top | item 33335241

(no title)

jlmb | 3 years ago

This is not specifically about Cloudflare’s “challenges“/etc, but —

The reality of operating a big site/service on the internet in 2022 is that it’s sometimes necessary to use methods that annoy a few people (with very non-standard browser settings) in order to protect the service as a whole from a million bots trying to attack it at any given time.

discuss

nonrandomstring|3 years ago

> operating a big site/service

This sounds like a very plausible argument. I've heard many of the arguments and don't dispute the threat model to something like Cloudflare.

And yet something about it still doesn't add up.

It turns power into a weakness.

How is it that much smaller sites - still able to serve something as simple as a plain-text blog to millions of users from a modest rack shack - operate perfectly well without any impediment?

Wouldn't an operation with all the power, might and money of Cloudflare be able to do a better job and still maintain the QoS (accessibility, interoperability etc) as Basement Bob with her Raspberry Pi?

Remember, all I want to do here is read a static web page of (I guess) less than 1000 words.

I'll take a punt: if "defending against millions of bots" is Cloudflare's business offering, then being able to serve a static site off a Raspberry Pi doesn't look good :)

yunohn|3 years ago

Is your claim that Basement Bob’s raspberry pi could withstand the kind of attacks that companies like Cloudflare handle?

Eg - https://blog.cloudflare.com/26m-rps-ddos/