Comment by gruez
3 days ago
>When you file an abuse ticket with CF, CF takes the route of "oh we are only routing the data and content, not hosting it" and will refuse to terminate the CF accounts of someone being malicious. Threat actors know this which is why so many use em.
Their abuse page says they forward abuse tickets to the origin hosting provider. The origin hosting provider could ignore your tickets, but I don't see how that's any different than if they didn't use cloudflare to begin with.
They still have the ability to terminate the accounts of the threat actors using their platform (which would fuck up their scam/spam/malicious campaigns) yet seem to not want to under their guise of "oh its not us".
If they're willing to go to those lengths for scum, imagine how far they'd go for legit customers that pay.
Scum can also be paying customers
1 reply →
Ok but why can’t they take responsibility for the abuse and terminate the accounts themselves, forcing the malicious actors back to being in a position of not being protected by cloudflare?
Before CF, there were no DDOS for hire services, because they all DDOSed each other offline.
Keeping them online generates more DDOSes, driving demand for CF’s DDOS protection product. Protecting such sites is a sound business strategy.
DDoS protection stops their site from going offline, it doesn't stop them from advertising their services on some obscure forum, which seems to be what they used to do and still do today.
My favourite CF conspiracy theory is that by terminating booters' SSL they know who will be DDoS'd, and when.