I don’t understand how CloudFlare is intermediating the traffick in this case. How can CloudFlare block the sites if they aren’t hosted on CloudFlare or using CloudFlare services? Are they acting as an ISP in the UK?
So the ISP redirects the request from the primary host to the CloudFlare cache under some conditions? but wouldn’t that be ineffective at blocking the sites of the browser still attempts to pull from the primary host first? I’m assuming this must be mediated by the ISP somehow otherwise it would just be a browser setting to only pull from the primary host of the domain.
Cloudflare operates as a reverse proxy between a user’s browser and the origin server of a website or application. When a user requests a webpage, the request is first routed through Cloudflare’s global network instead of directly to the origin server. Cloudflare then forwards the request to the origin server, retrieves the content, and sends it back to the user.
It is doing that by being authoritative DNS provider and providing useful features in case of attack but imagine that everyone start using cloudflare then it become the authority DNS wise.
So far it happens when I try the landing page of the site, if I go pages I visited in the past I can reach the intended site. Maybe the name resolution is cached.
I haven’t tested it much but I’m using Quad9 and it’s not making any difference.
Cloudflare seems to be the SOA for the affected sites and then it sets *.ns.cloudflare.com as the primary source and dns.cloudflare.com as the administrator.
To my understanding Quad9, being a recursive DNS resolver, is not the main DNS authority in this case. Quad9 will reach out to cloudflare to refresh the records when the TTL expires and then cloudflare can return a different IP for the domain.
Either affected sites stop using cloudflare, or we reach them via TOR, if they have that option.
I don’t understand how CloudFlare is intermediating the traffick in this case. How can CloudFlare block the sites if they aren’t hosted on CloudFlare or using CloudFlare services? Are they acting as an ISP in the UK?
They cache a lot of the internet so like the infra of the internet after the isp
So the ISP redirects the request from the primary host to the CloudFlare cache under some conditions? but wouldn’t that be ineffective at blocking the sites of the browser still attempts to pull from the primary host first? I’m assuming this must be mediated by the ISP somehow otherwise it would just be a browser setting to only pull from the primary host of the domain.
Cloudflare operates as a reverse proxy between a user’s browser and the origin server of a website or application. When a user requests a webpage, the request is first routed through Cloudflare’s global network instead of directly to the origin server. Cloudflare then forwards the request to the origin server, retrieves the content, and sends it back to the user.
It is doing that by being authoritative DNS provider and providing useful features in case of attack but imagine that everyone start using cloudflare then it become the authority DNS wise.
Maybe it includes dns. Using quad9 would bypass this.
I bumped into at least one site blocked by cloudflare. When accessing the site, I’m redirected to:
https://www.cloudflare-terms-of-service-abuse.com/stream.ts
So far it happens when I try the landing page of the site, if I go pages I visited in the past I can reach the intended site. Maybe the name resolution is cached.
I haven’t tested it much but I’m using Quad9 and it’s not making any difference.
Cloudflare seems to be the SOA for the affected sites and then it sets *.ns.cloudflare.com as the primary source and dns.cloudflare.com as the administrator.
To my understanding Quad9, being a recursive DNS resolver, is not the main DNS authority in this case. Quad9 will reach out to cloudflare to refresh the records when the TTL expires and then cloudflare can return a different IP for the domain.
Either affected sites stop using cloudflare, or we reach them via TOR, if they have that option.
It happened to me once with 1337x redirecting to that stream.ts, i deleted the prepending “www.” and it worked again.