mirrors/deCloudflare
1
0
Fork 0
mirror of https://0xacab.org/dCF/deCloudflare.git synced 2025-01-15 03:37:00 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update readme/en.action.md, readme/en.ethics.md, readme/en.md, PEOPLE.md, README.md, HISTORY.md, INSTRUCTION.md

Browse Source
This commit is contained in:
baptiste313 2022-06-25 23:34:07 +00:00
parent 71730cdbb2
commit edfbbaa3c0
7 changed files with 217 additions and 484 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
HISTORY.md
View File

@ -4,7 +4,6 @@ Here's some of Cloudflare incidents.
[//]: # (do not edit me; start)
- 2022-06-24: [Network connectivity issues in the Ashburn region](https://web.archive.org/web/https://www.cloudflarestatus.com/incidents/r0krsxbqxyn4)
- 2022-06-21: [Cloudflare Service Issues](https://web.archive.org/web/https://www.cloudflarestatus.com/incidents/xvs51y9qs9dj)
- 2022-06-15: [Network Performance Issues in the India region](https://web.archive.org/web/https://www.cloudflarestatus.com/incidents/ggtt599cd67f)
@ -283,16 +282,12 @@ Here's some of Cloudflare incidents.
- 2021-03-17: [Customer Impacting Issue in European Region](https://www.cloudflarestatus.com/incidents/0fvbh23lqlz2)
- 2021-03-17: [Network Latency Issues in the Pacific North West region.](https://www.cloudflarestatus.com/incidents/hf8h9cg8lb4p)
[//]: # (do not edit me; end)
-----
## Other
*2021.04.04*
- **Censorship**: Codeberg.org silently deleted `cloudflare-tor` and all related forks from codeberg.org without joining the discussion.
@ -310,7 +305,6 @@ Here's some of Cloudflare incidents.
- And he [replaced "dead link" to cloudflare's link](https://trac.torproject.org/projects/tor/wiki/org/projects/DontBlockMe?action=diff&version=38&old_version=37).
- _Hey Tor Project, it's not "dead". You deleted them, remember?_
*2020.05.13*
The Tor Project [deleted](https://lists.torproject.org/pipermail/anti-censorship-team/2020-May/000098.html) important ticket, [number 24351](https://trac.torproject.org/projects/tor/ticket/24351) after the spammer replaced it with child porn images which hosted on the Tor Onion service. [Ticket 34175](https://trac.torproject.org/projects/tor/ticket/34175).
@ -320,7 +314,6 @@ The Tor Project [deleted](https://lists.torproject.org/pipermail/anti-censorship
Self publishing platform, [BookRix.com](https://www.bookrix.com/), denied Mr. Jeff Cliff's book titled "_The Great Cloudwall_" and stopped publishing it. The reason is "_Copyright infringement_". All of book's data, text and image can be found in this repository. You can download this book [here](pdf/2019-Jeff_Cliff_The_Great_Cloudwall.epub).
*2019.08.05*
@jeffcliff@niu.moe:

59
INSTRUCTION.md
View File

@ -5,16 +5,12 @@
---
<details>
<summary>_click me_
## Website is using Cloudflare
</summary>
<summary<h3>Website is using Cloudflare</h3></summary>
- **Cloudflare users** | [**List Directory**](cloudflare_users/)
| List name | Description |
| -------- | -------- |
| --- | --- |
| [/domains/cloudflare_?.txt](cloudflare_users/domains) | Split files (base domain) |
| [ex_cloudflare_users.md](cloudflare_users/ex_cloudflare_users.md) | Domains which used Cloudflare in the past, not anymore |
| [cloudflare_supporter.md](cloudflare_users/cloudflare_supporter.md) | who is supporting, endorsing, loving, or defending Cloudflare |
@ -23,7 +19,7 @@
- **Cloudflare Corporation** | [**List Directory**](cloudflare_inc/)
| List name | Description |
| -------- | -------- |
| --- | --- |
| [cloudflare_CIDR_v4.txt](cloudflare_inc/cloudflare_CIDR_v4.txt) | IPv4 CIDR owned by Cloudflare |
| [cloudflare_CIDR_v6.txt](cloudflare_inc/cloudflare_CIDR_v6.txt) | IPv6 CIDR owned by Cloudflare |
| [cloudflare_range_v4.txt](cloudflare_inc/cloudflare_range_v4.txt) | IPv4 range owned by Cloudflare |
@ -33,7 +29,6 @@
| [cloudflare_owned_onions.txt](cloudflare_inc/cloudflare_owned_onions.txt) | Tor .onions owned by Cloudflare |
| [cloudflare_members.md](cloudflare_inc/cloudflare_members.md) | Cloudflare employer, employee, ex-employee |
**How to detect Cloudflare?**
There are many ways to detect it:
@ -93,11 +88,7 @@ Are you sure? *Remove* it from /split/ list and *add* to "[ex_cloudflare_users.m
------
<details>
<summary>_click me_
## Website is NOT using Cloudflare
</summary>
<summary><h3>Website is NOT using Cloudflare</h3></summary>
- **Non-Cloudflare CDN users** | [**List Directory**](not_cloudflare/)
@ -123,7 +114,6 @@ Z9 Fastly
- Add-on "[Kiu retejo malakceptis min?](subfiles/about.urjm.md)" will help your domain collection.
![](image/siteground.jpg)
- Above is how Siteground-hosted ([INAP](https://www.inap.com/press-release/inap-completes-acquisition-singlehop/);[Singlehop](https://www.siteground.com/blog/siteground-partners-singlehop/)) sites often appear to Tor visitors when timeouts/tarpitting doesn't occur.
@ -137,11 +127,7 @@ Some websites combine other companies (e.g. Amazon AWS, Google Cloud, DDoS-GUARD
------
<details>
<summary>_click me_
## Website is rejecting Tor visitor
</summary>
<summary><h3>Website is rejecting Tor visitor</h3></summary>
- **Anti-Tor users** | [**List Directory**](anti-tor_users/)
@ -150,7 +136,6 @@ Some websites combine other companies (e.g. Amazon AWS, Google Cloud, DDoS-GUARD
| [/domains/attd.txt](anti-tor_users/domains/attd.txt)<br>[/domains/attd.json](anti-tor_users/domains/attd.json) | Block Tor access (FQDN) |
| [/misc/hostility.md](anti-tor_users/misc/hostility.md) | **Does NOT block Tor access** Domain and Comment |
- Add-on "[Kiu retejo malakceptis min?](subfiles/about.urjm.md)" will help your domain collection.
- Add-on "[Ĉu ĉi tiuj ligoj blokos Tor-uzanton?](subfiles/about.isat.md)" will tell you which link rejected Tor visitor.
- Search [anti-tor fqdn list](anti-tor_users/domains/). Karma's ["Find Anti-Tor FQDN" API](http://karma.im5wixghmfmt7gf7wb4xrgdm6byx2gj26zn47da6nwo7xvybgxnqryid.onion/api/is_at.php)
@ -167,9 +152,7 @@ Some websites combine other companies (e.g. Amazon AWS, Google Cloud, DDoS-GUARD
**How can you trust their sites if they are not treating everyone equally?**
```
About "Anti-Tor FQDN list" (attd*.txt)
www.example.com
@ -181,7 +164,6 @@ www.example.com
senate.gov
---> base domain denied/harassed/challenged human who're using Tor.
```
If your website is on this list, you better talk with your network administrator.
@ -202,21 +184,15 @@ If you're not blocking Tor users, you will be removed automatically.
------
<details>
<summary>_click me_
## How to add your data
</summary>
<summary><h3>How to add your data</h3></summary>
A, B, or C will be enough. (or D if you really can't)
**Thank you for your contribution. You are doing a good job!**
> Type A: Use Online Editor
- [Online Editor](http://editdcf.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion/)
> Type B: Push to git
1. Log in to [this website's Git](http://crimeflare.eu.org).
@ -224,7 +200,6 @@ A, B, or C will be enough. (or D if you really can't)
3. Edit `text` file. (_you don't have to edit JSON file_)
4. Create a *new pull request*.
> Type C: Just scan the FQDN
Your contribution will be pushed to git automatically.
@ -237,30 +212,23 @@ Your contribution will be pushed to git automatically.
- Use "_Is it blocking Tor?_" API.
- e.g. `curl -x socks5h://127.0.0.1:9050 -k --http2 -X POST -F 'f=www.emsisoft.com' (API URL)is_antitor.php`
> Type D: Create an Issue
Create an Issue and let us know about the change you want to make.
You can [contribute anonymously](README.md).
</details>
------
<details>
<summary>_click me_
## How to setup git
</summary>
<summary><h3>How to setup git</h3></summary>
This procedure will give you a cloudflare-tor fork with a privacy-respecting configuration to do pushes with SSH over Tor using `git.example`.
Below procedure is designed for _Linux_.
The first step covers Windows too, but these instructions probably
need more adaptations for Windows and other platforms.
- Linux: `aptitude install git tor ssh`
- Windows: Download `PortableGit` from [Github](https://github.com/git-for-windows/) & run `git-bash.exe`
@ -268,6 +236,7 @@ need more adaptations for Windows and other platforms.
1. Create a `git.example` account (username "snowden" will be used for this example)
1. Create an SSH key pair `$ ssh-keygen -t rsa -N '' -C 'snowden at git' -f "$HOME"/.ssh/id_rsa_mrsnowden`
1. Edit `$HOME/.ssh/config`:
```
host git.example
hostname git.example
@ -284,6 +253,7 @@ need more adaptations for Windows and other platforms.
1. go to the directory you want the project to be rooted in (hereafter we'll call it `$project_root`).
1. anonymously download your fork: $ `git clone git@mrsnowden:you/cloudflare-tor.git`
1. edit `$project_root/cloudflare-tor/.git/config` to include the account name and email address that will be on every commit, as well as the URL:
```
[user]
email = noreply@example.com
@ -320,12 +290,9 @@ to git are automatically over Tor with this configuration
------
<details>
<summary>_click me_
## About Cloudflare base domain list
<summary><h3>About Cloudflare base domain list</h3>
</summary>
Our mission is clear - `stay away from Cloudflare`.
If the `subdomain.example.com` is cloudflared, we add `example.com` to the database. (`subdomain.example.com` is the sub-domain of `example.com`. Only `the owner` of `example.com` can create sub-domain)
@ -339,7 +306,6 @@ Until `the owner` completely stop using Cloudflare service for `example.com`, we
There is `no exception`.
```
"amazonpayments.com"
$ getweb --headonly https://pages.amazonpayments.com/robots.txt
@ -349,19 +315,14 @@ expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi
alt-svc: h2="cflare******.onion:443"; ma=86400; persist=1
server: cloudflare
cf-ray: ***
```
If `the owner` moved away from `cloudflare` **completely**, you are welcome to add `example.com` to the "[ex_cloudflare_users.md](cloudflare_users/ex_cloudflare_users.md)" - after checking `example.com` with online tool below.
1. Open "Query Database" webpage.
2. Input domain name and click `Scan`.
3. Click `test` for detailed scan.
`Only a few Cloudflare user leave Cloudflare. False positive is uncommon.`
</details>

53
PEOPLE.md
View File

@ -1,43 +1,33 @@
# "Cloudflare, we have a problem"
- This is a list of voices. Thank you for sharing your opinion.
- *Disclaimer*: This page contains external links to third party websites. These sites are subject to the liability of the respective website operators.
| 🖼 | 🖼 | 🖼 |
| --- | --- | --- |
| ![](image/people.jpg) | ![](image/cfblockbothuman.jpg) | ![](image/pillory.jpg) |
| ![](image/blockedbymatthewprince2.jpg) | ![](image/omsnote.jpg) | ![](image/omsstream.jpg) |
> It's pretty sad when even the hometown paper is behind the greatcloudwall.
> C'mon guys. Stop using Cloudflare.
> It's endangering the world wide web and you're blocking readers who are protecting their privacy by using Tor.
```
It's pretty sad when even the hometown paper is behind the greatcloudwall.
C'mon guys. Stop using Cloudflare.
It's endangering the world wide web and you're blocking readers who are protecting
their privacy by using Tor.
```
-- [Jeff Cliff](https://shitposter.club/jeffcliff/)
― [Jeff Cliff](https://shitposter.club/jeffcliff/)
```
Man-in-the-middle attack is a serious offense.
If youre using Cloudflare on your website, you wont get first rank.
You shouldnt use it if you value visitors privacy.
```
-- [Ombrelo](subfiles/service.ombrelo.md)
> Man-in-the-middle attack is a serious offense.
> If youre using Cloudflare on your website, you wont get first rank.
> You shouldnt use it if you value visitors privacy.
― [Ombrelo](subfiles/service.ombrelo.md)
```
I say it's a bad idea to pimp CloudFlare sites and expect such repressions to go unchallenged.
Activism is a duty & ethics trumps netiquette.
Posting original information exclusively on onion sites
is like affirmative action for the repressed Tor community.
Correcting the wrongs of CloudFlare entails some unfair discrimination against clearnet users.
```
-- [Activist](https://activism.openworlds.info/@aktivismoEstasMiaLuo)
> I say it's a bad idea to pimp CloudFlare sites and expect such repressions to go unchallenged.
> Activism is a duty & ethics trumps netiquette.
> Posting original information exclusively on onion sites is like affirmative action for the repressed Tor community.
> Correcting the wrongs of CloudFlare entails some unfair discrimination against clearnet users.
― [Activist](https://activism.openworlds.info/@aktivismoEstasMiaLuo)
---
@ -48,11 +38,7 @@ Correcting the wrongs of CloudFlare entails some unfair discrimination against c
---
<details>
<summary>_click me_
## News / Blog
</summary>
<summary><h3>News / Blog</h3></summary>
- [Cloudflare outage hit Discord, other services in India](https://techcrunch.com/2022/06/15/cloudflare-outage-hits-discord-gitlab-and-other-services-in-india/)
- [Cloudflare Stats for 2022: How Many Websites Use Cloudflare?](https://backlinko.com/cloudflare-users)
@ -90,7 +76,7 @@ Correcting the wrongs of CloudFlare entails some unfair discrimination against c
- [HTTPS非対応サイトはもういらないCloudflareの危険性とデメリット](https://anime-tip.com/jamkun/wordpress/6984/)
- [Don't Trust CloudFlare](https://write.pixie.town/thufie/dont-trust-cloudflare)
- [blocking cloudflare IP-range be like](https://hacktivis.me/articles/blocking%20cloudflare%20IP-range%20be%20like)
- [Unrevokable SSL Certificates - Isnt this sounding pretty corrupt? Yes.](https://worldofmatthew.com/post/cloudflare-ssl/)
- [Unrevokable SSL Certificates - Isnt this sounding pretty corrupt? Yes.](https://worldofmatthew.com/post/cloudflare-ssl/)
- [New CDN for media files](https://masto.host/new-cdn-for-media-files/)
- [Personal post: I left Cloudflare](https://www.ethanyoo.com/cloudflare/)
- [Crimeflare (Fuck Cloudflare) / bandcamp / music](https://polarisfm.bandcamp.com/releases)
@ -123,7 +109,7 @@ Correcting the wrongs of CloudFlare entails some unfair discrimination against c
- [All your DNS traffic will be sent to Cloudflare](https://ungleich.ch/en-us/cms/blog/2018/08/04/mozillas-new-dns-resolution-is-dangerous/), [ungleich](https://ungleich.ch/)
- [Cloudflare: The bad, the worse and the ugly?](http://webschauder.de/cloudflare-the-bad-the-worse-and-the-ugly/), [Alle Beiträge](http://webschauder.de/author/jw/)
- [I dont trust Cloudflare with IPFS](https://blog.kareldonk.com/i-dont-trust-cloudflare-with-ipfs/), [Karel Donk](https://blog.kareldonk.com/)
- [Cloudflare IPFS experiment](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/cloudflare-IPFS-experiment.html), [Joe](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/index.html) [[mirror](http://archive.fo/139z1)]
- [Cloudflare IPFS experiment](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/cloudflare-IPFS-experiment.html), [Joe](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/index.html) [[mirror](http://archive.fo/139z1)]
- [Tor Project calls out CloudFlare for dark web surveillance](https://www.itproportal.com/2016/02/29/tor-project-calls-out-cloudflare-for-dark-web-surveillance/)
- [CloudFlare: Deutscher Bundestag bezieht schon wieder Internet von US-Anbietern, diesmal für die eigenen Webseiten](https://netzpolitik.org/2015/cloudflare-deutscher-bundestag-bezieht-schon-wieder-internet-von-us-anbietern-diesmal-fuer-die-eigenen-webseiten/), [Andre Meister](https://netzpolitik.org/author/andre/)
- [Don't Trust CloudFlare](https://write.lain.haus/thufie/dont-trust-cloudflare), [@lunaterra@cyberia.social](https://cyberia.social/@lunaterra)
@ -158,12 +144,9 @@ Correcting the wrongs of CloudFlare entails some unfair discrimination against c
-----
<details>
<summary>_click me_
## Forum / Wiki
<summary><h3>Forum / Wiki</h3>
</summary>
- [Cloudflare's abusive monoply on the WWW](https://old.reddit.com/r/privacy/comments/r1bct2/cloudflares_abusive_monoply_on_the_www/)
- [Suddenly Sickness Feels, Cloudflare, really F-Droid?](https://forum.f-droid.org/t/suddenly-sickness-feels-cloudflare-really-f-droid/17948)
- [Suggestion to add all Apps which connect to CloudFlare by default](https://forum.f-droid.org/t/suggestion-to-add-all-apps-which-connect-to-cloudflare-by-default/18114)

8
README.md
View File

File diff suppressed because one or more lines are too long

294
readme/en.action.md
View File

@ -4,70 +4,68 @@
| --- | --- | --- |
| ![](../image/matthew_prince_teen.jpg) | ![](../image/matthew_prince.jpg) | ![](../image/blockedbymatthewprince.jpg) |
Matthew Browning Prince ([@eastdakota](https://twitter.com/eastdakota)), born on November 13th, 1974, is the CEO and co-founder of Cloudflare.
[Matthew Browning Prince (Twitter @eastdakota)](https://twitter.com/eastdakota), born on November 13th 1974, is the CEO and co-founder of CloudFlare.
Thanks to his rich dad, [John B. Prince](https://web.archive.org/web/20081002173414/https://www.mufranchisee.com/article/453/), he attended the [University of Chicago Law School](https://en.wikipedia.org/wiki/University_of_Chicago_Law_School) ('00) and [Harvard Business School](https://en.wikipedia.org/wiki/Harvard_Business_School) ('09). Prince taught Internet Law and was a specialist in anti-spam laws and phishing investigations.
Thanks to his rich dad, [John B. Prince](http://web.archive.org/web/20081002173414/http://www.mufranchisee.com/article/453/), he attended the [University of Chicago Law School](https://en.wikipedia.org/wiki/University_of_Chicago_Law_School) ('00) and [Harvard Business School](https://en.wikipedia.org/wiki/Harvard_Business_School) ('09). Prince taught Internet law and was a specialist in anti-spam laws and phishing investigations.
> Id suggest this was armchair analysis by kids its hard to take seriously.
― [Alex Hern](https://www.theguardian.com/technology/2015/nov/19/cloudflare-accused-by-anonymous-helping-isis) ([@alexhern](https://twitter.com/alexhern))
"*Id suggest this was armchair analysis by kids its hard to take seriously.*" [t](https://www.theguardian.com/technology/2015/nov/19/cloudflare-accused-by-anonymous-helping-isis)
> That was simply unfounded paranoia, pretty big difference.
"*That was simply unfounded paranoia, pretty big difference.*" [t](https://twitter.com/xxdesmus/status/992757936123359233)
― [Justin](https://web.archive.org/web/20200619211926/https://twitter.com/xxdesmus/status/992757936123359233) ([@xxdesmus](https://twitter.com/xxdesmus))
"*We also work with Interpol and other non-US entities*" [t](https://twitter.com/eastdakota/status/1203028504184360960)
> We also work with Interpol and other non-US entities
"*Watching hacker skids on Github squabble about trying to bypass Cloudflare's new anti-bot systems continues to be my daily amusement.* 🍿" [t](https://twitter.com/eastdakota/status/1273277839102656515)
― [Matthew Prince](https://twitter.com/eastdakota/status/1203028504184360960) ([@eastdakota](https://twitter.com/eastdakota))
> Watching hacker skids on Github squabble about trying to bypass Cloudflare's new anti-bot systems continues to be my daily amusement.
― [Matthew Prince](https://twitter.com/eastdakota/status/1273277839102656515) ([@eastdakota](https://twitter.com/eastdakota))
![](../image/whoismp.jpg)
---
<details>
<summary>click me
## Website consumer
</summary>
<summary><h3>Website consumer</h3></summary>
- If the website you like is using Cloudflare, tell them not to use Cloudflare.
- Whining on social media such as Facebook, Reddit, Twitter or Mastodon makes no difference. [Actions are louder than hashtags.](https://twitter.com/phyzonloop/status/1274132092490862594)
- Try to contact to the website owner if you want to make yourself useful.
[Cloudflare said](https://github.com/Eloston/ungoogled-chromium/issues/783):
```
We recommend that you reach out to the administrators for the specific services or sites that you run into issue with and share your experience.
```
> We recommend that you reach out to the administrators for the specific services or sites that you run into issue with and share your experience.
[If you don't ask for it, website owner never know this problem.](../PEOPLE.md)
![](../image/liberapay.jpg)
[Successful example](https://counterpartytalk.org/t/turn-off-cloudflare-on-counterparty-co-plz/164/5).<br>
[Successful example](https://counterpartytalk.org/t/turn-off-Cloudflare-on-counterparty-co-plz/164/5).
You have a problem? [Raise your voice now.](https://github.com/maraoz/maraoz.github.io/issues/1) Example below.
```
You are just helping corporate censorship and mass surveillance.
http://crimeflare.eu.org
https://crimeflare.eu.org
```
```
Your web page is in the privacy-abusing private walled-garden of CloudFlare.
http://crimeflare.eu.org
Your web page is in the privacy-abusing private walled-garden of Cloudflare.
https://crimeflare.eu.org
```
- Take some time to read website's privacy policy.
- if the website is behind Cloudflare or website is using services connected to Cloudflare.
It must explain what the "Cloudflare" is, and ask for permission to share your data with Cloudflare. Failure to do so will result in the breach of trust and the website in question should be avoided.
It must explain what the "Cloudflare" is and ask for permission to share your data with Cloudflare. Failure to do so will result in the breach of trust, and the website in question should be avoided.
[An acceptable privacy policy example is here](https://archive.is/bDlTz) ("Subprocessors" > "Entity Name")
```
I've read your privacy policy and I cannot find the word Cloudflare.
I refuse to share data with you if you continue to feed my data to Cloudflare.
http://crimeflare.eu.org
https://crimeflare.eu.org
```
This is an example of privacy policy which does not have the word Cloudflare.
@ -76,81 +74,68 @@ This is an example of privacy policy which does not have the word Cloudflare.
![](../image/cfwontobey.jpg)
Cloudflare have their own privacy policy.
[Cloudflare loves doxxing people.](https://www.reddit.com/r/GamerGhazi/comments/2s64fe/be_wary_reporting_to_cloudflare/)
[Cloudflare loves doxxing people.](https://www.reddit.com/r/GamerGhazi/comments/2s64fe/be_wary_reporting_to_Cloudflare/)
Here's a good example for website's signup form.
AFAIK, zero website do this. Will you trust them?
```
By clicking “Sign up for XYZ”, you agree to our terms of service and privacy statement.
You also agree to share your data with Cloudflare and also agrees to cloudflare's privacy statement.
You also agree to share your data with Cloudflare and also agrees to Cloudflare's privacy statement.
If Cloudflare leak your information or won't let you to connect to our servers, it's not our fault. [*]
[ Sign up ] [ I disagree ]
```
[*] [PEOPLE.md](../PEOPLE.md)
- Try not to use their service. Remember you are being watched by Cloudflare.
- ["I'm in your TLS, sniffin' your passworz"](../image/iminurtls.jpg)
- Search for other website. There are alternatives and opportunites on the internet!
- Convince your friends to use Tor on the daily basis.
- Anonymity should be the standard of the open internet!
- [Do note that the Tor project dislikes this project.](../HISTORY.md)
</details>
------
<details>
<summary>click me
<summary><h3>Add-ons</h3></summary>
## Add-ons
</summary>
- If your browser is Firefox, Tor Browser, or Ungoogled Chromium use one of these add-ons below.
- If your browser is Firefox, Tor Browser or Ungoogled Chromium use one of these add-ons below.
- If you want to add other new add-on ask about it first.
| Name | Developer | Support | Can Block | Can Notify | Chrome |
| -------- | -------- | -------- | -------- | -------- | -------- |
| [Bloku Cloudflaron MITM-Atakon](../subfiles/about.bcma.md) | #Addon | [ ? ](http://crimeflare.eu.org/) | **Yes** | **Yes** | **Yes** |
| [Ĉu ligoj estas vundeblaj al MITM-atako?](../subfiles/about.ismm.md) | #Addon | [ ? ](http://crimeflare.eu.org/) | No | **Yes** | **Yes** |
| [Ĉu ĉi tiuj ligoj blokos Tor-uzanton?](../subfiles/about.isat.md) | #Addon | [ ? ](http://crimeflare.eu.org/) | No | **Yes** | **Yes** |
| [Block Cloudflare MITM Attack](https://trac.torproject.org/projects/tor/attachment/ticket/24351/block_cloudflare_mitm_attack-1.0.14.1-an%2Bfx.xpi)<br>[**DELETED BY TOR PROJECT**](../HISTORY.md) | nullius | [ ? ](../tool/block_cloudflare_mitm_fx), [Link](http://crimeflare.eu.org/) | **Yes** | **Yes** | No |
| [TPRB](http://sw.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion/) | Sw | [ ? ](http://sw.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion/) | **Yes** | **Yes** | No |
| [Detect Cloudflare](https://addons.mozilla.org/en-US/firefox/addon/detect-cloudflare/) | Frank Otto | [ ? ](https://github.com/traktofon/cf-detect) | No | **Yes** | No |
| [True Sight](https://addons.mozilla.org/en-US/firefox/addon/detect-cloudflare-plus/) | claustromaniac | [ ? ](https://github.com/claustromaniac/detect-cloudflare-plus) | No | **Yes** | No |
| [Which Cloudflare datacenter am I visiting?](https://addons.mozilla.org/en-US/firefox/addon/cf-pop/) | 依云 | [ ? ](https://github.com/lilydjwg/cf-pop) | No | **Yes** | No |
| --- | --- | --- | --- | --- | --- |
| [Bloku Cloudflaron MITM-Atakon](../subfiles/about.bcma.md) | #Addon | [ ? ](https://crimeflare.eu.org/) | **Yes** | **Yes** | **Yes** |
| [Ĉu ligoj estas vundeblaj al MITM-atako?](../subfiles/about.ismm.md) | #Addon | [ ? ](https://crimeflare.eu.org/) | No | **Yes** | **Yes** |
| [Ĉu ĉi tiuj ligoj blokos Tor-uzanton?](../subfiles/about.isat.md) | #Addon | [ ? ](https://crimeflare.eu.org/) | No | **Yes** | **Yes** |
| [Block Cloudflare MITM Attack](https://trac.torproject.org/projects/tor/attachment/ticket/24351/block_Cloudflare_mitm_attack-1.0.14.1-an%2Bfx.xpi)<br>[**DELETED BY TOR PROJECT**](../HISTORY.md) | nullius | [ ? ](../tool/block_Cloudflare_mitm_fx), [Link](https://crimeflare.eu.org/) | **Yes** | **Yes** | No |
| [TPRB](http://sw.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion/) | Sw | [ ? ](http://sw.nnpaefp7pkadbxxkhz2agtbv2a4g5sgo2fbmv3i7czaua354334uqqad.onion/) | **Yes** | **Yes** | No |
| [Detect Cloudflare](https://addons.mozilla.org/en-US/firefox/addon/detect-Cloudflare/) | Frank Otto | [ ? ](https://github.com/traktofon/cf-detect) | No | **Yes** | No |
| [True Sight](https://addons.mozilla.org/en-US/firefox/addon/detect-Cloudflare-plus/) | claustromaniac | [ ? ](https://github.com/claustromaniac/detect-Cloudflare-plus) | No | **Yes** | No |
| [Which Cloudflare datacenter am I visiting?](https://addons.mozilla.org/en-US/firefox/addon/cf-pop/) | 依云 | [ ? ](https://github.com/lilydjwg/cf-pop) | No | **Yes** | No |
- "Decentraleyes" can stop connection to "CDNJS (Cloudflare)".
- It prevents a lot of requests from reaching networks, and serves local files to keep sites from breaking.
- The developer replied: "[very concerning indeed](https://github.com/Synzvato/decentraleyes/issues/236#issuecomment-352049501)", "[widespread usage severely centralizes the web](https://github.com/Synzvato/decentraleyes/issues/251#issuecomment-366752049)"
- It prevents a lot of requests from reaching networks and serves local files to keep sites from breaking.
- The developer replied: "[very concerning indeed](https://github.com/Synzvato/decentraleyes/issues/236#issuecomment-352049501)", "[widespread usage severely centralizes the web](https://github.com/Synzvato/decentraleyes/issues/251#issuecomment-366752049)"
- [You can also remove or distrust Cloudflare certificate from your Certificate Authority(CA).](https://www.ssl.com/how-to/remove-root-certificate-firefox/)
</details>
------
<details>
<summary>click me
<summary><h3>Website owner / Web developer</h3></summary>
## Website owner / Web developer
</summary>
![](../image/word_cloudflarefree.jpg)
![](../image/word_Cloudflarefree.jpg)
- Do not use Cloudflare solution, Period.
- You can do better than that, right? [Here's how to remove Cloudflare subscriptions, plans, domains, or accounts.](https://support.cloudflare.com/hc/en-us/articles/200167776-Removing-subscriptions-plans-domains-or-accounts)
- You can do better than that, right? [Here's how to remove Cloudflare subscriptions, plans, domains, or accounts.](https://support.Cloudflare.com/hc/en-us/articles/200167776-Removing-subscriptions-plans-domains-or-accounts)
| 🖼 | 🖼 |
| --- | --- |
| ![](../image/htmlalertcloudflare.jpg) | ![](../image/htmlalertcloudflare2.jpg) |
| ![](../image/htmlalertCloudflare.jpg) | ![](../image/htmlalertCloudflare2.jpg) |
- Want more customers? You know what to do. Hint is "above line".
- [Hello, you wrote "We take your privacy seriously" but I got "Error 403 Forbidden Anonymous Proxy Not Allowed".](https://it.slashdot.org/story/19/02/19/0033255/stop-saying-we-take-your-privacy-and-security-seriously) Why are you blocking Tor Or VPN? And why are you blocking temporary emails?
@ -158,31 +143,29 @@ If Cloudflare leak your information or won't let you to connect to our servers,
![](../image/anonexist.jpg)
- Using Cloudflare will increase chances of an outage. Visitors can't access to your website if your server is down or Cloudflare is down.
- [Did you really think Cloudflare never go down?](https://www.ibtimes.com/cloudflare-down-not-working-sites-producing-504-gateway-timeout-errors-2618008) [Another](https://twitter.com/Jedduff/status/1097875615997399040) [sample](https://twitter.com/search?f=tweets&vertical=default&q=Cloudflare%20is%20having%20problems). [Need more](../PEOPLE.md)?
- [Did you really think Cloudflare never go down?](https://www.ibtimes.com/Cloudflare-down-not-working-sites-producing-504-gateway-timeout-errors-2618008) [Another](https://twitter.com/Jedduff/status/1097875615997399040) [sample](https://twitter.com/search?f=tweets&vertical=default&q=Cloudflare%20is%20having%20problems). [Need more](../PEOPLE.md)?
![](../image/cloudflareinternalerror.jpg)
![](../image/Cloudflareinternalerror.jpg)
- Using Cloudflare to proxy your "API service", "software update server" or "RSS feed" will harm your customer. A customer called you and said "I can't use your API anymore", and you have no idea what is going on. Cloudflare can silently block your customer. Do you think it is okay?
- There are many RSS reader client and RSS reader online service. Why are you publishing RSS feed if you're not allowing people to subscribe?
![](../image/rssfeedovercf.jpg)
- Do you need HTTPS certificate? Use "Let's Encrypt" or just buy it from CA company.
- Do you need HTTPS certificate? Use "Let's Encrypt" or just buy it from CA Company.
- Do you need DNS server? Can't set up your own server? How about them: [Hurricane Electric Free DNS](https://dns.he.net/), [Dyn.com](https://dyn.com/dns/), [1984 Hosting](https://www.1984hosting.com/), [Afraid.Org (Admin delete your account if you use TOR)](https://freedns.afraid.org/)
- [Alternativoj al DNS](../subfiles/alternative.domaindns.md)
- Looking for hosting service? Free only? How about them: [Onion Service](http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/en/security/network-security/tor/onionservices-best-practices), [Free Web Hosting Area](https://freewha.com/), [Autistici/Inventati Web Site Hosting](https://www.autinv5q6en4gpf4.onion/services/website), [Github Pages](https://pages.github.com/), [Surge](https://surge.sh/)
- [Alternatives to Cloudflare](../subfiles/alternative.cloudflare.md)
- Are you using "cloudflare-ipfs.com"? [Do you know Cloudflare IPFS is bad?](../PEOPLE.md)
- [Alternatives to Cloudflare](../subfiles/alternative.Cloudflare.md)
- Are you using "Cloudflare-ipfs.com"? [Do you know Cloudflare IPFS is bad?](../PEOPLE.md)
- Install Web Application Firewall such as OWASP and Fail2Ban on your server and configure it properly.
- Blocking Tor is not a solution. Don't punish everyone just for small bad users.
- Blocking Tor is not a solution. Don't punish everyone just for small bad users.
- Redirect or block "Cloudflare Warp" users from accessing your website. And provide a reason if you can.
> IP list: "[Cloudflares current IP ranges](cloudflare_inc/)"
> IP list: "[Cloudflares current IP ranges](Cloudflare_inc/)"
> A: Just block them
@ -254,49 +237,40 @@ if ($iscf) {rewrite ^ https://example.com/cfwsorry.php;}
<?php
header('HTTP/1.1 406 Not Acceptable');
echo <<<CLOUDFLARED
echo <<<CloudflareD
Thank you for visiting ourwebsite.com!<br />
We are sorry, but we can't serve you because your connection is being intercepted by Cloudflare.<br />
Please read http://crimeflare.eu.org for more information.<br />
CLOUDFLARED;
Please read https://crimeflare.eu.org for more information.<br />
CloudflareD;
die();
```
- Set up Tor Onion Service or I2P insite if you believe in freedom and welcome anonymous users.
- Ask for advice from other Clearnet/Tor dual website operators and make anonymous friends!
</details>
------
<details>
<summary>click me
<summary><h3>Software user</h3></summary>
## Software user
</summary>
- Discord is using Cloudflare. Alternatives? We recommend [**Briar** (Android)](https://f-droid.org/en/packages/org.briarproject.briar.android/), [Ricochet (PC)](https://ricochet.im/), [Tox + Tor (Android/PC)](https://tox.chat/download.html)
- Discord is using CloudFlare. Alternatives? We recommend [**Briar** (Android)](https://f-droid.org/en/packages/org.briarproject.briar.android/), [Ricochet (PC)](https://ricochet.im/), [Tox + Tor (Android/PC)](https://tox.chat/download.html)
- Briar includes Tor daemon so you don't have to install Orbot.
- Qwtch developers, Open Privacy, deleted stop_cloudflare project from their git service without notice.
- Qwtch developers, Open Privacy, deleted stop_Cloudflare project from their git service without notice.
- If you use Debian GNU/Linux, or any derivative, subscribe: [bug #831835](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831835). And if you can, help verify the patch, and help the maintainer come to the right conclusion on whether it should be accepted.
- Always recommend these browsers.
| Name | Developer | Support | Comment |
| -------- | -------- | -------- | -------- |
| [Ungoogled-Chromium](https://ungoogled-software.github.io/ungoogled-chromium-binaries/) | Eloston | [ ? ](https://github.com/Eloston/ungoogled-chromium) | PC (Win, Mac, Linux) _!Tor_ |
| [Bromite](https://www.bromite.org/fdroid) | Bromite | [ ? ](https://github.com/bromite/bromite/issues) | Android _!Tor_ |
| [Tor Browser](https://www.torproject.org/download/) | Tor Project | [ ? ](https://support.torproject.org/) | PC (Win, Mac, Linux) _Tor_|
| [Tor Browser Android](https://www.torproject.org/download/) | Tor Project | [ ? ](https://support.torproject.org/) | Android _Tor_|
| [Onion Browser](https://itunes.apple.com/us/app/onion-browser/id519296448?mt=8) | Mike Tigas | [ ? ](https://github.com/OnionBrowser/OnionBrowser/issues) | Apple iOS _Tor_|
| --- | --- | --- | --- |
| [Ungoogled-Chromium](https://ungoogled-software.github.io/ungoogled-chromium-binaries/) | Eloston | [ ? ](https://github.com/Eloston/ungoogled-chromium) | PC (Win, Mac, Linux)_!Tor_ |
| [Bromite](https://www.bromite.org/fdroid) | Bromite | [ ? ](https://github.com/bromite/bromite/issues) | Android_!Tor_ |
| [Tor Browser](https://www.torproject.org/download/) | Tor Project | [ ? ](https://support.torproject.org/) | PC (Win, Mac, Linux)_Tor_ |
| [Tor Browser Android](https://www.torproject.org/download/#android) | Tor Project | [ ? ](https://support.torproject.org/) | Android_Tor_ |
| [Onion Browser](https://itunes.apple.com/us/app/onion-browser/id519296448?mt=8) | Mike Tigas | [ ? ](https://github.com/OnionBrowser/OnionBrowser/issues) | Apple iOS_Tor_ |
| [GNU/Icecat](https://www.gnu.org/software/gnuzilla/) | GNU | [ ? ](https://www.gnu.org/software/gnuzilla/) | PC (Linux) |
| [IceCatMobile](https://f-droid.org/en/packages/org.gnu.icecat/) | GNU | [ ? ](https://lists.gnu.org/mailman/listinfo/bug-gnuzilla) | Android |
| [Iridium Browser](https://iridiumbrowser.de/about/) | Iridium | [ ? ](https://github.com/iridium-browser/iridium-browser/) | PC (Win, Mac, Linux, OpenBSD) |
Other software's privacy is imperfect. This doesn't mean Tor browser is "perfect".
There is no 100% secure nor 100% private on the internet and technology.
@ -304,171 +278,127 @@ There is no 100% secure nor 100% private on the internet and technology.
- [Note that the Tor project don't like this.](https://support.torproject.org/tbb/tbb-9/) Use Tor Browser if you are able to do so.
- [How to use Chromium with Tor](../subfiles/chromium_tor.md)
Let's talk about other software's privacy.
- [If you really need to use Firefox, pick "Firefox ESR".](https://www.mozilla.org/en-US/firefox/organizations/)
- [Firefox - Spyware Watchdog](https://spyware.neocities.org/articles/firefox.html)
- [Firefox rejects free speech, bans free speech](https://web.archive.org/web/20200423010026/https://reclaimthenet.org/firefox-rejects-free-speech-bans-free-speech-commenting-plugin-dissenter-from-its-extensions-gallery/)
- ["100+ downvotes. It seems like asking a software company to stick to... software is just too much these days."](https://old.reddit.com/r/firefox/comments/gutdiw/weve_got_work_to_do_the_mozilla_blog/fslbbb6/)
- [Uh, why is Firefox showing me sponsored links in my URL bar?](https://www.reddit.com/r/firefox/comments/jybx2w/uh_why_is_firefox_showing_me_sponsored_links_in/)
- ["100+ downvotes. It seems like asking a software company to stick to... software is just too much these days."](https://reddit.com/r/firefox/comments/gutdiw/weve_got_work_to_do_the_mozilla_blog/fslbbb6/)
- [Uh, why is Firefox showing me sponsored links in my URL bar?](https://reddit.com/r/firefox/comments/jybx2w/uh_why_is_firefox_showing_me_sponsored_links_in/)
- [Mozilla - Devil Incarnate](https://digdeeper.neocities.org/ghost/mozilla.html)
- [Remember, Mozilla is using Cloudflare service.](https://www.robtex.com/dns-lookup/www.mozilla.org) [They're also using Cloudflare's DNS service on their product.](https://www.theregister.co.uk/2018/03/21/mozilla_testing_dns_encryption/)
- [Mozilla officially rejected this ticket.](https://bugzilla.mozilla.org/show_bug.cgi?id=1426618)
- [Firefox Focus is a joke.](https://github.com/mozilla-mobile/focus-android/issues/1743) [They promised to turn off telemetry but they changed it.](https://github.com/mozilla-mobile/focus-android/issues/4210)
- [PaleMoon/Basilisk developer loves Cloudflare.](https://github.com/mozilla-mobile/focus-android/issues/1743#issuecomment-345993097)
- [Pale Moon's Archive Server hacked and spread malware for 18 Months](https://www.reddit.com/r/privacytoolsIO/comments/cc808y/pale_moons_archive_server_hacked_and_spread/)
- [Pale Moon's Archive Server hacked and spread malware for 18 Months](https://reddit.com/r/privacytoolsIO/comments/cc808y/pale_moons_archive_server_hacked_and_spread/)
- He also hate Tor users - "[Let it be hostile towards Tor. I think most sites should be hostile towards Tor considering its extremely high abuse factor.](https://github.com/yacy/yacy_search_server/issues/314#issuecomment-565932097)"
- [Waterfox have severe "phones home" problem](https://spyware.neocities.org/articles/waterfox.html)
- [Google Chrome is a spyware.](https://www.gnu.org/proprietary/malware-google.en.html)
- [Google profiles your activity.](https://spyware.neocities.org/articles/chrome.html)
- [SRWare Iron make too many phones home connection.](https://spyware.neocities.org/articles/iron.html) It also connect to google domains.
- [Brave Browser whitelist Facebook/Twitter trackers.](https://www.bleepingcomputer.com/news/security/facebook-twitter-trackers-whitelisted-by-brave-browser/)
- [Here's more issues.](https://spyware.neocities.org/articles/brave.html)
- [binance affiliate ID](https://twitter.com/cryptonator1337/status/1269594587716374528)
- [Microsoft Edge lets Facebook run Flash code behind users' backs.](https://www.zdnet.com/article/microsoft-edge-lets-facebook-run-flash-code-behind-users-backs/)
- [Vivaldi does not respect your privacy.](https://spyware.neocities.org/articles/vivaldi.html)
- [Opera spyware level: Extremely High](https://spyware.neocities.org/articles/opera.html)
- Apple iOS: [You shouldn't be using iOS at all, mainly because it is malware.](https://www.gnu.org/proprietary/malware-apple.html)
Therefore we recommend above table only. Nothing else.
</details>
------
<details>
<summary>click me
## Mozilla Firefox user
</summary>
<summary><h3>Mozilla Firefox user</h3></summary>
- "Firefox Nightly" will send debug-level information to Mozilla servers without opt-out method.
- [Mozilla servers are behing Cloudflare](https://www.digwebinterface.com/?hostnames=www.mozilla.org%0D%0Amozilla.cloudflare-dns.com&type=&ns=resolver&useresolver=8.8.4.4&nameservers=)
- [Mozilla servers are behing Cloudflare](https://www.digwebinterface.com/?hostnames=www.mozilla.org%0D%0Amozilla.Cloudflare-dns.com&type=&ns=resolver&useresolver=8.8.4.4&nameservers=)
- It is possible to prohibit Firefox to connect to Mozilla servers.
- [Mozilla's policy-templates guide](https://github.com/mozilla/policy-templates/blob/master/README.md)
- Keep in mind this trick might stop working in later version because Mozilla likes to whitelist themselves.
- Use firewall and DNS filter to block them completely.
"`/distribution/policies.json`"
> "WebsiteFilter": {
> "Block": [
> "*://*.mozilla.com/*",
> "*://*.mozilla.net/*",
> "*://*.mozilla.org/*",
> "*://webcompat.com/*",
> "*://*.firefox.com/*",
> "*://*.thunderbird.net/*",
> "*://*.cloudflare.com/*"
> ]
> },
```json
"WebsiteFilter": {
"Block": [
"*://*.mozilla.com/*",
"*://*.mozilla.net/*",
"*://*.mozilla.org/*",
"*://webcompat.com/*",
"*://*.firefox.com/*",
"*://*.thunderbird.net/*",
"*://*.Cloudflare.com/*"
]
},
```
- ~~Report a bug on mozilla's tracker, telling them not to use Cloudflare.~~ There was a bug report on bugzilla. Many people were posted their concern, however the bug was hidden by the admin in 2018.
- You can disable DoH in Firefox.
- [Change default DNS provider of firefox](../subfiles/change-firefox-dns.md)
![](../image/firefoxdns.jpg)
- [If you would like to use non-ISP DNS, consider using OpenNIC Tier2 DNS service or any of non-Cloudflare DNS services.](https://wiki.opennic.org/start)
![](../image/opennic.jpg)
- [If you would like to use non-ISP DNS, consider using OpenNIC Tier2 DNS service or any of non-Cloudflare DNS services.](https://wiki.opennic.org/start)
![](../image/opennic.jpg)
- Block Cloudflare with DNS. [Crimeflare DNS](../subfiles/service.publicdns.md)
- You can use Tor as DNS resolver. [If you're not Tor expert, ask question here.](https://tor.stackexchange.com/)
> **How?**
> 1. Download Tor and install it on your computer.
> 2. Add this line to "torrc" file.
> DNSPort 127.0.0.1:53
> 3. Restart Tor.
> 4. Set your computer's DNS server to "127.0.0.1".
**How?**
1. Download Tor and install it on your computer.
2. Add this line to "torrc" file.
DNSPort 127.0.0.1:53
3. Restart Tor.
4. Set your computer's DNS server to "127.0.0.1".
</details>
------
<details>
<summary>click me
## Action
</summary>
<summary><h3>Action</h3></summary>
- Tell others around you about the dangers of Cloudflare.
- [Help improve this repository.](http://crimeflare.eu.org)
- [Help improve this repository.](https://crimeflare.eu.org)
- Both the lists, the arguments against it and the details.
- [Document and make very public where things go wrong with Cloudflare (and similar companies), making sure to mention this repository when you do so](http://crimeflare.eu.org) :)
- Get more people using Tor by default so they can experience the web from the perspective of different parts of the world.
- [Document and make very public where things go wrong with Cloudflare (and similar companies), making sure to mention this repository when you do so](https://crimeflare.eu.org) :)
- Get more people using Tor by default, so they can experience the web from the perspective of different parts of the world.
- Start groups, in social media and meatspace, dedicated to liberating the world from Cloudflare.
- Where appropriate, link to these groups on this repository - this can be a place for coordinating working together as groups.
- [Start a coop that can provide a meaningful non corporate alternative to Cloudflare.](../subfiles/alternative.cloudflare.md)
- [Start a coop that can provide a meaningful non corporate alternative to Cloudflare.](../subfiles/alternative.Cloudflare.md)
- Let us know of any alternatives to help at least provide multiple layered defence against Cloudflare.
- If you are a Cloudflare customer, set your privacy settings, and wait for them to violate them.
- [Then bring them under anti-spam / privacy violation charges.](https://twitter.com/thexpaw/status/1108424723233419264)
- If you are in the United States of America and the website in question is a bank or an accountant, try to bring legal pressure under the GrammLeachBliley Act, or the Americans with DIsabilities Act and report back to us how far you get.
- If you are a Cloudflare customer, set your privacy settings and wait for them to violate them.
- [Then bring them under anti-spam/privacy violation charges.](https://twitter.com/thexpaw/status/1108424723233419264)
- If you are in the United States of America and the website in question is a bank or an accountant, try to bring legal pressure under the GrammLeachBliley Act, or the Americans with Disabilities Act and report back to us how far you get.
- If the website is a government site, try to bring legal pressure under the 1st Amendment of the US Constitution.
- If you are EU citizen, contact the website to send your personal information under the General Data Protection Regulation. If they refuse to give you your information, that's a violation of the law.
- For companies that claim to offer service on their website try reporting them as "false advertising" to consumer protection organizations and BBB. Cloudflare websites are served by Cloudflare servers.
- [The ITU suggest in the US context that Cloudflare is starting to get big enough that antitrust law might be brought down upon them.](https://www.itu.int/en/ITU-T/Workshops-and-Seminars/20181218/Documents/Geoff_Huston_Presentation.pdf)
- It's conceivable that the GNU GPL version 4 could include a provision against storing source code behind such a service, requiring for all GPLv4 and later programs that at least the source code is accessible via a medium that does not discriminate against Tor users.
- [Se vi uzas Mastodon bonvolu sekvi la konton Mitigator](../subfiles/service.altlink.md).
</details>
------
### Comments
```
There is always hope in resistance.
> There is always hope in resistance.
>
> Resistance is fertile.
>
> Even some of the darker outcomes comes to be, the very act of resistance trains us to continue to destabilize the dystopic status quo that results.
>
> Resist!
Resistance is fertile.
> Someday, you'll understand why we wrote this.
Even some of the darker outcomes comes to be, the very act of resistance trains us to continue to destabilize the dystopic status quo that results.
Resist!
```
```
Someday, you'll understand why we wrote this.
```
```
There isn't anything futuristic about this. We have already lost.
```
> There isn't anything futuristic about this. We have already lost.
### Now, what did you do today?
![](../image/stopcf.jpg)

136
readme/en.ethics.md
View File

@ -1,44 +1,30 @@
# 👋 [_Non-English_ versions](../README.md)
<br><br><br><br><br>
---
# Ethical Issues
![](../image/itsreallythatbad.jpg)
![](../image/telegram/c81238387627b4bfd3dcd60f56d41626.jpg)
"_Don't support this company which is void of ethics_"
> "[Don't support this company which is void of ethics](https://twitter.com/phyzonloop/status/1194458264026660864)"
"_Your company isn't trustworthy. You claim to enforce DMCA but have many lawsuits for not doing so._"
> "[Your company isn't trustworthy. You claim to enforce DMCA but have many lawsuits for not doing so.](https://twitter.com/phyzonloop/status/1194458264026660864)"
"_They only censor those who question their ethics._"
"_I guess the truth is inconvenient and better hidden from public view._" -- [phyzonloop](https://twitter.com/phyzonloop)
---
> "[They only censor those who question their ethics.](https://twitter.com/phyzonloop/status/1257456618649903106)"
> "[I guess the truth is inconvenient and better hidden from public view.](https://twitter.com/phyzonloop/status/1286430902420217858)"
<details>
<summary>_click me_
## CloudFlare spams people
</summary>
<summary><h3>CloudFlare spams people</h3></summary>
Cloudflare is sending spam emails to non-Cloudflare users.
- Only send emails to subscribers whove opted in
- When the user say "stop", then stop sending email
- Only send emails to subscribers whove opted in.
- When the user says "stop", then stop sending email
It's that simple. But Cloudflare doesn't care.
Cloudflare said using their service [can stop all spammers or attackers](https://support.cloudflare.com/hc/en-us/articles/200170066-Will-activating-Cloudflare-stop-all-spammers-or-attackers-).
How can we stop _Cloudflare spammers_ without activating Cloudflare?
| 🖼 | 🖼 |
| --- | --- |
| ![](../image/cfspam01.jpg) | ![](../image/cfspam03.jpg) |
@ -47,37 +33,22 @@ How can we stop _Cloudflare spammers_ without activating Cloudflare?
</details>
---
<details>
<summary>_click me_
## Remove user's review
</summary>
<summary><h3>Remove user's review</h3></summary>
Cloudflare censor [negative reviews](https://web.archive.org/web/20191116004046/https://www.trustpilot.com/reviews/5aa6ee0ed5a5700a7c8cf853). If you post _anti-Cloudflare_ text on Twitter, you have a chance to get a [reply](https://twitter.com/CloudflareHelp/status/1126051764917145601) from [Cloudflare employee](cloudflare_inc/cloudflare_members.txt) with "_[No, it's not](PEOPLE.md)_" message. If you post a negative review on any review site, they will try to [censor](https://twitter.com/phyzonloop/status/1178836176985366529) [it](https://twitter.com/dxgl_org/status/1178722159432220672).
| 🖼 | 🖼 |
| --- | --- |
| ![](../image/cfcenrev_01.jpg)<br>![](../image/cfcenrev_02.jpg) | ![](../image/cfcenrev_03.jpg) |
</details>
---
<details>
<summary>_click me_
## Share user's private information
</summary>
<summary><h3>Share user's private information</h3></summary>
Cloudflare has a massive [harassment problem](https://web.archive.org/web/20171024040313/http://www.businessinsider.com/cloudflare-ceo-suggests-people-who-report-online-abuse-use-fake-names-2017-5).
Cloudflare [shares personal information](https://archive.ph/ePdvi) of those [who](https://twitter.com/ZJemptv/status/898299709634248704) [complain](https://twitter.com/TinyPirate/status/554718958176067584) [about](https://twitter.com/remembrancermx/status/1010329041235148802) [hosted](https://twitter.com/Bridaguy/status/915003769280172037) [sites](https://twitter.com/HelloAndrew/status/897260208845500416). They sometimes ask you to provide
your true ID. If you don't want to get harassed, [assaulted](https://twitter.com/NiteShade925/status/1158469203420205056), [swatted](https://boingboing.net/2015/01/19/invasion-boards-set-out-to-rui.html) or [killed](https://twitter.com/RusEmbUSA/status/1187363092793040901), you better stay away from Cloudflared websites.
Cloudflare [shares personal information](https://archive.ph/ePdvi) of those [who](https://twitter.com/ZJemptv/status/898299709634248704) [complain](https://twitter.com/TinyPirate/status/554718958176067584) [about](https://twitter.com/remembrancermx/status/1010329041235148802) [hosted](https://twitter.com/Bridaguy/status/915003769280172037) [sites](https://twitter.com/HelloAndrew/status/897260208845500416). They sometimes ask you to provide your true ID. If you don't want to get harassed, [assaulted](https://twitter.com/NiteShade925/status/1158469203420205056), [swatted](https://boingboing.net/2015/01/19/invasion-boards-set-out-to-rui.html) or [killed](https://twitter.com/RusEmbUSA/status/1187363092793040901), you better stay away from Cloudflared websites.
| 🖼 | 🖼 |
| --- | --- |
@ -88,30 +59,17 @@ your true ID. If you don't want to get harassed, [assaulted](https://twitter.com
</details>
---
<details>
<summary>_click me_
## Corporate solicitation of charitable contributions
</summary>
<summary><h3>Corporate solicitation of charitable contributions</h3></summary>
CloudFlare is [asking](https://web.archive.org/web/20191112033605/https://opencollective.com/cloudflarecollective#section-about) for charitable contributions. Its quite appalling that an American corporation would ask for charity alongside non-profit organizations that have good causes. If you like [blocking people or wasting other people's time](PEOPLE.md), you might want to order some pizzas🍕 for Cloudflare employees.
![](../image/cfdonate.jpg)
</details>
---
<details>
<summary>_click me_
## Terminating sites
</summary>
<summary><h3>Terminating sites</summary>
What will you do if your site goes down _suddenly_? There are reports that Cloudflare is [deleting](https://twitter.com/stefan_eady/status/1126033791267426304) [user's](https://twitter.com/derivativeburke/status/903755267053117440) [configuration](https://twitter.com/lordscarlet/status/1046785164792205314) or [stopping service without any warning](https://twitter.com/svolentin/status/1227324408475344896), [silently](https://twitter.com/BlnaryMlke/status/1194339461984854018). We suggest you find [better provider](what-to-do.md).
@ -119,14 +77,8 @@ What will you do if your site goes down _suddenly_? There are reports that Cloud
</details>
---
<details>
<summary>_click me_
## Browser vendor discrimination
</summary>
<summary><h3>Browser vendor discrimination</h3></summary>
CloudFlare gives preferential treatment to those using Firefox while giving hostile treatment to users of non-Tor-Browser over Tor.
Tor users of who rightfully refuse to execute non-free javascript also receive hostile treatment.
@ -149,7 +101,6 @@ This access inequality is a network neutrality abuse and an abuse of power.
- Lynx
| ***Browser*** | ***Access treatment*** |
| --- | --- |
| Tor Browser (Javascript enabled) | access permitted |
@ -162,7 +113,6 @@ This access inequality is a network neutrality abuse and an abuse of power.
| w3m | access denied |
| wget | access denied |
"_Why not use Audio button to solve easy challenge?_"
Yes, there is an audio button, but it _always_ [doesn't work over Tor](https://trac.torproject.org/projects/tor/ticket/23840). You will get this message when you click it:
@ -176,19 +126,13 @@ For more details visit our help page
</details>
---
<details>
<summary>_click me_
## Voter suppression
</summary>
<summary><h3>Voter suppression</h3></summary>
Voters in US states register to vote ultimately through the state secretary's website in the state of their residence.
Republican-controlled state secretary offices engage in voter suppression by proxying the state secretary's website through Cloudflare.
Cloudflare's hostile treatment of Tor users, its MITM position as a centralized global point of surveillance, and its detrimental role overall
makes prospective voters reluctant to register. Liberals in particular tend to embrace privacy. Voter registration forms collect sensitive information about a voter's political leaning, personal physical address, social security number, and date of birth.
makes prospective voters reluctant to register. Liberals in particular tend to embrace privacy. Voter registration forms collect sensitive information about a voter's political leaning, personal physical address, social security number, and date of birth.
Most states only make a subset of that information publicly available, but Cloudflare sees ***all*** that information when someone registers to vote.
Note that paper registration does not circumvent Cloudflare because the secretary of state data entry staff workers will likely use the
@ -209,14 +153,8 @@ Unfortunately, many people cannot view change.org at all due to Cloudflare's agg
</details>
---
<details>
<summary>_click me_
## Ignoring user's preference
</summary>
<summary><h3>Ignoring user's preference</h3></summary>
If you opt-out something, you expect that you receive no email about it. Cloudflare ignore user's preference and share data with third-party corporations [without customer's consent](https://twitter.com/thexpaw/status/1108424723233419264). If you're using their free plan, they sometimes send email to you asking to buy monthly subscription.
@ -224,14 +162,8 @@ If you opt-out something, you expect that you receive no email about it. Cloudfl
</details>
---
<details>
<summary>_click me_
## Lying about deleting user's data
</summary>
<summary><h3>Lying about deleting user's data</summary>
According to this [ex-cloudflare customer's blog](https://shkspr.mobi/blog/2019/11/can-you-trust-cloudflare-with-your-personal-data/), Cloudflare is lying about deleting accounts. Nowadays, many [companies keep your data](https://justdeleteme.xyz/) after you've closed or removed your account. Most of good companies do mention about it in their privacy policy. Cloudflare? No.
@ -254,14 +186,8 @@ How can you trust Cloudflare if [their privacy policy is a LIE](https://twitter.
</details>
---
<details>
<summary>_click me_
## Keep your personal information
</summary>
<summary><h3>Keep your personal information</h3></summary>
Deleting Cloudflare account is [hard level](https://justdeleteme.xyz/).
@ -279,7 +205,6 @@ You will [receive this confirmation email](https://twitter.com/originalesushi/st
Can you "trust" this?
- How to cancel your Cloudflare account
1. Login to your [Cloudflare dashboard](https://dash.cloudflare.com/).
@ -292,31 +217,20 @@ Can you "trust" this?
8. _Wait several days._
9. You will get a message: "We have successfully deleted your account"
</details>
---
<details>
<summary>_click me_
## Cancelled subscription, got barrage of emails
</summary>
<summary><h3>Cancelled subscription, got barrage of emails</h3></summary>
The user cancelled his stream subscription and now he gets email reminders every day to remind him about cancelled subscription.
There is no unsubscribe button. How do you make this stop?
![](../image/barrageemailcancelsubscription.jpg)
[![](../image/barrageemailcancelsubscription.jpg)](https://web.archive.org/web/20210412165334/https://twitter.com/JohnHaldson/status/1381651569247088650)
Cloudflare told this user to contact support and ask all your contents to be deleted.
- [t](https://web.archive.org/web/20210412165334/https://twitter.com/JohnHaldson/status/1381651569247088650)
</details>
---
## Other information
- [Joseph Sullivan (Joe Sullivan)](../cloudflare_inc/cloudflare_members.md) ([Cloudflare CSO](https://twitter.com/eastdakota/status/1296522269313785862))
@ -324,16 +238,12 @@ Cloudflare told this user to contact support and ask all your contents to be del
- [Former Chief Security Officer For Uber Charged With Obstruction Of Justice](https://www.justice.gov/usao-ndca/pr/former-chief-security-officer-uber-charged-obstruction-justice)
```
Sullivan took to allegedly cover it up, including making the $100,000 payout
under Uber's "bug bounty" program.
Sullivan took to allegedly cover it up, including making the $100,000 payout under Uber's "bug bounty" program.
```
---
## Please continue to next page: "[What you can do to resist Cloudflare?](en.action.md)
## Please continue to next page: "[What you can do to resist Cloudflare?](en.action.md)
| 🖼 | 🖼 |
| 🖼 | 🖼 |
| --- | --- |
| ![](../image/cfcommunity_ban.jpg) | ![](../image/censor_cloudflare_blogcomment.jpg) |

144
readme/en.md
View File

@ -1,88 +1,67 @@
# 👋 [_Non-English_ versions](http://crimeflare.eu.org)
<br><br><br><br><br><br><br>
---
# The Great Cloudwall
![](../image/itsreallythatbad.jpg)
![](../image/telegram/c81238387627b4bfd3dcd60f56d41626.jpg)
---
## Stop Cloudflare
| 🖹 | 🖼 |
| 🖹 | 🖼 |
| --- | --- |
| “The Great Cloudwall” is [Cloudflare Inc.](https://www.cloudflare.com/), the [U.S. company](https://en.wikipedia.org/wiki/Cloudflare). It is providing [CDN](https://en.wikipedia.org/wiki/Content_delivery_network)(content delivery network) services, [DDoS mitigation](https://en.wikipedia.org/wiki/DDoS_mitigation), [Internet security](https://en.wikipedia.org/wiki/Internet_security), and distributed [DNS](https://en.wikipedia.org/wiki/Domain_Name_System)(domain name server) services. | ![](../image/cloudflaredearuser.jpg) |
| Cloudflare is the [world's](https://almanac.httparchive.org/en/2019/cdn) [largest](https://w3techs.com/technologies/history_overview/proxy) MITM proxy([reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy)). Cloudflare owns [more than 80% of CDN market](https://w3techs.com/technologies/history_overview/proxy) share and the number of [cloudflare users](../cloudflare_users/) are growing each day. [They](../cloudflare_inc/cloudflare_members.md) have expanded their network to more than [100 countries](https://blog.cloudflare.com/cloudflare-network-expands-to-more-than-100-countries/). Cloudflare serves [more web traffic](https://wp-rocket.me/blog/cloudflare-use-not/) than [Twitter](https://en.wikipedia.org/wiki/Twitter), [Amazon](https://en.wikipedia.org/wiki/Amazon_(company)), [Apple](https://en.wikipedia.org/wiki/Apple_Inc.), [Instagram](https://en.wikipedia.org/wiki/Instagram), [Bing](https://en.wikipedia.org/wiki/Bing_(search_engine)) & [Wikipedia](https://en.wikipedia.org/wiki/Wikipedia) combined. Cloudflare is offering [free plan](https://www.cloudflare.com/plans/) and many people are using it instead of configuring their servers properly. They traded [privacy](https://en.wikipedia.org/wiki/Privacy) over [convenience](https://news.netcraft.com/archives/2013/10/07/phishers-using-cloudflare-for-ssl.html). | ![](../image/cfmarketshare.jpg) |
| Cloudflare sits between you and origin web server, acting like a [border patrol agent](https://www.cbp.gov/careers/bpa). You are not able to connect to your chosen destination. You are connecting to Cloudflare and all your information is being decrypted and handed over on the fly. Cloudflare has a [global view](https://web.archive.org/web/20210730102406/https://blog.cloudflare.com/crawler-hints-how-cloudflare-is-reducing-the-environmental-impact-of-web-searches/) into the traffic of the Internet, and they observe the traffic flowing to and from them continuously. | ![](../image/border_patrol.jpg) |
| The origin web server administrator allowed the agent — Cloudflare — to decide [who can access](https://web.archive.org/web/https://gitlab.com/iblech/tor-appeal/issues/1) to their “_web property_” and define “_restricted area_”. | ![](../image/usershoulddecide.jpg) |
| Take a look at the right image. You will think Cloudflare block _only_ [bad guys](https://en.wikipedia.org/wiki/Black_hat_(computer_security)). You will think _Cloudflare is always online(never go [down](https://twitter.com/bengoldacre/status/1146058200887648258))_. Furthermore, You will think _legit bots and [crawlers](https://en.wikipedia.org/wiki/Web_crawler) can index your website_. | ![](../image/howcfwork.jpg) |
| However, [those are not true](../PEOPLE.md) at all. Cloudflare is blocking innocent people with no reason. Cloudflare [can go down](../HISTORY.md#user-content-cloudflare-incidents). Cloudflare blocks legit bots. | ![](../image/cfdowncfcom.jpg) |
| Just like any [hosting service](https://en.wikipedia.org/wiki/Web_hosting_service), Cloudflare is not perfect. You will see this screen [even if the origin server is working well](../PEOPLE.md). | ![](../image/cfdown2019.jpg) |
| Do you really think Cloudflare has 100% [uptime](https://en.wikipedia.org/wiki/Uptime)? [You have no idea](../PEOPLE.md) [how many times](../HISTORY.md#cloudflare-incidents) Cloudflare [goes down](https://www.zerohedge.com/markets/major-part-web-offline-cloudflare-suffers-outage). If Cloudflare goes down, your customer cannot access your website. | ![](../image/cloudflareinternalerror.jpg)<br>![](../image/cloudflareoutage-2020.jpg) |
| It is called this in reference to the [Great Firewall of China](https://www.comparitech.com/privacy-security-tools/blockedinchina/) which does a comparable job of [filtering out many humans](../PEOPLE.md) from seeing web content (i.e., everyone in [mainland China](https://en.wikipedia.org/wiki/China) and people outside) while at the same time those not affected to see a drastically different web, a web free of [censorship](https://en.wikipedia.org/wiki/Internet_censorship) such as an image of [“tank man”](https://en.wikipedia.org/wiki/Tank_Man) and the history of [“Tiananmen Square protests”](https://en.wikipedia.org/wiki/1989_Tiananmen_Square_protests#Censorship_in_China). | ![](../image/cloudflarechina.jpg) |
| Cloudflare possesses [great power](https://web.archive.org/web/20220329115719/https://digdeeper.neocities.org/ghost/mozilla.html). In a sense, they control what the end user ultimately [sees](../image/cloudflare_withprivaon.mp4). You are prevented from browsing the website because of Cloudflare. | ![](../image/onemorestep.jpg) |
| Cloudflare can be used for censorship. | ![](../image/accdenied.jpg) |
| You cannot view cloudflared website if you are using minor browser, which Cloudflare may think it is a bot(because not many people use it). | ![](../image/cfublock.jpg) |
| You cannot pass this invasive “browser check” without enabling JavaScript. This is a waste of five(or more) seconds of your valuable life. | ![](../image/omsjsck.jpg) |
| Cloudflare also [automatically](https://twitter.com/itsybitsydots/status/1212691131508477952) [block](../PEOPLE.md) legit robots/crawlers such as Google, Yandex, Yacy, and [API clients](../PEOPLE.md). Cloudflare is actively [monitoring](../PEOPLE.md) “bypass cloudflare” community with an intent to break legit research bots. | ![](../image/cftestgoogle.jpg)<br>![](../image/htmlalertcloudflare2.jpg) |
| Cloudflare similarly prevents many people who have poor internet connectivity from accessing the websites behind it (for example, they could be behind 7+ layers of NAT or sharing the same IP, for example public Wi-Fi) unless they solve multiple image CAPTCHAs. In some cases, [this will take 10 to 30 minutes to satisfy Google](https://trac.torproject.org/projects/tor/ticket/23840). | ![](../image/googlerecaptcha.jpg) |
| In the year 2020 Cloudflare switched from [Google's reCAPTCHA](https://en.wikipedia.org/wiki/Recaptcha) to [hCaptcha](https://en.wikipedia.org/wiki/HCaptcha) as Google [intends to charge](https://professionalhackers.in/cloudflare-dumps-recaptcha-as-google-intends-to-charge-for-its-use/) for its use. Cloudflare told you they care in your privacy([“it helps address a privacy concern”](https://blog.cloudflare.com/moving-from-recaptcha-to-hcaptcha/)) but this is obviously a lie. It is all about money. "[hCaptcha](https://www.hcaptcha.com/) allows websites to make money serving this demand while blocking bots and other forms of abuse" | ![](../image/fedup_fucking_hcaptcha.jpg)<br>![](../image/hcaptchablockchain.jpg) |
| From user's perspective, this doesn't change much. You are being forced to solve it. | ![](../image/hcaptcha_abrv.jpg)<br>![](../image/hcaptcha_chrome.jpg) |
| Many humans and software are being blocked by Cloudflare [every day](../PEOPLE.md). | ![](../image/omsnote.jpg) |
| Cloudflare [annoys many people](../PEOPLE.md) around the world. Take a look at the [list](../PEOPLE.md) and think whether adopting Cloudflare on your site is good for user experience. | ![](../image/omsstream.jpg) |
| What is the purpose of the internet if you cannot do what you want? Most people who visit your website will just look for other pages if they [can't load](https://www.hostingmanual.net/3-seconds-how-website-speed-impacts-visitors-sales/) a webpage. You may be not blocking any visitors, but Cloudflare's default firewall is strict enough to block many people. | ![](../image/omsdroid.jpg)<br>![](../image/omsappl.jpg) |
| There is no way to solve the captcha without enabling JavaScript and Cookies. Cloudflare is [using them](../PEOPLE.md) to make a browser signature to [identify](https://cryptome.org/2016/07/cloudflare-de-anons-tor.htm) [you](../PEOPLE.md). Cloudflare needs to know your identity to decide whether you are eligible to continue browsing the site. | ![](../image/cferr1010bsig.jpg)<br>![](../image/omsredjs.jpg) |
| [Tor users](https://www.torproject.org/) and [VPN users](https://airvpn.org/topic/23090-cloudflare-often-bans-my-ip-address/) are also a [victim](https://blog.torproject.org/trouble-cloudflare) of Cloudflare. Both solutions are being used by many people who cannot afford uncensored internet due to their country/corporation/network policy or who wants to add an extra layer to protect their privacy. Cloudflare is shamelessly attacking those people, forcing them to turn off their proxy solution. | ![](../image/banvpn2.jpg) |
| If you didn't try Tor until this moment, we encourage you to [download Tor Browser](https://www.torproject.org/) and visit your favorite websites. (advice: _Do not log in to your bank website or government webpage, or they will flag your account. [Use VPN](https://www.vpngate.net/en/) for those websites._) | ![](../image/banvpn.jpg) |
| You might want to say, “_Tor is illegal! Tor users are criminal! Tor is bad!_”. No. You might learn about Tor from television, saying Tor can be used to browse [darknet](https://en.wikipedia.org/wiki/Darknet) and trade guns, drugs or [child porn](https://en.wikipedia.org/wiki/Child_sexual_abuse_material). While above statement is true that there are many market websites where you can buy such items, those sites are often appear on clearnet too. | ![](../image/whousetor.jpg) |
| Tor _was_ [developed by US Army](https://www.nrl.navy.mil/itd/chacs/dingledine-tor-second-generation-onion-router), but current Tor is developed by the [Tor project](https://www.torproject.org/). There are many people and organizations [who use Tor](https://blog.torproject.org/tor-misused-criminals), including your future friends. So, if you are using Cloudflare on your website, you are blocking _real_ humans. You will lose a potential friendship and business deal. | ![](../image/iusetor_alith.jpg) |
| And their DNS service, [1.1.1.1](https://1.1.1.1/), is also filtering out users from visiting the website by returning [fake](https://trac.torproject.org/projects/tor/ticket/32915) IP address [owned by Cloudflare](https://www.reddit.com/r/CloudFlare/comments/hiqm4u/no_cloudflare_website_is_loading/), localhost IP such as “127.0.0.x”, or just return nothing. | ![](../image/cferr1016.jpg)<br>![](../image/cferr1016sp.jpg) |
| Cloudflare DNS also [break](https://twitter.com/bowranger/status/1213031783576428550) [online](https://twitter.com/jb510/status/1212521533907668992) [software](https://twitter.com/No_Style/status/1201525422795710466) [from](https://twitter.com/daemuth/status/1187758306535903233) [smartphone](https://twitter.com/gregortorrence/status/1183102089439805441) [app](https://www.reddit.com/r/CloudFlare/comments/gmfm4i/us_bank_website_is_not_in_cloudflare_dns/) [to computer game because of their fake DNS answer](../PEOPLE.md). Cloudflare DNS [cannot query](../PEOPLE.md) some bank websites. | ![](../image/cfdnsprob.jpg)<br>![](../image/dnsfailtest.jpg) |
| And here you might think,<br>"_I am not using Tor or VPN, why should I care?_"<br>"_I trust Cloudflare marketing, why should I care_"<br>"_My website is HTTPS, why should I care_" | ![](../image/annoyed.jpg) |
| If you visit website which use Cloudflare, you are sharing your information not only to website owner _but also Cloudflare_. This is how the [reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy) works. | ![](../image/prism_gfe.jpg) |
| It is impossible to [analyze](https://blog.cloudflare.com/the-csam-scanning-tool/) without [decrypting TLS traffic](https://github.com/nym-zone/block_cloudflare_mitm_fx/issues/15#issuecomment-354773389). | ![](../image/cfhelp204144518.jpg) |
| Cloudflare knows all your data such as raw password. | ![](../image/cfhelpforum.jpg) |
| [Cloudbeed](https://en.wikipedia.org/wiki/Cloudbleed) can happen anytime. | ![](../image/cfbloghtmledit.jpg) |
| Cloudflare's HTTPS is never end-to-end. | ![](../image/sniff2.gif) |
| Do you really want to share your data with Cloudflare, and also 3-letter agency? | ![](../image/cfstrengthdata.jpg) |
| Internet user's online profile is a “product” that the government and big tech companies wants to buy. | ![](../image/federalinterest.jpg) |
| U.S. [Department of Homeland Security](https://www.dhs.gov/) said:<br><br>“Do you have any idea how valuable the data you have is? Is there any way you would sell us that data?” | ![](../image/dhssaid.jpg) |
| Cloudflare also offer _FREE_ VPN service called "[Cloudflare Warp](https://blog.cloudflare.com/1111-warp-better-vpn/)". If you use it, all your smartphone ([or your computer](https://techniapps.com/2019/09/26/download-cloudflare-warp-vpn-for-pc-windows-10-mac/)) connections are sent to Cloudflare servers. Cloudflare can know which website you've read, what comment you've posted, who you've talked to, etc. You are voluntary giving [all your information](https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-478686469) to Cloudflare. If you think "_Are you joking? Cloudflare is secure._" then you need to learn how [VPN works](https://en.wikipedia.org/wiki/VPN). | ![](../image/howvpnwork.jpg) |
| Cloudflare said their VPN service make your internet [fast](https://www.wired.com/story/cloudflare-says-new-vpn-service-wont-slow-you-down/). But VPN make your internet connection _slower_ than [your](https://twitter.com/ExYakuza/status/1182317536089526273) [existing](https://twitter.com/waddling/status/1177615384616325120) [connection](https://techcrunch.com/2019/04/01/cloudflares-warp-is-a-vpn-that-might-actually-make-your-mobile-connection-better/). | ![](../image/notfastervpn.jpg) |
| You might already know about the [PRISM](https://en.wikipedia.org/wiki/PRISM_(surveillance_program)) scandal. It is true that [AT&T](https://en.wikipedia.org/wiki/AT%26T) lets [NSA](https://en.wikipedia.org/wiki/National_Security_Agency) [copy all internet data](https://www.cnet.com/news/at-t-lets-nsa-hide-and-surveil-in-plain-sight-the-intercept-reports/) for surveillance. | ![](../image/prismattnsa.jpg) |
| Let's say you're working at the NSA, and you want _every citizen's internet profile_. You know most of them are [blindly trusting Cloudflare](https://twitter.com/search?q=Cloudflare&f=live) and using it - only one centralized gateway - to proxy their company server connection([SSH](https://blog.cloudflare.com/public-keys-are-not-enough-for-ssh-security/)/[RDP](https://blog.cloudflare.com/cloudflare-access-now-supports-rdp/)), [emails](https://developers.cloudflare.com/email-routing/), personal website, chat website, forum website, bank website, insurance website, search engine, secret member-only website, auction website, [shopping](https://www.cloudflare.com/case-studies/shopify-powering-the-biggest-shopping-weekend-of-the-year/), video website, [game website](../image/README.md), NSFW website, and illegal website. You also know they use Cloudflare's DNS service ("_1.1.1.1_") and VPN service ("_Cloudflare Warp_") for "_Secure! Faster! Better!_" internet experience. Combining them with user's IP address, browser [fingerprint](https://github.com/VeNoMouS/cloudscraper/issues/209#issuecomment-624853689), cookies and RAY-ID will be useful to build target's online profile. | ![](../image/edw_snow.jpg)<br>![](../image/peopledonotthink.jpg) |
| You want their data. [What will you do](https://www.reddit.com/r/privacy/comments/1gb0pa/how_prism_actually_works_1520_att_fiber_optic/)? | ![](../image/nsaslide_prismcorp.gif) |
| **Cloudflare is a honeypot.** | ![](../image/honeypot.gif) |
| **Free honey for everyone. _Some_ strings attached.** | ![](../image/iminurtls.jpg) |
| **Do not use Cloudflare.** | ![](../image/shadycloudflare.jpg) |
| **Decentralize the internet.** | ![](../image/cfisnotanoption.jpg) |
| “The Great Cloudwall” is [Cloudflare Inc.](https://www.cloudflare.com/), the [U.S. company](https://en.wikipedia.org/wiki/Cloudflare). It is providing [CDN](https://en.wikipedia.org/wiki/Content_delivery_network)(content delivery network) services, [DDoS mitigation](https://en.wikipedia.org/wiki/DDoS_mitigation), [Internet security](https://en.wikipedia.org/wiki/Internet_security), and distributed [DNS](https://en.wikipedia.org/wiki/Domain_Name_System)(domain name server) services. | ![](../image/cloudflaredearuser.jpg) |
| Cloudflare is the [world's](https://almanac.httparchive.org/en/2019/cdn) [largest](https://w3techs.com/technologies/history_overview/proxy) MITM proxy([reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy)). Cloudflare owns [more than 80% of CDN market](https://w3techs.com/technologies/history_overview/proxy) share and the number of [cloudflare users](../cloudflare_users/) are growing each day. [They](../cloudflare_inc/cloudflare_members.md) have expanded their network to more than [100 countries](https://blog.cloudflare.com/cloudflare-network-expands-to-more-than-100-countries/). Cloudflare serves [more web traffic](https://wp-rocket.me/blog/cloudflare-use-not/) than [Twitter](https://en.wikipedia.org/wiki/Twitter), [Amazon](https://en.wikipedia.org/wiki/Amazon_(company)), [Apple](https://en.wikipedia.org/wiki/Apple_Inc.), [Instagram](https://en.wikipedia.org/wiki/Instagram), [Bing](https://en.wikipedia.org/wiki/Bing_(search_engine)) & [Wikipedia](https://en.wikipedia.org/wiki/Wikipedia) combined. Cloudflare is offering [free plan](https://www.cloudflare.com/plans/) and many people are using it instead of configuring their servers properly. They traded [privacy](https://en.wikipedia.org/wiki/Privacy) over [convenience](https://news.netcraft.com/archives/2013/10/07/phishers-using-cloudflare-for-ssl.html). | ![](../image/cfmarketshare.jpg) |
| Cloudflare sits between you and origin web server, acting like a [border patrol agent](https://www.cbp.gov/careers/bpa). You are not able to connect to your chosen destination. You are connecting to Cloudflare and all your information is being decrypted and handed over on the fly. Cloudflare has a [global view](https://web.archive.org/web/20210730102406/https://blog.cloudflare.com/crawler-hints-how-cloudflare-is-reducing-the-environmental-impact-of-web-searches/) into the traffic of the Internet, and they observe the traffic flowing to and from them continuously. | ![](../image/border_patrol.jpg) |
| The origin web server administrator allowed the agent — Cloudflare — to decide [who can access](https://web.archive.org/web/https://gitlab.com/iblech/tor-appeal/issues/1) to their “_web property_” and define “_restricted area_”. | ![](../image/usershoulddecide.jpg) |
| Take a look at the right image. You will think Cloudflare block _only_ [bad guys](https://en.wikipedia.org/wiki/Black_hat_(computer_security)). You will think _Cloudflare is always online(never go [down](https://twitter.com/bengoldacre/status/1146058200887648258))_. Furthermore, You will think _legit bots and [crawlers](https://en.wikipedia.org/wiki/Web_crawler) can index your website_. | ![](../image/howcfwork.jpg) |
| However, [those are not true](../PEOPLE.md) at all. Cloudflare is blocking innocent people with no reason. Cloudflare [can go down](../HISTORY.md#user-content-cloudflare-incidents). Cloudflare blocks legit bots. | ![](../image/cfdowncfcom.jpg) |
| Just like any [hosting service](https://en.wikipedia.org/wiki/Web_hosting_service), Cloudflare is not perfect. You will see this screen [even if the origin server is working well](../PEOPLE.md). | ![](../image/cfdown2019.jpg) |
| Do you really think Cloudflare has 100% [uptime](https://en.wikipedia.org/wiki/Uptime)? [You have no idea](../PEOPLE.md) [how many times](../HISTORY.md#cloudflare-incidents) Cloudflare [goes down](https://www.zerohedge.com/markets/major-part-web-offline-cloudflare-suffers-outage). If Cloudflare goes down, your customer cannot access your website. | ![](../image/cloudflareinternalerror.jpg)<br>![](../image/cloudflareoutage-2020.jpg) |
| It is called this in reference to the [Great Firewall of China](https://www.comparitech.com/privacy-security-tools/blockedinchina/) which does a comparable job of [filtering out many humans](../PEOPLE.md) from seeing web content (i.e., everyone in [mainland China](https://en.wikipedia.org/wiki/China) and people outside) while at the same time those not affected to see a drastically different web, a web free of [censorship](https://en.wikipedia.org/wiki/Internet_censorship) such as an image of [“tank man”](https://en.wikipedia.org/wiki/Tank_Man) and the history of [“Tiananmen Square protests”](https://en.wikipedia.org/wiki/1989_Tiananmen_Square_protests#Censorship_in_China). | ![](../image/cloudflarechina.jpg) |
| Cloudflare possesses [great power](https://web.archive.org/web/20220329115719/https://digdeeper.neocities.org/ghost/mozilla.html). In a sense, they control what the end user ultimately [sees](../image/cloudflare_withprivaon.mp4). You are prevented from browsing the website because of Cloudflare. | ![](../image/onemorestep.jpg) |
| Cloudflare can be used for censorship. | ![](../image/accdenied.jpg) |
| You cannot view cloudflared website if you are using minor browser, which Cloudflare may think it is a bot(because not many people use it). | ![](../image/cfublock.jpg) |
| You cannot pass this invasive “browser check” without enabling JavaScript. This is a waste of five(or more) seconds of your valuable life. | ![](../image/omsjsck.jpg) |
| Cloudflare also [automatically](https://twitter.com/itsybitsydots/status/1212691131508477952) [block](../PEOPLE.md) legit robots/crawlers such as Google, Yandex, Yacy, and [API clients](../PEOPLE.md). Cloudflare is actively [monitoring](../PEOPLE.md) “bypass cloudflare” community with an intent to break legit research bots. | ![](../image/cftestgoogle.jpg)<br>![](../image/htmlalertcloudflare2.jpg) |
| Cloudflare similarly prevents many people who have poor internet connectivity from accessing the websites behind it (for example, they could be behind 7+ layers of NAT or sharing the same IP, for example public Wi-Fi) unless they solve multiple image CAPTCHAs. In some cases, [this will take 10 to 30 minutes to satisfy Google](https://trac.torproject.org/projects/tor/ticket/23840). | ![](../image/googlerecaptcha.jpg) |
| In the year 2020 Cloudflare switched from [Google's reCAPTCHA](https://en.wikipedia.org/wiki/Recaptcha) to [hCaptcha](https://en.wikipedia.org/wiki/HCaptcha) as Google [intends to charge](https://professionalhackers.in/cloudflare-dumps-recaptcha-as-google-intends-to-charge-for-its-use/) for its use. Cloudflare told you they care in your privacy([“it helps address a privacy concern”](https://blog.cloudflare.com/moving-from-recaptcha-to-hcaptcha/)) but this is obviously a lie. It is all about money. "[hCaptcha](https://www.hcaptcha.com/) allows websites to make money serving this demand while blocking bots and other forms of abuse" | ![](../image/fedup_fucking_hcaptcha.jpg)<br>![](../image/hcaptchablockchain.jpg) |
| From user's perspective, this doesn't change much. You are being forced to solve it. | ![](../image/hcaptcha_abrv.jpg)<br>![](../image/hcaptcha_chrome.jpg) |
| Many humans and software are being blocked by Cloudflare [every day](../PEOPLE.md). | ![](../image/omsnote.jpg) |
| Cloudflare [annoys many people](../PEOPLE.md) around the world. Take a look at the [list](../PEOPLE.md) and think whether adopting Cloudflare on your site is good for user experience. | ![](../image/omsstream.jpg) |
| What is the purpose of the internet if you cannot do what you want? Most people who visit your website will just look for other pages if they [can't load](https://www.hostingmanual.net/3-seconds-how-website-speed-impacts-visitors-sales/) a webpage. You may be not blocking any visitors, but Cloudflare's default firewall is strict enough to block many people. | ![](../image/omsdroid.jpg)<br>![](../image/omsappl.jpg) |
| There is no way to solve the captcha without enabling JavaScript and Cookies. Cloudflare is [using them](../PEOPLE.md) to make a browser signature to [identify](https://cryptome.org/2016/07/cloudflare-de-anons-tor.htm) [you](../PEOPLE.md). Cloudflare needs to know your identity to decide whether you are eligible to continue browsing the site. | ![](../image/cferr1010bsig.jpg)<br>![](../image/omsredjs.jpg) |
| [Tor users](https://www.torproject.org/) and [VPN users](https://airvpn.org/topic/23090-cloudflare-often-bans-my-ip-address/) are also a [victim](https://blog.torproject.org/trouble-cloudflare) of Cloudflare. Both solutions are being used by many people who cannot afford uncensored internet due to their country/corporation/network policy or who wants to add an extra layer to protect their privacy. Cloudflare is shamelessly attacking those people, forcing them to turn off their proxy solution. | ![](../image/banvpn2.jpg) |
| If you didn't try Tor until this moment, we encourage you to [download Tor Browser](https://www.torproject.org/) and visit your favorite websites. (advice: _Do not log in to your bank website or government webpage, or they will flag your account. [Use VPN](https://www.vpngate.net/en/) for those websites._) | ![](../image/banvpn.jpg) |
| You might want to say, “_Tor is illegal! Tor users are criminal! Tor is bad!_”. No. You might learn about Tor from television, saying Tor can be used to browse [darknet](https://en.wikipedia.org/wiki/Darknet) and trade guns, drugs or [child porn](https://en.wikipedia.org/wiki/Child_sexual_abuse_material). While above statement is true that there are many market websites where you can buy such items, those sites are often appear on clearnet too. | ![](../image/whousetor.jpg) |
| Tor _was_ [developed by US Army](https://www.nrl.navy.mil/itd/chacs/dingledine-tor-second-generation-onion-router), but current Tor is developed by the [Tor project](https://www.torproject.org/). There are many people and organizations [who use Tor](https://blog.torproject.org/tor-misused-criminals), including your future friends. So, if you are using Cloudflare on your website, you are blocking _real_ humans. You will lose a potential friendship and business deal. | ![](../image/iusetor_alith.jpg) |
| And their DNS service, [1.1.1.1](https://1.1.1.1/), is also filtering out users from visiting the website by returning [fake](https://trac.torproject.org/projects/tor/ticket/32915) IP address [owned by Cloudflare](https://www.reddit.com/r/CloudFlare/comments/hiqm4u/no_cloudflare_website_is_loading/), localhost IP such as “127.0.0.x”, or just return nothing. | ![](../image/cferr1016.jpg)<br>![](../image/cferr1016sp.jpg) |
| Cloudflare DNS also [break](https://twitter.com/bowranger/status/1213031783576428550) [online](https://twitter.com/jb510/status/1212521533907668992) [software](https://twitter.com/No_Style/status/1201525422795710466) [from](https://twitter.com/daemuth/status/1187758306535903233) [smartphone](https://twitter.com/gregortorrence/status/1183102089439805441) [app](https://www.reddit.com/r/CloudFlare/comments/gmfm4i/us_bank_website_is_not_in_cloudflare_dns/) [to computer game because of their fake DNS answer](../PEOPLE.md). Cloudflare DNS [cannot query](../PEOPLE.md) some bank websites. | ![](../image/cfdnsprob.jpg)<br>![](../image/dnsfailtest.jpg) |
| And here you might think,<br>"_I am not using Tor or VPN, why should I care?_"<br>"_I trust Cloudflare marketing, why should I care_"<br>"_My website is HTTPS, why should I care_" | ![](../image/annoyed.jpg) |
| If you visit website which use Cloudflare, you are sharing your information not only to website owner _but also Cloudflare_. This is how the [reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy) works. | ![](../image/prism_gfe.jpg) |
| It is impossible to [analyze](https://blog.cloudflare.com/the-csam-scanning-tool/) without [decrypting TLS traffic](https://github.com/nym-zone/block_cloudflare_mitm_fx/issues/15#issuecomment-354773389). | ![](../image/cfhelp204144518.jpg) |
| Cloudflare knows all your data such as raw password. | ![](../image/cfhelpforum.jpg) |
| [Cloudbeed](https://en.wikipedia.org/wiki/Cloudbleed) can happen anytime. | ![](../image/cfbloghtmledit.jpg) |
| Cloudflare's HTTPS is never end-to-end. | ![](../image/sniff2.gif) |
| Do you really want to share your data with Cloudflare, and also 3-letter agency? | ![](../image/cfstrengthdata.jpg) |
| Internet user's online profile is a “product” that the government and big tech companies wants to buy. | ![](../image/federalinterest.jpg) |
| U.S. [Department of Homeland Security](https://www.dhs.gov/) said:<br><br>“Do you have any idea how valuable the data you have is? Is there any way you would sell us that data?” | ![](../image/dhssaid.jpg) |
| Cloudflare also offer _FREE_ VPN service called "[Cloudflare Warp](https://blog.cloudflare.com/1111-warp-better-vpn/)". If you use it, all your smartphone ([or your computer](https://techniapps.com/2019/09/26/download-cloudflare-warp-vpn-for-pc-windows-10-mac/)) connections are sent to Cloudflare servers. Cloudflare can know which website you've read, what comment you've posted, who you've talked to, etc. You are voluntary giving [all your information](https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-478686469) to Cloudflare. If you think "_Are you joking? Cloudflare is secure._" then you need to learn how [VPN works](https://en.wikipedia.org/wiki/VPN). | ![](../image/howvpnwork.jpg) |
| Cloudflare said their VPN service make your internet [fast](https://www.wired.com/story/cloudflare-says-new-vpn-service-wont-slow-you-down/). But VPN make your internet connection _slower_ than [your](https://twitter.com/ExYakuza/status/1182317536089526273) [existing](https://twitter.com/waddling/status/1177615384616325120) [connection](https://techcrunch.com/2019/04/01/cloudflares-warp-is-a-vpn-that-might-actually-make-your-mobile-connection-better/). | ![](../image/notfastervpn.jpg) |
| You might already know about the [PRISM](https://en.wikipedia.org/wiki/PRISM_(surveillance_program)) scandal. It is true that [AT&T](https://en.wikipedia.org/wiki/AT%26T) lets [NSA](https://en.wikipedia.org/wiki/National_Security_Agency) [copy all internet data](https://www.cnet.com/news/at-t-lets-nsa-hide-and-surveil-in-plain-sight-the-intercept-reports/) for surveillance. | ![](../image/prismattnsa.jpg) |
| Let's say you're working at the NSA, and you want _every citizen's internet profile_. You know most of them are [blindly trusting Cloudflare](https://twitter.com/search?q=Cloudflare&f=live) and using it - only one centralized gateway - to proxy their company server connection([SSH](https://blog.cloudflare.com/public-keys-are-not-enough-for-ssh-security/)/[RDP](https://blog.cloudflare.com/cloudflare-access-now-supports-rdp/)), [emails](https://developers.cloudflare.com/email-routing/), personal website, chat website, forum website, bank website, insurance website, search engine, secret member-only website, auction website, [shopping](https://www.cloudflare.com/case-studies/shopify-powering-the-biggest-shopping-weekend-of-the-year/), video website, [game website](../image/README.md), NSFW website, and illegal website. You also know they use Cloudflare's DNS service ("_1.1.1.1_") and VPN service ("_Cloudflare Warp_") for "_Secure! Faster! Better!_" internet experience. Combining them with user's IP address, browser [fingerprint](https://github.com/VeNoMouS/cloudscraper/issues/209#issuecomment-624853689), cookies and RAY-ID will be useful to build target's online profile. | ![](../image/edw_snow.jpg)<br>![](../image/peopledonotthink.jpg) |
| You want their data. [What will you do](https://www.reddit.com/r/privacy/comments/1gb0pa/how_prism_actually_works_1520_att_fiber_optic/)? | ![](../image/nsaslide_prismcorp.gif) |
| **Cloudflare is a honeypot.** | ![](../image/honeypot.gif) |
| **Free honey for everyone. _Some_ strings attached.** | ![](../image/iminurtls.jpg) |
| **Do not use Cloudflare.** | ![](../image/shadycloudflare.jpg) |
| **Decentralize the internet.** | ![](../image/cfisnotanoption.jpg) |
---
## Please continue to next page: "[Cloudflare Ethics](en.ethics.md)"
---
## Please continue to next page: "[Cloudflare Ethics](en.ethics.md)"
<details>
<summary>_click me_
## Data & More Information
</summary>
<summary><h3>Data & More Information</h3></summary>
This repository is a list of websites that are behind "The Great Cloudwall", blocking Tor users and other CDNs.
**Data**
* [Cloudflare Inc.](../cloudflare_inc/)
* [Cloudflare Users](../cloudflare_users/)
@ -90,10 +69,8 @@ This repository is a list of websites that are behind "The Great Cloudwall", blo
* [Non-Cloudflare CDN users](../not_cloudflare/)
* [Anti-Tor users](../anti-tor_users/)
![](../image/goodorbad.jpg)
**More Information**
* **[☞ deCloudflare Subfiles ☜](../subfiles/README.md)**
* [The Great Cloudwall](../pdf/2019-Jeff_Cliff_Book1.txt), [Mr. Jeff Cliff](https://shitposter.club/users/jeffcliff)
@ -110,35 +87,20 @@ This repository is a list of websites that are behind "The Great Cloudwall", blo
![](../image/watcloudflare.jpg)
</details>
---
<details>
<summary>_click me_
## What can you do?
<summary><h3>What can you do?</h3>
</summary>
* [Read our list of recommended actions and share it with your friends.](en.action.md)
* [Read other user's voice and write your thoughts.](../PEOPLE.md)
* Search something: [Ombrelo](../subfiles/service.ombrelo.md)
* Update the domain list: [List instructions](../INSTRUCTION.md).
* [Add Cloudflare or project related event to history.](../HISTORY.md)
* [Try & write new Tool/Script.](../tool/)
* [Here's some PDF/ePUB to read.](../pdf/)
---
### About fake accounts
We know about the existence of fake accounts impersonating our official channels, be it Twitter, [Facebook](https://www.fsf.org/facebook), Mastodon, Github, Gitea, Patreon, OpenCollective, Villages etc.
@ -152,9 +114,6 @@ We never ask your social media.**
# DO NOT TRUST FAKE ACCOUNTS.
---
| 🖼 | 🖼 |
| --- | --- |
| ![](../image/wtfcf.jpg) | ![](../image/omsirl2.jpg) |
@ -163,9 +122,6 @@ We never ask your social media.**
</details>
---
![](../image/twe_lb.jpg)
![](../image/twe_dz.jpg)
@ -178,4 +134,4 @@ We never ask your social media.**
![](../image/eastdakota_1273277839102656515.jpg)
![](../image/stopcf.jpg) [🖼 Poster](../image/poster)
![](../image/stopcf.jpg) [🖼 Poster](../image/poster)