Another reason to self host 😊
I do agree , the web needs to be decentralized, but does your server have similar uptime to cloudflare.
Does it need to?
No but then the argument above falls flat, doesn’t it?
I’m pretty sure cloudflare has better uptime than you
This is dumb…
If you self host and your power goes out …
Think about it
Maybe this guy lives in an area immune to random outages ? Never any power shutdown, internet disconnection or slowness. And his hardware never fails too 🫢
…My UPS kicks in.
Lol the power is out and this guy thinks he’s gonna get overnight deliveries smh
/s
See, there’s still a niche for the internal combustion engine over electric. Good luck driving your tesla in a blackout!
I prefer less uptime at saturday over a random rare outage.
Ohh that’s why everything is slow and this is my sanity check.
But its scary how if Cloudflare went down most popular websites will go down with it
Cloudflare is a cancer
tell me more
He is not wrong. Look the whole internet is basically one centralized cloudflare if we continue this path.
Like the bad kind
It blocks anyone not using one of its preferred browsers, among other things. It’s become the gatekeeper for a large fraction of the Internet.
It also flags my DNS filter and nearly every site I go to has to “check if I’m human”
What browsers does it block?
Minority browsers. Since I daily drive Pale Moon, I’m among the people affected. It’s suspected that they test only the 3-4 most popular browsers, and whether anything else works with their code is up to luck.
You may think browsers with tiny market shares aren’t important, but all new browsers start out that way. I fear for Ladybird if it ever makes it past the alpha stage, for instance.
great article, and I had no idea that happened to Brian Krebs, of all people! o.O
I do think the EFF makes a good point though, and I think personally I tend to be biased towards content neutrality over moderation (at least, more strongly the larger the platform is, and Cloudflare is very large). Not to the point of Xitter, obviously, but I think there’s at least a reasonable argument for Cloudflare in this case.
that said, after some searching, I did find the following two articles, and I find their arguments against Cloudflare very compelling:
- https://www.devever.net/~hl/cloudflare
- http://cryto.net/~joepie91/blog/2016/07/14/cloudflare-we-have-a-problem/
Fortunately I’m already using end-to-end SSL certs via Caddy, but now I’m considering just moving off Cloudflare entirely and instead providing regular backups to Internet Archive–most of the stuff I host is entirely static and very lightweight.
Most people who dislike cloudflare do so for their centralization of the internet, rightly so.
Me? I HATE THE STUPID “VERIFYING YOUR REQUEST” PROMPTS. THEY TAKE WAYYY TOO LONG AND DONT WORK WITH MY USER AGENT SWITCHER. STUPID WEBSITES WITH 3 MONTHLY USERS ARE TURNING ON ADVANCED “DDOS PROTECTION” JUST TO MAKE EVERY FUNCTION OF THEIR APP TAKE 18 MONTHS
When I get to that screen, I just x out most of the time. It’s usually not that important.
You can try https://github.com/FlareSolverr/FlareSolverr
Interesting, I have a lot less problems with the Cloudflare verification, than with Google captchas. The slightest unusual thing seems to put you in captcha hell
We need to break up Cloudflare.
It sucks because up until the “sales team” rugpull, they’re the cheapest (and closest to reality) for bandwidth cost, virtually all the other CDN providers charge astronomical prices and their margins are hundreds to thousands of percentage.
If the costs are mostly variable in how much they serve up, and uptime is sufficiently important, maybe have two CDNs and use the other one as a fallback when things start going tits-up?
Cloudflare tries to enforce pretty strong vendor lock in by requiring you use their nameservers.
Also subdelegate domains are an “enterprise” feature, so no luck there.
Basically the CDN market sucks, not a shocker Netflix, Google, Valve, and many others operate their own.
Hmm.
I’m not familiar with the constraint.
I assume that the way that this works is that I host content at www.foo.com and they have their nameserver resolve www.foo.com to different IPs based on the geolocation of the browsing user’s IP.
Is it possible to convert www.foo.com to a CNAME that can be redirected away from their nameservers? Like, I make www.foo.com be a CNAME directed at www.foo-cloudflare-cdn.com. They own www.foo-cloudflare-cdn.com, they serve A or AAA queries there on their nameservers. But if I want fallback, I update the CNAME to point at www.foo-backup-cdn.com, which is served by a different CDN.
Are there technical barriers to that, do you know?
The way CDNs and virtual hosts work in general is to read the
hostfield in the HTTP header, otherwise unless you dedicate an IP for each domain / “web site” there would be no way to know what to serve.The issue is if you put the CNAME of foo
www.foo-cloudflare-cdn.com.then it will just resolve to whatever the A/AAAA record is for that, and send the host ofwww.foo.com– which they will only service if that domain is hosted with their nameservers (they run automated checks to make sure you’re actually doing so). So there isn’t really an easy way to just give cloudflare some subdomain, unless you pay them $$,$$$+ for the privilege.Valve actually does that, ironically enough, for the steam community web assets they use Fastly, Akamai, and CloudFront, all on subdomains of course 🙃.
The way CDNs and virtual hosts work in general is to read the host field in the HTTP header, otherwise unless you dedicate an IP for each domain / “web site” there would be no way to know what to serve.
But the point of CDNs is to direct connections to a geographically-near IP, yes?
The domain name that any CDN webserver in different regions will get in the HTTP request headers is going to be the same, CNAME or no.
The issue is if you put the CNAME of foo www.foo-cloudflare-cdn.com. then it will just resolve to whatever the A/AAAA record is for that, and send the host of www.foo.com – which they will only service if that domain is hosted with their nameservers (they run automated checks to make sure you’re actually doing so).
Ah, okay, I could see someone having automated checks that actively prevent it.
But the point of CDNs is to direct connections to a geographically-near IP, yes?
That’s generally right enough, the goal of a CDN is to deliver content from a server close to the consumer as possible (ideally on their ISP network using cache servers to avoid going out over the “wider internet”.) – however CDN networks typically also use Anycast IP addresses, which means that all of the CDN servers across their network use the same pool of IP addresses, and BGP / the routing table dictate what actual physical server you get routed to. This is typically the ideal closest server, however sometimes you want certain IP pools in certain regions for legal (China), or technical reasons, so the IP address returned by a given A/AAAA lookup for a CDN isn’t a given. There’s also ECN and other optimization CDNs can do on the lookup side but that’s outside of the scope here.
The domain name that any CDN webserver in different regions will get in the HTTP request headers is going to be the same, CNAME or no.
Yeah, so the CNAME just says “whatever A/AAAA address that resolves to” and the HTTP client will send whatever
HOSTit thinks its connecting to, meaning you can’t “mask” the actual domain you’re using by using a CNAME record.Technically if you have a totally static IP serving a single site, it’s possible to ignore the HOST field and always serve that site, since logically, any request is only meant for that given site (this is basically the default site on something like Apache).
My main point is that there’s really no getting around that CloudFlare requires you to be locked in to their platform even if you just wanna serve R2 files from a subdomain, and I personally find that a bit spooky, migrating nameservers can have very long propagation times leaving your site unreachable if they decide they don’t want you as a customer anymore, or as a shakedown.
We just should not use cloudflare. Why is everybody still trying to use cloudflare.
It drives me nuts. The default answer on all network problems: why don’t you just use cloudflare? No! No no.
We just should not use cloudflare. Why is everybody still trying to use cloudflare.
Counterpoint: I find networking challenging, and I’m not particularly accountable for the natural consequences of not knowing how stuff works.
This could end fine for everyone? Maybe an AI will understand it for me. (This is sarcasm. I agree with you.)
The answer always seems to be: Cloudflare is fucking up again. This isn’t the first time.
This is my workday now
Nowadays they will tell you to work on something else in the meantime.
Your code can compile while you’re in a retro, retrospectively looking back at the action items raised in a previous retro but not assigned any sprint time in the current sprint so you just raised a “what went wrong” about it not being planned and now you have more non-sprint work to do because every problem should be presented with a solution and if you could have that for the next retro they’ll review this retro’s action items and see if you have a proposal for fixing retro action items
This is why I call scrum masters scrumlords.
Thankfully my boss is hands off so I took a walk and then worked on an internal tooling side project that really only I will appreciate.
Scrumlords I love it
You have a good boss!
Quitting my last job for this one might be the best thing I’ve done since I tricked my wife into marrying down.
My mental and physical health has improved a ton.
Yep
I think https://pkg.go.dev/ is down too
The whole internet is down. Unless you self host
Stuff hosted by cloudflare is not the whole internet
npm is having issues as well with publish and installs. Fun fun day.
Time to forget about code and relax
Google Cloud status page:
Holy shit, goddamn near everything is down, nearly everywhere.
Fucking Tracer Tong ending from Deus Ex, hope somebody has a save file they can reload from soon, otherwise… yeah…
Thanks I have updated the Google link to this instead of downdector.
*Laughs in self-hosting services.
You’re not wrong. The gangly stacks of orchestrated black-box containers at a pubcloud beholden to shareholder whim is going to be a huge factor. Sorry grandma can’t get her pills, but - phew - the number will still go up.
I wish I had that luxury with work.
All my personal stuff is 100% unaffected though!
Same. Feeling pretty good about using Anubis instead of Cloudflare for our dinky systems.
At work just about all major services are super slow or down. It’s like cloud strike again.
Oh well I still get paid. But it’s crazy how much centralization affects the world wide web.
It’s like cloud strike again
When The Cloud goes on Strike. Damn it they’re just asking for more power, Scotty! Don’t let those scabs cross the picket line!
c/selfhosted having a field day rn
Yeah, wonder how those cloudflare(d) tunnels werd keeping up.
Strangely enough, twitch streams and chat were working fine but everything else was broken, had an empty following list.
It’s seen tech talks by Twitch’s engineering team. Some of those folks are scary smart.
Not that it takes that much cleverness to avoid using CloudFlare, of course.
But might be related. Twitch had some clever fallbacks and work-arounds for slow Internet, in that tech talk.
Lemmy is working though. What else do we need?
I think that at least some instances use Cloudflare for various things, so depending upon what and how much stuff at Cloudflare is broken, some lemmy instances may be impacted.
Dafuq is a character.ai and why is it in the same list as google and cloudflare? Like yea my local grocery store had some issues should that be on the list too?
Had to include something AI because of the craze, probably picked at random
An AI chatbot that pretends to be a character and you roleplay with it.
I actually enjoy when this happens. All this centralized shit will not end well.
Centralized is control. Control is profit. It’s already not “well”, that’s why we’re here discussing it.
