Question - what do you do when the site is hacked and your biometrics are compromised? Issue new ones?
Question - what do you do when the site is hacked and your biometrics are compromised? Issue new ones?
You can validate that against user telemetry data expected from a browser.
I’ve been assuming this was going to happen since it’s been haphazardly implemented across the web. Are people just now realizing it?
I personally read this as “one quarter admit they did it to get people to quit”. If you think these folks are always transparent and honest, think again. They’re just trying to say whatever gets them the least amount of bad PR
This is effectively a layoff without benefits.
Y’all need high availability in your lives.
This is just it, it can barely handle manage my lighting system. How am I going to trust it to make purchases? Brought to you by the same people who can’t keep fake reviews off their platform.
Nobody expects it to be free. But it used to operate with far less intrusive ads. Also, people didn’t use ad blockers until they got worse.
They absolutely should have outlined a traffic limit for the $250 a month plan. That’s on Cloudflare for allowing it.
That said, if you make wildly excessive use of that loophole it probably shouldn’t surprise you if they do something like this. They called it “trust and safety” because it allows them to do anything they want under the guide of security.
Really, they didn’t define their service clearly and wanted to fire them as a customer unless they paid up for what they felt they were owed.
Realistically, this is why you pay for Akamai. You don’t get these shenanigans.
How the fuck were they still on a $250 dollar a month plan when they pumped through $2000 a month worth of traffic? That’s shady on the companiy’s part and Cloudflare shouldn’t have allowed it to happen in the first place.
Each party played their part here and did shitty things. Sounds like the tech equivalent of a crackhead arguing about selling stuff to the pawn shop employee.
As an operator, this who thread reads like a bunch of devs who don’t understand networking and refuse to learn.
Sure, for smaller applications or small dev teams it doesn’t make sense. But for so many other things it does.
If I had to guess after managing enterprise WAF across hundreds of domains…
It’s either a crowler or vulnerability scanner, and may be scanning by IP address. I don’t think you configured anything wrong.
You may want to add some form of captcha or user agent based filter to get rid of it. Good news is that it’s not necessarily something to worry about.
I’d avoid IP based blocking. It’s only temporarily effective.
I see 803 forks currently, keep up the good work!
I’m forced to use it at work. It’s the worst because it has so many limitations and performance issues. I’m not satisfied because it’s assumed to be an equivalent and it’s not.