Bitcoin Forum
November 22, 2019, 12:27:32 AM *
News: 10th anniversary art contest
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Bitcointalk Running Cloudflare  (Read 194 times)
King Pajeet
Jr. Member
*
Offline Offline

Activity: 41
Merit: 2


View Profile
February 23, 2018, 07:41:45 AM
 #1

So I logged into bitcointalk earlier today and noticed that it's now running Cloudflare.

Firstly I don't think this is a good idea because I now need to keep the security-vulnerable javascript enabled on a website that deals with bitcoin.

Secondly, I don't want google crawling up m my ass, invading my privacy, logging my data and fucking me over like they tend to do.

Thirdly, if cloudflare is now enabled, I think that google recaptcha should be disabled on the login page.

● ALAX.io  | The Blockchain App Store Designed for Gamers
█ ██████████ █       TGE    17th Apr    █ ██████████ █
1574382452
Hero Member
*
Offline Offline

Posts: 1574382452

View Profile Personal Message (Offline)

Ignore
1574382452
Reply with quote  #2

1574382452
Report to moderator
The Bitcoin Forum is turning 10 years old! Join the community in sharing and exploring the notable posts made over the years.
subSTRATA
Legendary
*
Offline Offline

Activity: 1260
Merit: 1043


:^)


View Profile
February 23, 2018, 07:55:27 AM
 #2

theymos decided to go with cloudflare as the ddos solution since his homebrew solution was no longer proving effective. he's said before in the thread announcing this change that he will gladly switch off of cloudflare if one could solve the problem.


there's nothing here. message me if you want to put something here.
Decoded
Legendary
*
Offline Offline

Activity: 1232
Merit: 1024


give me your cryptos


View Profile
February 23, 2018, 12:31:34 PM
Merited by Taki (1)
 #3

Point 1 - You can check what JavaScript is running on your machines just by accessing dev tools. Check what CDNs the sources are hosted on and look for reputablr sites. Bitcointalk is relatively trustable.

Point 2 - There are extensions avaliable to whitelist certain domains and allow js to run under certain conditions. Search. You can probably write up your own chrome extension to do it.

theymos decided to go with cloudflare as the ddos solution since his homebrew solution was no longer proving effective. he's said before in the thread announcing this change that he will gladly switch off of cloudflare if one could solve the problem.



He previously made a big deal about not using cloudflare, since it means that a little trust has to be given to cloudflare not to look at you shit.

looking for a signature campaign, dm me for that
TheQuin
Hero Member
*****
Online Online

Activity: 1092
Merit: 712


Freebitco.in Support https://bit.ly/2I9BVS2


View Profile WWW
February 23, 2018, 03:18:08 PM
 #4

He previously made a big deal about not using cloudflare, since it means that a little trust has to be given to cloudflare not to look at you shit.

This is correct, it was done with much reluctance due to the ever increasing DDoS attacks the forum was coming under. You can read what theymos said about it at the time in this thread https://bitcointalk.org/index.php?topic=2485318.0

freebitcoin.TO WIN A  LAMBORGHINI!..

.
                                ▄▄▄▄▄▄▄▄▄▄███████████▄▄▄▄▄
                    ▄▄▄▄▄██████████████████████████████████▄▄▄▄
                    ▀██████████████████████████████████████████████▄▄▄
                    ▄▄████▄█████▄████████████████████████████▄█████▄████▄▄
                    ▀████████▀▀▀████████████████████████████████▀▀▀██████████▄
                      ▀▀▀████▄▄▄███████████████████████████████▄▄▄██████████
                           ▀█████▀  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀  ▀█████▀▀▀▀▀▀▀▀▀▀
                   ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
King Pajeet
Jr. Member
*
Offline Offline

Activity: 41
Merit: 2


View Profile
March 05, 2018, 02:36:28 AM
 #5

Cloudflare has been removed once again. Thanks theymos for doing this. Having Google breathing down our backs is never a good thing and I'm sure many of the forum users agree and support your decision.

● ALAX.io  | The Blockchain App Store Designed for Gamers
█ ██████████ █       TGE    17th Apr    █ ██████████ █
Quickseller
Copper Member
Legendary
*
Offline Offline

Activity: 1974
Merit: 1769



View Profile WWW
March 05, 2018, 02:40:26 AM
 #6

Cloudflare has been removed once again. Thanks theymos for doing this. Having Google breathing down our backs is never a good thing and I'm sure many of the forum users agree and support your decision.
I am not sure why you think this is true. The IP address of the forum is currently very clearly associated with cloudflare

Find the fire hydrant in my Avatar for a prize.
Madmim
Jr. Member
*
Offline Offline

Activity: 34
Merit: 12


View Profile
March 25, 2018, 02:24:57 PM
 #7

I believe the admin added cloudflare for a reason. But it is a pain in the back. Today when I tried to login, I had to try several times because I got the message that entered invalid captcha. Filling the google captcha was already a pain before.

And because of cloudflare I lost a post today. I made a lengthy post and when I pressed the post button I cloudflare page popped up and BCT said the message was empty. Admin should do something about this so posts which takes time to type does not get lost because of cloudflare.
hamade
Full Member
***
Offline Offline

Activity: 375
Merit: 150


View Profile
March 25, 2018, 03:42:35 PM
 #8

they add cloudflare to protect the fourm from Dos attake
your words is true but added the cloudeflare better than Fourm will Down
Joel_Jantsen
Legendary
*
Offline Offline

Activity: 1330
Merit: 1236


Can I merit you with some Flags? 🚩


View Profile
March 25, 2018, 04:17:34 PM
 #9

I believe the admin added cloudflare for a reason. But it is a pain in the back. Today when I tried to login, I had to try several times because I got the message that entered invalid captcha. Filling the google captcha was already a pain before.
Wait,Google captcha and cloudflaire are two different services and are not dependent on each other.Cloudflaire is there to prevent Ddos attacks while captcha prevents spam bots.Having said that I agree captcha is pain in the ass.

And because of cloudflare I lost a post today. I made a lengthy post and when I pressed the post button I cloudflare page popped up and BCT said the message was empty. Admin should do something about this so posts which takes time to type does not get lost because of cloudflare.
Does you browser cache the temp data being typed ? If you're writing a lengthy post,it's always better to write in your text editor or keep a shallow copy of it somewhere.Admins don't care about your post and they shouldn't since forum's usability is more important than your lengthy post.

.BitDice.               ▄▄███▄▄
           ▄▄██▀▀ ▄ ▀▀██▄▄
      ▄▄█ ▀▀  ▄▄█████▄▄  ▀▀ █▄▄
  ▄▄██▀▀     ▀▀ █████ ▀▀     ▀▀██▄▄
██▀▀ ▄▄██▀      ▀███▀      ▀██▄▄ ▀▀██
██  ████▄▄       ███       ▄▄████  ██
██  █▀▀████▄▄  ▄█████▄  ▄▄████▀▀█  ██
██  ▀     ▀▀▀███████████▀▀▀     ▀  ██
             ███████████
██  ▄     ▄▄▄███████████▄▄▄     ▄  ██
██  █▄▄████▀▀  ▀█████▀  ▀▀████▄▄█  ██
██  ████▀▀       ███       ▀▀████  ██
██▄▄ ▀▀██▄      ▄███▄      ▄██▀▀ ▄▄██
  ▀▀██▄▄     ▄▄ █████ ▄▄     ▄▄██▀▀
      ▀▀█ ▄▄  ▀▀█████▀▀  ▄▄ █▀▀
           ▀▀██▄▄ ▀ ▄▄██▀▀
               ▀▀███▀▀
        ▄▄███████▄▄
     ▄███████████████▄
    ████▀▀       ▀▀████
   ████▀           ▀████
   ████             ████
   ████ ▄▄▄▄▄▄▄▄▄▄▄ ████
▄█████████████████████████▄
██████████▀▀▀▀▀▀▀██████████
████                   ████
████                   ████
████                   ████
████                   ████
████                   ████
████▄                 ▄████
████████▄▄▄     ▄▄▄████████
  ▀▀▀█████████████████▀▀▀
        ▀▀▀█████▀▀▀
▄▄████████████████████████████████▄▄
██████████████████████████████████████
█████                            █████
█████                            █████
█████                            █████
█████                            █████
█████                     ▄▄▄▄▄▄▄▄▄▄
█████                   ▄█▀▀▀▀▀▀▀▀▀▀█▄
█████                   ██          ██
█████                   ██          ██
█████                   ██          ██
██████████████████▀▀███ ██          ██
 ████████████████▄  ▄██ ██          ██
   ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ██          ██
             ██████████ ██          ██
           ▄███████████ ██████▀▀██████
          █████████████  ▀████▄▄████▀
[/]
2112
Legendary
*
Offline Offline

Activity: 2114
Merit: 1032



View Profile
March 25, 2018, 04:51:48 PM
Last edit: March 25, 2018, 05:17:21 PM by 2112
 #10

This is an experimental post. I'm making it with Javascript disabled. I correctly saved the previous text to into SMF drafts https://bitcointalk.org/index.php?action=drafts , still without Javascript.

While writing this post I looked up some information on this forum in a separate window of the same browser, still with Javascript
disabled.

So it just looks like Cloudflare is requiring Javascript only to set up some ephemeral cookies when first opening a browser session. Once the browser session is started Javascript can be disabled.

Now I'm going to try to post it, with Javascript still disabled.

Edit: It appears it went through without a hitch. I'm now editing it with Javascript still disabled. Please post your experiences using your ISPs because Cloudflare is known for using various amounts of defensive technology for various ISPs and various traffic conditions.

Edit2: Further along this Cloudflare discussion, I went to a different site that is also using them for DDoS protection. In the past that site used to show the same Cloudflare screens about "Checking your browser". That other site didn't make that challenge this time at all, still with Javascript disabled. I know that this "other site" is nowadays not under attacks anymore, they are just using Cloudflare out of inertia.

Edit3: I just wanted to save my previous edits, still with Javascript disabled. Worked fine. Another variable as far as Cloudflare is that I'm typing this from a less popular browser. On the same computer I have bitcointalk.org opened in a very popular browser with most recent updates. In that browser Cloudflare re-challenged with "Checking your browser" despite the fact that I didn't close that other session and the ephemeral cookies are still present.

Edit4: So the summary is: YMMV (your mileage may vary). You can certainly browse and post on bitcointalk.org through Cloudflare with Javascript disabled. Just use tools less popular amongst the DDoS crowd and other script kiddies.

Please comment, critique, criticize or ridicule BIP 2112: https://bitcointalk.org/index.php?topic=54382.0
Long-term mining prognosis: https://bitcointalk.org/index.php?topic=91101.0
Madmim
Jr. Member
*
Offline Offline

Activity: 34
Merit: 12


View Profile
March 25, 2018, 05:02:55 PM
 #11


Wait,Google captcha and cloudflaire are two different services and are not dependent on each other.Cloudflaire is there to prevent Ddos attacks while captcha prevents spam bots.Having said that I agree captcha is pain in the ass.


Somehow they are affecting the login page. Otherwise google captcha is buggy.


Does you browser cache the temp data being typed ? If you're writing a lengthy post,it's always better to write in your text editor or keep a shallow copy of it somewhere.Admins don't care about your post and they shouldn't since forum's usability is more important than your lengthy post.


I am using Tor
selezneve
Jr. Member
*
Offline Offline

Activity: 112
Merit: 1


View Profile
March 25, 2018, 05:20:44 PM
 #12

This might be required for securing the forum from hackers. One big problem I experience with this is sometimes while making a post here, page refreshes because of cloudfare. This results in all content written till then getting removed. Is there any solution to this problem ? Can we have some other alternative to this security measure which does not cause any trouble while making a post here ?
Joel_Jantsen
Legendary
*
Offline Offline

Activity: 1330
Merit: 1236


Can I merit you with some Flags? 🚩


View Profile
March 25, 2018, 05:28:26 PM
 #13

This might be required for securing the forum from hackers. One big problem I experience with this is sometimes while making a post here, page refreshes because of cloudfare. This results in all content written till then getting removed. Is there any solution to this problem ? Can we have some other alternative to this security measure which does not cause any trouble while making a post here ?
You mean page randomly refreshes while writing a post after you have passed the cloudflaire wall the first time you opened the website ? Do you have a dynamic ip by any chance ? Do you use a VPN ? Maybe your ip will be one of those data sources which cloudflaire has detected as part of the ddos attack ?

As interesting as it gets,I'd like to know more about your case.

.BitDice.               ▄▄███▄▄
           ▄▄██▀▀ ▄ ▀▀██▄▄
      ▄▄█ ▀▀  ▄▄█████▄▄  ▀▀ █▄▄
  ▄▄██▀▀     ▀▀ █████ ▀▀     ▀▀██▄▄
██▀▀ ▄▄██▀      ▀███▀      ▀██▄▄ ▀▀██
██  ████▄▄       ███       ▄▄████  ██
██  █▀▀████▄▄  ▄█████▄  ▄▄████▀▀█  ██
██  ▀     ▀▀▀███████████▀▀▀     ▀  ██
             ███████████
██  ▄     ▄▄▄███████████▄▄▄     ▄  ██
██  █▄▄████▀▀  ▀█████▀  ▀▀████▄▄█  ██
██  ████▀▀       ███       ▀▀████  ██
██▄▄ ▀▀██▄      ▄███▄      ▄██▀▀ ▄▄██
  ▀▀██▄▄     ▄▄ █████ ▄▄     ▄▄██▀▀
      ▀▀█ ▄▄  ▀▀█████▀▀  ▄▄ █▀▀
           ▀▀██▄▄ ▀ ▄▄██▀▀
               ▀▀███▀▀
        ▄▄███████▄▄
     ▄███████████████▄
    ████▀▀       ▀▀████
   ████▀           ▀████
   ████             ████
   ████ ▄▄▄▄▄▄▄▄▄▄▄ ████
▄█████████████████████████▄
██████████▀▀▀▀▀▀▀██████████
████                   ████
████                   ████
████                   ████
████                   ████
████                   ████
████▄                 ▄████
████████▄▄▄     ▄▄▄████████
  ▀▀▀█████████████████▀▀▀
        ▀▀▀█████▀▀▀
▄▄████████████████████████████████▄▄
██████████████████████████████████████
█████                            █████
█████                            █████
█████                            █████
█████                            █████
█████                     ▄▄▄▄▄▄▄▄▄▄
█████                   ▄█▀▀▀▀▀▀▀▀▀▀█▄
█████                   ██          ██
█████                   ██          ██
█████                   ██          ██
██████████████████▀▀███ ██          ██
 ████████████████▄  ▄██ ██          ██
   ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ██          ██
             ██████████ ██          ██
           ▄███████████ ██████▀▀██████
          █████████████  ▀████▄▄████▀
[/]
2112
Legendary
*
Offline Offline

Activity: 2114
Merit: 1032



View Profile
March 25, 2018, 05:51:16 PM
 #14

Let's try different browsers from a different computer on a different continent.

But same schtick: enable Javascript to pass Cloudflare and Google captcha challenges and then browse and post with Javascript disabled.

If you see it, it worked.

Please comment, critique, criticize or ridicule BIP 2112: https://bitcointalk.org/index.php?topic=54382.0
Long-term mining prognosis: https://bitcointalk.org/index.php?topic=91101.0
Quickseller
Copper Member
Legendary
*
Offline Offline

Activity: 1974
Merit: 1769



View Profile WWW
March 25, 2018, 09:56:16 PM
 #15

This might be required for securing the forum from hackers. One big problem I experience with this is sometimes while making a post here, page refreshes because of cloudfare. This results in all content written till then getting removed. Is there any solution to this problem ? Can we have some other alternative to this security measure which does not cause any trouble while making a post here ?
Before you his "post" you can copy the entire content into your clipboard so you have it in case this happens, and can try again.

Find the fire hydrant in my Avatar for a prize.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!