Forum's Cloudflare turned to always on? (S.O.S bots)

[DdmrDdmr]

Are things back to normal today?

I’ve tried out my scraping processes for a short while, and none of them seemed to have encountered any 503 error nor any others of the kind. Scraping speed seems the same as before constant errors, as opposed to the experience over the last couple of days where it was at least twice as slow. I'd probably have to try it out at different time intervals, but right now it looks promising.

<...> except the stats page it's still giving 503 <...>

It loads on my end on multiple non-tor browsers, albeit showing the "Checking if the site connection is secure" message on most of them.

[shahzadafzal]

Are things back to normal today?

I’ve tried out my scraping processes for a short while, and none of them seemed to have encountered any 503 error nor any others of the kind. Scraping speed seems the same as before constant errors, as opposed to the experience over the last couple of days where it was at least twice as slow. I'd probably have to try it out at different time intervals, but right now it looks promising.

You are right it looks like everything is working OK for now, except the stats page it's still giving 503

https://bitcointalk.org/index.php?action=stats      Error 503

[WhyFhy]

Today I woke up and saw this post on the BitcoinTalk SuperNotifier thread:

Mayday mayday mayday…. Bot is down… I repeat Telegram bot is down!

Edit:

Oh I see now I konw why it's down... cloudflare thank you theymos... looks like its updated to not only for login page but on every first or new request to bitcointalk.

I started debugging and it looks like every request fails due to Cloudflare. I tried bypassing it but have had no success so far.

@theymos, is this here to stay?

loyce's and bpip's scraper also seems to be down? (paging @LoyceV, @suchmoon, @ibminer).

Debug on should help (theymos), CF caching fully on breaks a lot of stuff as update times can be up to 20 mins.
 Has CF patched that WAF vulnerability yet? Seems it was enabled around the same time as this exploit was announced,  I'm pretty sure it's been around a little longer though as it was attempted on 1splitkey last month.

[DaveF]

Has CF patched that WAF vulnerability yet? Seems it was enabled around the same time as this exploit was announced,  I'm pretty sure it's been around a little longer though as it was attempted on 1splitkey last month.

A bunch of other sites that I deal with, mostly non crypto related are also dealing with the same issue. I'm guessing CF did not so patch it as do a quick and dirty work around and will fix it later.
If this is the final fix, there are going to be a lot of people with a lot of apps that are going to be really annoyed since there are a bunch of API calls and other things that are not working at the moment.

You wind up with the question of 'is a broken CF better then nothing"

-Dave

[suchmoon]

Scraping seems to be ok now, but Tor Browser is getting 403s on all Bitcointalk images, I'm guessing this is again CF doing something.

[LoyceV]

Tor Browser is getting 403s on all Bitcointalk images, I'm guessing this is again CF doing something.

Crazy idea: would it be possible to setup your own image proxy, and create a userscript to replace the links by links to your own server? That way, CloudFlare won't bother you.
Never mind, you're not talking about images posted by users.

[shahzadafzal]

I guess we are facing same issue once again?

No solution yet?