Comment by arinlen
4 years ago
> WTF does that even mean?!?? What "integrity" is Cloudflare checking? Who are they to dictate what browsers are permitted to access websites or not?
If I'm a paying customer of Cloudflare, and I pay them to not only deliver my content to human users though Cloudflare's CDN but also ensure my content is not a target of DDOS, I expect and pay them to "dictate what browsers are permitted to access" my website.
I'd hate to have to pay up a hefty bill just because some random guy online whipped up a webscraping script to download huge volumes of data from my site.
but also ensure my content is not a target of DDOS, I expect and pay them to "dictate what browsers are permitted to access" my website.
But those two issues are orthogonal. Assuming a non-DDOS scenario, do you really want to keep users or specific browsers out just because of their choice of browser?
Anyway, the update from CF seems to clarify that they aren't just blindingly blocking specific User Agents for the most part, which strikes me as a Good Thing.
> But those two issues are orthogonal. Assuming a non-DDOS scenario, do you really want to keep users or specific browsers out just because of their choice of browser?
Yes, yes I want to prevent whole classes of user agents from downloading my content. I'm talking about user agents such as python scripts. Those clearly reflect traffic not from real users, and potentially malicious, and it makes absolutely no sense to fulfill the requests, let alone pay for it.
Sure, that makes sense. I was only speaking in terms of actual browsers.