Google's captcha (the one where you select the squares) is just such a painful experience, I actually get excited when I see Cloudflare's captcha. I'd estimate my Cmd+W rate when I see a gCaptcha is at least 25%.
Are most web users inconvenienced at all? People on Hacker News aren't typical, which probably results in installing more privacy-preserving technologies that trigger captchas.
The people of Hackers News aren't typical and usually have the latest and greatest when it comes to computer hardware and the latest software. Unlike everyone else on earth that doesn't care about such things and often runs old hardware and software and so encounter, and are blocked by, cloudflare's computational paywalls more often than a bleeding edge tech user would imagine.
i suggest talking to people about their experiences with tech. i've been surprised how much they've soured on it. and how aware they are regarding issues like privacy, effect on mental health, predatory business models etc. show them the wikipedia page for enshittification and they'll go 'oh so that's the word for it!". also i have VMs running completely vanilla browsers, connected directly to clearnet. and i still get captchas or outright blocks by normal websites like clothing retailers. the internet is a disaster for everyone at the moment
the internet has become a psychotic corridor of mirrors. where truth and fiction, humans and bots, propagand and anecdata can no longer be told apart. what am i still doing here?
Because end users don’t have any ability to avoid sites that use Cloudflare, and it’s free advertising every time a developer sees it. Sure, you might hate Cloudflare on everyone else’s sites, but it’s nice to have it on your side!
As someone running a web app, I can see the appeal. I get tens of thousands of "attacks" per day from bots scanning for WordPress/PHP files and that's not even counting the "legitimate" bot traffic crawling your site for content or AI training data.
Now, tens of thousands of requests probably won't do much if you have basic security, caching, and optimization in place. But if your app is a mess, sometimes it's easier to just slap a Cloudflare gate on it and call it a day.
There are more reasons to hate it. It has a deserved bad reputation of extortion of certain users for no good reason when it believes those users to be too dependent to move away. It is known to do this extortion by suddenly asking them for a lot more money.
Another valid reason to hate it is because it MITMs a good chunk of web data, with a strong potential to leak it all to the government without a warrant.
It really depends on how the owners of the site configure it.
For example, I live una border and sometimes my phone connectsnto the other country's mobile network, when that happens the national weather service becomes unusable for me.
Cloudflare feels like yet another tech company living too long and becoming the villain.
Early Cloudflare days I moved all the infrastructure I was responsible for over to them for being so developer friendly. Now they are both developer unfriendly (eg. horror stories around pricing and plan swaps) and consumer unfriendly with way more frequent intersitals than I remember from ~5 years ago.
I think every time I log in to GitLab I get a Cloudflare check. Doesn’t matter if I’m on a residential connection, starbucks, airport or VPN.
> I think every time I log in to GitLab I get a Cloudflare check.
This is almost certainly GitLab’s doing (though you can ultimately blame irresponsible AI scrapers). Site owners can control how often you see CF captchas.
It just looks like an artificial delay being sold as "performance" (well, it is a delay, how can it be performance? I understand the security aspect, but it is really annoying.
any website that is using Cloudflare and has a legal obligation towards you (like processing refunds, registering complaints, GDPR data requests, etc.) can be forced to fulfill that obligation via manual human labour. just contact them and say you're unable to do it using their website because the Cloudflare service is blocking you
It's really not. For most cookie banners, there's uBO. For most others, it's a single click away from dismissing it. For CF, there's only grief and delays.
I’ve been getting rather annoyed by it personally. I’ve been running a VPN lately for some things and it’s constantly making me check a box before loading sites. Sometimes twice. Once it fell into a loop and I just gave up.
I does get in my way less when not going though a VPN.
36 comments
Now, tens of thousands of requests probably won't do much if you have basic security, caching, and optimization in place. But if your app is a mess, sometimes it's easier to just slap a Cloudflare gate on it and call it a day.
Another valid reason to hate it is because it MITMs a good chunk of web data, with a strong potential to leak it all to the government without a warrant.
For example, I live una border and sometimes my phone connectsnto the other country's mobile network, when that happens the national weather service becomes unusable for me.
Early Cloudflare days I moved all the infrastructure I was responsible for over to them for being so developer friendly. Now they are both developer unfriendly (eg. horror stories around pricing and plan swaps) and consumer unfriendly with way more frequent intersitals than I remember from ~5 years ago.
I think every time I log in to GitLab I get a Cloudflare check. Doesn’t matter if I’m on a residential connection, starbucks, airport or VPN.
> I think every time I log in to GitLab I get a Cloudflare check.
This is almost certainly GitLab’s doing (though you can ultimately blame irresponsible AI scrapers). Site owners can control how often you see CF captchas.
Either you're in a bubble or you're an AI or both.
I does get in my way less when not going though a VPN.
> I think you need to go outside.
I am outside.
Should I try going inside?