Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

CloudFlare Blocks?
New on LowEndTalk? Please Register and read our Community Rules.

CloudFlare Blocks?

jbilohjbiloh Administrator

Hi Everyone,

In our continuing efforts to tweak our security settings I wanted to check in to see who is having CF issues.

If you are having an issue, please either respond to this thread of PM me.

Please include:

  1. The ISP you are trying to connect to LET via
  2. What you are doing when you get the block
  3. The type of block (JS challenge, full out block, etc)

Thanks everyone!

Jon Biloh

Comments

  • Im guessing the full out blocked people might not be able to respond to this thread lol

  • jbilohjbiloh Administrator

    @NobodyInteresting said:
    Im guessing the full out blocked people might not be able to respond to this thread lol

    Good point, of course, but only a limited number of AS#'s are blocked full out, so the impact in that regard should be limited. A couple of of folks who are on those blocked AS#s are visiting via other proxies, or their regular residential ISP.

    Jon Biloh
  • defaultdefault Member
    edited April 10

    If I were blocked by LET because of Cloudflare, I would simply quit visiting LET. It's much simpler than actually fighting with Cloudflare (or LET) for not wanting me.

    Using Tor, or VPN, or filling lots of captcha with truck/motorcycle parts, or simply waiting 10 seconds for a thread to load... all this ain't worth my time in my opinion. It's their problem, not mine. I would just quit LET.

    Fastmako (aff) - another cheap VPS.

  • I don't mind yet. Just 5 more secs from my life.

  • @Boogeyman said:
    I don't mind yet. Just 5 more secs from my life.

    You can do 2 push-ups in 5 seconds.

    You can cancel 1 idling VPS in 15 seconds.

    Thanked by 1Pwner

    The CDC says fully vaccinated people do not need iptables firewall and DDoS protection.

  • MoofieMoofie Member

    Possible to look into whitelisting https://monitorss.xyz/ for RSS?
    Maybe they have a user agent that can be allowed.
    Right now Cloudflare is blocking it which you can test here
    (insert https://www.lowendtalk.com/categories/offers/feed.rss to test)

  • hzrhzr Member, Moderator

    have gotten some complaints from M247 AS9009 vpn users. maybe make them require CAPTCHA for truck/motorcycle parts instead of a complete block?

  • defaultdefault Member
    edited April 11

    @Boogeyman said:
    I don't mind yet. Just 5 more secs from my life.

    Or you can simply quit because they don't care about your valuable time.

    As a side note: if you would die soon, you will wish you had just 5 more precious seconds. Yet you're willing to waste your precious time waiting for a billion dollar corporation to consider you eligible each time when visiting simple website. I can only hope you enjoy this waiting.

    Thanked by 1ivysaur

    Fastmako (aff) - another cheap VPS.

  • @default said: Or you can simply quit because they don't care about your valuable time.

    As a side note: if you would die soon, you will wish you had just 5 more precious seconds. Yet you're willing to waste your precious time waiting for a billion dollar corporation to consider you eligible each time when visiting simple website. I can only hope you enjoy this waiting.

    What about this robot?

    Thanked by 1miu
  • JasonMJasonM Member

    JS block when using VPN IPs from Browsec and Adguard VPN from netherlands, US, UK ips.
    No block on my home IP. but I do get cloudflare-checking-my-browser-page which displays wait for 5 seconds and I get redirect to LET homepage.

  • @jbiloh said: only a limited number of AS#'s are blocked full out,

    You should block AS36352... A lot of spam originates from there :)

    Thanked by 2_MS_ yoursunny
  • 0xbkt0xbkt Member

    AS20978, i'm getting issued a js challenge at least a dozen times everyday. it happens when i'm visiting let after a while (maybe an hour or more).

  • jbilohjbiloh Administrator

    I have made a number of additional tweaks and improvements to the settings for CloudFlare.

    Please let me know if anyone who was facing issues sees some improvements.

    One of the tweaks was reducing the amount of time required for JS Challenges from 8 hours to every 24 hours.

    Thanks for the feedback everyone. :)

    Jon Biloh
  • _MS__MS_ Member
    edited April 11

    @Daniel15 said: AS36352

    Careful.

    "Signatures longer than most of your posts that fill significant portions of our screens. It should not be more than two lines, nor should it be distracting."

  • MS said:

    @Daniel15 said: AS36352

    Careful.

    "Signatures longer than most of your posts that fill significant portions of our screens. It should not be more than two lines, nor should it be distracting."

    Oops... I fixed it!

  • Guess I'm lucky, no issues accessing LET, even when it was under attack.
    No 503's or reCAPTCHA.

  • dopogiodopogio Member

    It has definitely improved for me.

  • jbilohjbiloh Administrator

    @dopogio said:
    It has definitely improved for me.

    Perfect glad to hear that!

    Jon Biloh
  • If LET is attacked so often, it might be time for BuyVM Slices + Path.net IP
    CloudFlare can drive you crazy with their great regulations and mitigation ...

  • miumiu Member
    edited April 11

    Please include:

    The ISP you are trying to connect to LET via
    What you are doing when you get the block
    The type of block (JS challenge, full out block, etc)

    YES (and i really hate it and i am disappointed quite from it)

    1) Practically all public VPN services (what u use often) bcs CF use list of their IPs as "bad reputation IPs"
    2) Sure read a lot less LET bcs i do not have time x time daily disconnect or reconnect and interrupt all ( ongoing ssh connection on workstation etc)
    3) FULL BLOCK - good bye..

    After long time thing what significantly frustrate me on LET

    HostUS <3 | BuyVM :+1: | HostHatch :star: | LetBox B) | CrownCloud B) | Vultr :smiley: | OVH ;) | HudsonVH ;) | Viridweb ;) | Novos ;) | MaxKvm ;) | LiteServer :blush: | netCup :blush: | THANKS for awesome services :+1:

  • miumiu Member

    @default said:
    If I were blocked by LET because of Cloudflare, I would simply quit visiting LET. It's much simpler than actually fighting with Cloudflare (or LET) for not wanting me.

    Using Tor, or VPN, or filling lots of captcha with truck/motorcycle parts, or simply waiting 10 seconds for a thread to load... all this ain't worth my time in my opinion. It's their problem, not mine. I would just quit LET.

    Very good wrote. The same behavior at me - when i have fight with google recaptcha unreal bordering hell, or CF, then i often leave immediately such pages
    (another example what i stop visit ever is Reliable site - their CF relationship definitely discouraged me view and watch their offers ever)

    HostUS <3 | BuyVM :+1: | HostHatch :star: | LetBox B) | CrownCloud B) | Vultr :smiley: | OVH ;) | HudsonVH ;) | Viridweb ;) | Novos ;) | MaxKvm ;) | LiteServer :blush: | netCup :blush: | THANKS for awesome services :+1:

  • rcxbrcxb Member

    Gullo hosting IP getting frequent javascript checks: 95.216.20.84

    Even for just the RSS feed URL (which RSS readers can't get through). I thought that issue was previously fixed, but it seems not:

    $ wget https://www.lowendtalk.com/discussions/feed.rss 
    HTTP request sent, awaiting response... 503 Service Temporarily Unavailable
    2021-04-11 12:06:36 ERROR 503: Service Temporarily Unavailable.
    

    I switched to another host which isn't hassled nearly so much, no big problem for me.

  • jbilohjbiloh Administrator

    @miu said:

    Please include:

    The ISP you are trying to connect to LET via
    What you are doing when you get the block
    The type of block (JS challenge, full out block, etc)

    YES (and i really hate it and i am disappointed quite from it)

    1) Practically all public VPN services (what u use often) bcs CF use list of their IPs as "bad reputation IPs"
    2) Sure read a lot less LET bcs i do not have time x time daily disconnect or reconnect and interrupt all ( ongoing ssh connection on workstation etc)
    3) FULL BLOCK - good bye..

    After long time thing what frustrate me on LET

    Only a handful of VPN networks are sent to a Js challenge right now. If you could private messaging me more information on issues you are facing today that would be helpful.

    Jon Biloh
  • miumiu Member

    @jbiloh said:
    Only a handful of VPN networks are sent to a Js challenge right now. If you could private messaging me more information on issues you are facing today that would be helpful.

    UPDATE: now when i tried it, checked VPN servers (often used by me) can load LET pages, so it seems be improved, thanks

    HostUS <3 | BuyVM :+1: | HostHatch :star: | LetBox B) | CrownCloud B) | Vultr :smiley: | OVH ;) | HudsonVH ;) | Viridweb ;) | Novos ;) | MaxKvm ;) | LiteServer :blush: | netCup :blush: | THANKS for awesome services :+1:

  • jbilohjbiloh Administrator

    @miu said:

    @jbiloh said:
    Only a handful of VPN networks are sent to a Js challenge right now. If you could private messaging me more information on issues you are facing today that would be helpful.

    UPDATE: now when i tried it, checked VPN servers (often used by me) can load LET pages, so it seems be improved, thanks

    Glad we've made some progress and it's working better for you.

    Thanked by 1miu
    Jon Biloh
  • @default said:

    @Boogeyman said:
    I don't mind yet. Just 5 more secs from my life.

    Or you can simply quit because they don't care about your valuable time.

    Think of all the time you'd save if you just quit LET right now! No captcha's needed.

    As a side note: if you would die soon, you will wish you had just 5 more precious seconds. Yet you're willing to waste your precious time waiting for a billion dollar corporation to consider you eligible each time when visiting simple website. I can only hope you enjoy this waiting.

    Who the fuck would wish for just 5 more seconds if they were about to die? While you're a super drama queen, that's a new level of hyperbole for you.

  • defaultdefault Member

    @TimboJones said:

    Who the fuck would wish for just 5 more seconds if they were about to die? While you're a super drama queen, that's a new level of hyperbole for you.

    I would, and all the dying people I met. (You don't know me, nor should you.)

    Fastmako (aff) - another cheap VPS.

  • TimboJonesTimboJones Member
    edited April 11

    @default said:

    @TimboJones said:

    Who the fuck would wish for just 5 more seconds if they were about to die? While you're a super drama queen, that's a new level of hyperbole for you.

    I would, and all the dying people I met. (You don't know me, nor should you.)

    What would you do in 5 more seconds? Jesus Christ, how about 5 days, 5 months, or 5 years instead of 5 seconds? So all the dying people you've met, they'd JUST want 5 more seconds? That's ridiculous and/or stupid.

  • defaultdefault Member

    @TimboJones said:

    @default said:

    @TimboJones said:

    Who the fuck would wish for just 5 more seconds if they were about to die? While you're a super drama queen, that's a new level of hyperbole for you.

    I would, and all the dying people I met. (You don't know me, nor should you.)

    What would you do in 5 more seconds? Jesus Christ, how about 5 days, 5 months, or 5 years instead of 5 seconds? So all the dying people you've met, they'd JUST want 5 more seconds? That's ridiculous and/or stupid.

    I shall stop replying to you, you are not worth my 5 seconds to reply to you. Sorry, I shall pretend I'm on PMS, just for you.

    Fastmako (aff) - another cheap VPS.

  • FritzFritz Member

    No More additional 5 sec check by CF now.

    Some VPN is still blocked though.

    Good progress. :smile:

    I'm Good!

  • jbilohjbiloh Administrator

    @Fritz said:
    No More additional 5 sec check by CF now.

    Some VPN is still blocked though.

    Good progress. :smile:

    Glad it's better for you now. Thanks for taking the time to let us know.

    Jon Biloh
  • jbilohjbiloh Administrator

    Some more tweaks were just made, so hopefully folks are receiving fewer challenges and blocks now.

    Jon Biloh
  • jbilohjbiloh Administrator

    Anyone else facing issues still?

    Jon Biloh
  • so far so good

  • @default said:
    blah blah blah blah blah blah blah

    "it isn't worth my time" says the person spending time moaning about it and thinks their moaning is worth everyone else's time :)

  • momkinmomkin Member
    edited April 13

    @jbiloh LET revenus not enough yet to build your own data center to handle those attacks ?

  • sdglhmsdglhm Member

    @yoursunny said: You can cancel 1 idling VPS in 15 seconds.

    Sorry mate. You need to physically be at the datacenter to cancel your 3USD/yr VPS

    I repeat, RAID is not backup | Looking for a developer for your next project? - Hire me

  • jbilohjbiloh Administrator

    @budi1413 said:
    so far so good

    Perfect, glad to hear it!

    @momkin said:
    @jbiloh LET revenus not enough yet to build your own data center to handle those attacks ?

    Not as of yet :)

    Jon Biloh
  • defaultdefault Member

    @MeAtExampleDotCom said:

    @default said:
    blah blah blah blah blah blah blah

    [...] person spending time moaning [...]

    Fastmako (aff) - another cheap VPS.

  • @default said:

    @MeAtExampleDotCom said:

    @default said:
    blah blah blah blah blah blah blah

    [...] person spending time moaning [...]

    [.gif indicating that the point of what was being replied to may hve been missed entirely]

    I made no claim that it wasn't worth my time, so if you are trying to point out irony in my pointing out of irony then your irony recognition needs work.

  • defaultdefault Member

    @MeAtExampleDotCom said:

    @default said:

    @MeAtExampleDotCom said:

    @default said:
    blah blah blah blah blah blah blah

    [...] person spending time moaning [...]

    [.gif indicating that the point of what was being replied to may hve been missed entirely]

    I made no claim that it wasn't worth my time, so if you are trying to point out irony in my pointing out of irony then your irony recognition needs work.

    Fastmako (aff) - another cheap VPS.

  • jbilohjbiloh Administrator

    @default said:

    @MeAtExampleDotCom said:

    @default said:

    @MeAtExampleDotCom said:

    @default said:
    blah blah blah blah blah blah blah

    [...] person spending time moaning [...]

    [.gif indicating that the point of what was being replied to may hve been missed entirely]

    I made no claim that it wasn't worth my time, so if you are trying to point out irony in my pointing out of irony then your irony recognition needs work.

    We all have those mornings.

    Jon Biloh
  • caracalcaracal Member

    From another thread with issues with microLXC.. Possible to get something whitelisted for microLXC?

    https://lowendtalk.com/discussion/comment/3223176/68082/neoon

    @Neoon said:
    So the system can't verify your user profile and rejects any request.
    A whitelist for sure would help with that, no idea if @jbiloh can whitelist microlxc.net on CF.

    Thanked by 1o_be_one
  • jbilohjbiloh Administrator

    @caracal said:
    From another thread with issues with microLXC.. Possible to get something whitelisted for microLXC?

    https://lowendtalk.com/discussion/comment/3223176/68082/neoon

    @Neoon said:
    So the system can't verify your user profile and rejects any request.
    A whitelist for sure would help with that, no idea if @jbiloh can whitelist microlxc.net on CF.

    Please share more information on the issue you are seeing so we can try and solve it.

    We cannot whitelist entire ISPs as that exposes the website to risk.

    Jon Biloh
  • @jbiloh said: Please share more information on the issue you are seeing so we can try and solve it.

    @Neoon if you have more informations to share ^^

    DevOps and Site Reliability Engineer. Looks cool when i know what i do.
    Doing useless stuffs on amazing providers services because... Why not?
  • jbilohjbiloh Administrator

    @o_be_one said:

    @jbiloh said: Please share more information on the issue you are seeing so we can try and solve it.

    @Neoon if you have more informations to share ^^

    I spoke to @Neoon via PM and we are all set now. :)

    Jon Biloh
Sign In or Register to comment.