellover, 06-16-2011, 02:46 PM
that whas my question to phishing is not the only abusive material you know....
Posted by flam316, 06-16-2011, 04:30 PM
Cloudflare does not cache .txt files.
Posted by InfiniteTech, 06-16-2011, 04:51 PM
It does. In its server's RAM/memory modules while the data is being made publicly available. It might not store it for hours on the disk or even a few seconds. But that .TXT file is being served off CloudFlare's server.
Posted by DevMonkey, 06-16-2011, 09:16 PM
CloudFlare wants to help stop spam, yet they are serving up websites from their own servers, even if only by proxy, which are selling tools to do things like a) break through captcha b) automatically post on forums c) automatically post comments on blogs, etc. Does this make sense? No, not at all. It's kinda like The Pirate Bay. They don't HOST the actual warez/movies etc, only the torrent files & stats. Does the law chase TPB? Yes. Would most US hosts, for example, touch TPB? NO. CloudFlare shouldn't be touching these sites selling spam software, blackhat SEO tools etc because they're only taking part in illegal activities, contributing spam back to the internet etc... if they truely want to stop spam etc on the internet. Plus it's just silly to help host these sites either way, if not illegal (and I'll repeat again, by serving the sites up through proxy, CloudFlare is acting as the host for these websites, to the end user). + in some cases CF will even cache website content, for example when your origin host is offline, CF will serve up cached copies of your site - so in a case such as this, they are the sole host involved! Last edited by DevMonkey; 06-16-2011 at 09:19 PM.
Posted by layer0, 06-16-2011, 09:59 PM
Are you sure they don't cache .txt? I would think that given these are clearly static documents, it would make a lot of sense to cache.
Posted by flam316, 06-16-2011, 10:20 PM
Here are all the extensions that CloudFlare caches .
Posted by layer0, 06-16-2011, 10:32 PM
Ah, thanks for the link. I guess either way though, the point still holds that Cloudflare is assisting in the process of distributing/serving this content. While they aren't directly hosting it, it isn't too far from that.
Posted by flam316, 06-16-2011, 10:42 PM
I don't really think so. They are only serving the CSS/JS/Images of their site, none of which is related to any malicious content. They are using CloudFlare to protect against DDoS/DoS and other attacks. I see no harm in that. Do they just get to choose who uses their service or who doesn't? I can understand when a spammer is using CloudFlare to do harm, but LulzSec really isn't using CloudFlare for anything other than their own protection. If the feds ask CloudFlare to turn over all they got, all they really have is some CSS and images. tl;dr : They don't host any of LulzSec's malicious content or anything related to it. Just some CSS/JS/Images and that's it.
Posted by DevMonkey, 06-16-2011, 10:51 PM
Lulzsecurity.com is hosted by 199.27.134.62 - a CloudFlare IP Address. Sure, CloudFlare is only acting as a proxy to the origin host but the website is still being served to end users by CloudFlare - you can't argue that. In addition to this, as I understand it, if for example the origin host is offline, CloudFlare WILL serve a cached version of the website too. Edit: Like I said earlier, I still think that CloudFlare is a cool & interesting service. However I agree with others in here that websites selling spamming tools, captcha cracking tools etc should not be getting served up by CF. It goes against their whole "anti spam" thing.
Posted by layer0, 06-16-2011, 11:02 PM
They have more than that. How about access logs of all the site's visitors and a record of all requests made to the site as well? I am not trying to attack Cloudflare, just stating that from a technical perspective, they ARE playing an important part in the distribution of this content.
Posted by damoncloudflare, 06-16-2011, 11:05 PM
I will once again repeat that we are not a hosting provider. If anyone has a valid complaint against a site, we're more than happy to send the IP address of the site in question so you can report the potential abuse to the hosting provider and/or any appropriate agency related to that concern. -We can't censor content on the internet, and we most certainly can't review all content that sites might post that some might find objectionable. -CloudFlare will (and does) work with law enforcement inquiries that follow procedures prescribed by law. -Only a law enforcement agency can actually charge someone with a crime.
Posted by DevMonkey, 06-16-2011, 11:20 PM
That's what you think I will once again repeat that you are serving content to the end user. Would you be happy for WikiLeaks to be on the CloudFlare network a few months back? I mean, after all.. you're not the hosting provider... just proving a tunnel + in some cases cache to that website CloudFlare, unless configured otherwise, serves up the content for the websites on the CF network. - Website is on Host - CloudFlare fetches content from Host and serves it up to Client CF is serving the content. You are also hosting particular content - for example the content which you keep a cache of. http://en.wikipedia.org/wiki/Host_(network) http://en.wikipedia.org/wiki/Internet_hosting_service Anyway, I don't think - in my personal opinion - that the CF attitude to this stuff is right. We're going round in circles so should probably leave it here Good to see people like Ditlev come in and share their view, considering their vast experience in the hosting industry. A similar view to my own it would seem! Last edited by DevMonkey; 06-16-2011 at 11:28 PM.
Posted by InfiniteTech, 06-17-2011, 02:23 PM
Another question to your answer. How do I know that the IP address you are proxy'ing to is the one that you provide? Example: Block all incoming/outgoing traffic except those IPs from CloudFlare. You reverse proxy the illegal content and put it out to the world. No one else can access the illegal content from the IP address you have provided. Hence, no warrant can be issued in that regard to investigate content on the "hosting servers". You are liable. Case closed. You are hosting and serving this content (on RAM or HDD, does not matter). In a place like Sweden, where a tracker can be held liable for infringing copyright works. It won't be too hard to blame a tunnel service provider (in the pure sense, you are) in the US for assisting in the distribution of illegal material. Consult with your technical team to explain how you technically host the content you serve. I'm getting a tiny bit irritated with your repetitive, uninformed replies. Please reconsider. Everyone at WHT are only trying to help you before someone actually pulls the plug on you guys.
Posted by flam316, 06-17-2011, 11:03 PM
I wasn't going to post in this thread anymore, but this doesn't make any sense: They don't host any of their releases (.txt files or torrents). They don't host their HTML. How can they be liable? I wouldn't doubt that they have researched this issue extensively. If it means anything, the CEO is a "Proffesor of Law". He educates college students about "Computers and the Law". He might know a thing or two about this (not to say that any of you don't).
Posted by DevMonkey, 06-17-2011, 11:24 PM
They do host / serve up the HTML unless configured otherwise. They act as a proxy to the original website. The end user is accessing the HTML from CloudFlare servers.
Posted by Server Management, 06-17-2011, 11:35 PM
I though cloudflare was just a cache? Its abit like saying Firefox is liable because it serves pages to end users... Crazy TBH
Posted by DevMonkey, 06-17-2011, 11:45 PM
I'm not saying that they are liable, I wouldn't know to be honest... you make a good point but then Firefox is just downloading the content rather than serving it up to other users on the internet.
Posted by Dregond Rahl, 06-18-2011, 02:28 AM
I tried CloudFlare twice, each time i find 60% of members from my site denied access. They block ips but never released its a shared IP from a university, or campus or internet provider, so anyone in asia usually gets blocked and i have sit and unblocks 100s of ips only to do it again the next day since ips are dynamic. Its a good idea CloudFlare, but i think they need to approach the service a bit different and more stable. Another thing, when i checked from sri lanka it completely ignored CloudFlare DNS routing. so i never felt the advantage of going thru the japan line.
Posted by cpanellover, 06-18-2011, 03:01 AM
sarcasm> you have to buy a pro account to us it in spam heavy areas
Posted by anon-e-mouse, 06-18-2011, 03:30 AM
And

Add to Favourites Print this Article