Comment by VladVladikoff

16 hours ago

I am not a fan of the growing trend that Cloudflare is the gatekeeper of the internet. Personally I will never support this company, or firewall any of my websites behind it.

Step one: Make a gate everyone uses

Step two: Sell keys to the gate

Muah ha ha

But in all seriousness I wonder who needs this... api's are suppose to make it easy to bridge two application... and you didn't need AI to utilize an api before so I wonder what's pushing this sort of thing to extract value down to individual calls?

I recently had to build a system to drop inbound traffic originating from cloudflare ASNs to prevent bad actors using WARP proxies, no legitimate cloudflare traffic usecases for anything inbound. Getting increasingly sick of cloudflare.

  • I do something similar seems to get the job done.

        for BadActor in $(curl -A Mozilla "https://api.cloudflare.com/local-ip-ranges.csv"|grep -Ev "::|/32"|awk -F "," '{print $1}'|sort | uniq); do ip route add blackhole "${BadActor}" 2>/dev/null;done
    

    Something similar can be done with AWS EC2

        https://ip-ranges.amazonaws.com/ip-ranges.json

I'm old-man-yelling-at-the-clouds here. Everyone just uses Cloudflare, which is not a bad thing by itself. But do they _have_ to? Is managing your own edge really that terrifying?

  • For non-corporate entities, it is!

    Having an almost a plug and play solution who does CDN + DDoS Protection + WAF/Rate Limiter + Bot Protection, for a few bucks, is very useful for startups and SMEs.

    And compared to cloud different offerings, their quick setup and lower cost is hard to beat.

  • I think DDoS attacks are really what propelled them to the heights it has. The attacks seem to get bigger and bigger by the year. You need a really big pipe to filter them out on before passing on traffic to servers with a much smaller pipe.

    • Yes, DDoS was definitely their entry point. I remember recommending them to a friend about a year or so after they had launched with the free tier. He was managing a small school district that was dealing with DDoS issues intermittently. What he needed was just outside of free at the time and I believe Cloudflare was still small enough where he had a call with Mr. Prince.

      I was a strong proponent of Cloudflare for years, but looking back should have known better. I felt like others in the space would have tracked along how they went to market but that didn't play out as I would have suspected. I still use Cloudflare for DNS on domains that I use sparingly (mostly just for mail records), but no longer recommend anyone let Cloudflare terminate TLS unless they need it.

      It's pretty amazing what you can get for a server host (bare metal) these days at the price point. I don't run any of those behind Cloudflare and haven't had any issues as of yet.

  • DDoS protection and the number of features they offer are kind of unmatched.

    I often see threads complaining about Cloudflare, never see suggestions for better alternatives.

  • > Is managing your own edge really that terrifying?

    It's about convenience, not fear. Cloudflare is free for most companies until you need more advanced features.

  • Dumb question here - how can I manage effectively edges across the whole world without the huge maintenance overhead? Which tools would be recommended for that? I e.g. have a VPS at Hetzner with Coolify but users from the US have high latency. I wouldn't know how to not use CloudFlare?

  • It would be economically impossible for me to run a small personal website without Cloudflare thanks to the sheer quantity of badly behaved automated traffic on the Internet in 2026.