The Cloudflare implementation here sucks

submitted by 0_0 from self.SaidIt

sorted by:
top
newinsightfulfun
you are viewing a single comment's thread.

view the rest of the comments →

[–]binaryblob 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (58 children)

Your comment would be useful, if you explained how the implementation could be improved within the context of Cloudflare and saidit.

I think if this is Cloudflare's product and they don't know how to do better for their enterprise clients, I would short the shit out of their stock, but I doubt that's the case. It's much more likely that it's either a consequence of it being freemium or because saidit developer doesn't know what they are doing.

[–]cunninglingus 5 insightful - 2 fun5 insightful - 1 fun6 insightful - 2 fun -  (43 children)

It's a Cloudflare anti-bot setting that can be adjusted in 3 seconds (though only by /u/magnora7)

I'm beginning to wonder if I'm human.

[–]SMCAB 9 insightful - 10 fun9 insightful - 9 fun10 insightful - 10 fun -  (42 children)

No you're not human. You're a piece of shit.

And quit upvoting yourself you little bitch.

[–]cunninglingus 3 insightful - 3 fun3 insightful - 2 fun4 insightful - 3 fun -  (41 children)

You poor thing, always following me around like a sick chihuahua, constantly crying and whining. You are the weakest, most pathetic user on Saidit. Let that sink in. You need a hobby.

[–]SMCAB 6 insightful - 5 fun6 insightful - 4 fun7 insightful - 5 fun -  (40 children)

Nice try fatty. You just constantly need to be reminded of how fucking retarded you are. I'm just doing God's work fatboy. Imagine a person who talks to himself on a forum having any commentary on who it thinks someone else is. Using the word pathetic to boot? You're a fucking gem lardass. We've talked about this projection problem you have before, and yet you're still not getting it. I thought you fancied yourself smart? Fatfuck.

And quit upvoting yourself you little bitch.

[–]cunninglingus 4 insightful - 1 fun4 insightful - 0 fun5 insightful - 1 fun -  (39 children)

triggered again, are you?

pathetic little weakling

[–]SMCAB 5 insightful - 5 fun5 insightful - 4 fun6 insightful - 5 fun -  (38 children)

Nice try tubby.

[–]cunninglingus 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (36 children)

Did a fat person humiliate you? So anyone you don't like must be fat? I could probably break you in half, according to the way you write.

[–]SMCAB 4 insightful - 4 fun4 insightful - 3 fun5 insightful - 4 fun -  (35 children)

Nice try chubbrock. The only thing you're breaking in half is your tiny rocket. I'd dog walk you home on a leash faggot. Guaranteed. I'll fuck your fatass for you after, bitch.

[–]cunninglingus 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (34 children)

So you're not only the weakest, pathetic user. You also want to rape fat men.

[–]Canbot 4 insightful - 2 fun4 insightful - 1 fun5 insightful - 2 fun -  (1 child)

The solution is to stop using cloudflair.

There is no such thing as a free speech, open platform, that uses (((cloudflair))). We need to find a way to get out from under their boot.

[–]binaryblob 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (0 children)

Darknets provide censorship free fora, but they don't come with solutions against spam, so you would have to run a local spam filter for all content and also run the content sorting locally, nothing a modern computer can't do, but it would raise the minimum system level requirements for clients by 100x.

[–]0_0[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Either the challenge passage is set too low or the firewall is configured to be too sensitive.

[–]ID10T 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (10 children)

You could have a script do a simple get request to the site at regular intervals before the Cloudflare timeout. That way as long as a user has a page loaded and are logged in, it pings the site to prevent the Cloudflare timeout.

For security, I would limit this ping to perhaps five minutes of inactivity, so a user doesn't stay authorized by Cloudflare indefinitely if they have a page left open on their browser.

I assume there's a template for when a user is logged in, like where the banner displays your username. You could add the script there with a timeout to GET /healthcheck every twenty seconds or whatever.

[–]In-the-clouds 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (4 children)

I tested that idea, and it mostly works.

[–]0_0[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (2 children)

What is the ideal number of seconds to refresh Saidit, to minimize bandwidth and yet still avoid Cloudflare's blockade?

To answer your question, it should refresh at the expiration of the cookie "cf_clearance" + 5 minutes, which is when the cloudflare pass expires.

In any case the fact that these kind of workarounds are required is fucking retarded.

[–]In-the-clouds 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (1 child)

5 minutes? It seems like Cloudflare blocks me if I just let 2 minutes go by without clicking on a new link.

[–]0_0[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

On my side is exactly 5 minutes, which is the smallest time span that can be set as challenge passage on Cloudflare.

[–]ID10T 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Yeah the script just needs to load an empty page that returns 200. That won't cost hardly any bandwidth and will be enough to refresh the TTL on the Cloudflare cookie.

[–]binaryblob 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (4 children)

You are forgetting that there is a cost to Cloudflare (and to the clients) to do this, so only if you have read their APIs in detail, you would be able to make such a claim. For enterprise clients, they would be happy to help, but for the free tier, perhaps not so much. I haven't read their API in detail, but I have experience with enterprise APIs. For some APIs for Big Tech, you can't just write something that "looks reasonable" if it has to scale (or when you scale you go bankrupt, which is another popular way to encourage using batch APIs). The server implementations are relentless to clients to the point that they basically prescribe how to write your client or it won't work. (This is a good thing, but it explains why so little companies integrate directly and often use middleware.)

[–]ID10T 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (3 children)

True, I don't know why the site admins have this time set so short. Looks like it's something they can just change to whatever is reasonable https://community.cloudflare.com/t/security-check-on-my-website-every-30-seconds/282472

[–]binaryblob 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (2 children)

That sounds like a good basis for a conversation with the site admin.

[–]ID10T 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (1 child)

Who is this mysterious "admin" anyway?

[–]binaryblob 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

I thought it was magnora7. He/she/it has written about hosting it a couple of times.