Comment by derektank

7 hours ago

Would love to know more about how Cloudflare plans to prevent abuse of ephemeral infrastructure to host malicious content. From elsewhere in their documentation, “Cloudflare limits how quickly you can create temporary preview accounts. If the Wrangler CLI cannot create an account because too many temporary preview accounts were requested too quickly, wait before retrying or authenticate the CLI with a permanent Cloudflare account,” and “Cloudflare applies additional abuse prevention checks to temporary preview accounts.”[1] This is a bit vague though. Creating a new account has never been a huge hurdle to overcome but this seems to reduce the barrier to entry even more.

[1] https://developers.cloudflare.com/workers/platform/claim-dep...

4 comments

derektank

Reply
gwittel  4 hours ago

Given how little they do now to stop malicious content hosted behind/by Cloudflare, the bare minimum if anything.

  • zuzululu  19 minutes ago

    Cloudflare support is pretty active and very responsive to incidents. Here's a token of appreciation.

rdtsc  7 hours ago

> Would love to know more about how Cloudflare plans to prevent abuse of ephemeral infrastructure to host malicious content

If it helps laugh DDoS attacks they would be incentivized to do the exact opposite. They can charge more for “protection” then.

  • TeMPOraL  2 hours ago

    DDoS is one thing you wouldn't be launching from Cloudflare, but if they can get enough types of other bot traffic (whether malicious or "legitimate" or just general grey zone) to use them as the starting point, it improves their error rates when dealing with bot traffic that didn't migrate.