Replying to Avatar Girino Vey!

you should fill an abuse form with them describing the incident. they must have something of the kind.
Avatar
Anthony Accioly 6mo ago

I've opened an abuse ticket. Their forums are filled with folks facing the same issue. Cloudflare customer support only starts caring when your company is spending over $10K USD per month with them (speaking from experience, I got the VIP treatment while working at "too big to fail inc", but also had to deal with them on a $20/month plan. I’ve already shared a few horror stories with you, like the time they just decided to block all videos on my Mastodom server).

In short, they’re aware of it:

- https://community.cloudflare.com/t/urgent-malicious-requests-coming-from-cloudflare-workers-2a063600-103/809347 (recent)

- https://community.cloudflare.com/t/how-can-i-block-2a063600-103-at-waf-level/651073/40 (2024)

- https://community.cloudflare.com/t/is-it-safe-to-block-2a063600-103/321899 (2021)

I don’t like blocking useful services like this, as folks on Nostr might be building legitimate stuff using Cloudflare Workers. But at this point, it’s really the lesser of two evils. Even though my firewall detected the abuse and was returning 429s to all requests, the sheer volume of requests was still enough to take everything down.

Reply to this note

Please Login to reply.

Discussion

Avatar
Girino Vey! 6mo ago

I have a recurring issue with routing to Cloudflare addresses that they consistently refuse to address. Every Wednesday, from approximately 10 p.m. to 4 a.m., there is no route from major Brazilian ISPs to any of my sites behind Cloudflare. I’m on the free plan, so I can open tickets, but it makes no difference. There are dozens of reports on their community forums—many from other countries—describing the same problem, and Cloudflare does nothing about it.

Avatar
Anthony Accioly 6mo ago

Sorry, didn't get a notification because... Well, my relay was down again, lol. Yeah, Cloudflare is sorta like Google, anything bellow $10k billing a month and you are a cost center, not a client. I'm trying to reach out to some of my former colleagues to see if I can get an abuse report sent by "Too Big to Fail Inc." instead of Anthony Accioly.

And I don't doubt that your routing issue is due to Cloudflare’s own internal automation. Have you tried to install warp and go through Cloudflare own infrastructure during outage periods just to confirm?

Kind regards,

Avatar
Girino Vey! 6mo ago

That's what I usually do - route through Warp - but that doesn't help my customers. I'm still effectively out of service for about six hours. Fortunately, it happens during a period of low traffic.