If it is a club web site, you could put it behind a membership wall that will reduce the traffic load to almost nothing. Also take a look at your sessions, if you are issuing any. Session overload is what brought my custom forum down a couple weeks ago. A complete session overhaul to make sure only logged in users were issued a session brought sesssion files down from 20k highs to less than 300. Guest users didn't actually need sessions, and single-requests from bots didn't need them either. CPU usage went down to unmeasurable at times whereas before it was 30% on average. RAM usage saw a smal drop as well.

And just as enforceable.

nginx isn't a MITM because it is the same "man". CloudFlare is a different "man". That is what makes it a man in the middle. As I said in another reply: Just because you allowed them in the middle on purpose, doesn't make it goodware. From the user's perspective, it is malware just the same. Same thing if you quietly offloaded user comms on the back-end to the NSA like the cell providers. This malware is simply on the front-end instead.

I didn't say it was a man in the middle attack. I said they were a man in the middle. Just because you allowed them in the middle on purpose, doesn't make it goodware. From the user's perspective, it is malware just the same. Same thing if you quietly offloaded user comms on the back-end to the NSA like the cell providers. This malware is simply on the front-end instead.

I'm not the person who claimed CloudFlare was malware, but I can easily give you justification as to why they are.

CloudFlare decrypts HTTPS traffic on the way to a server, then re-encrypts it before sending it on to the destination server. They are a man-in-the-middle.

As a user making an HTTPS request to a web server, I expect my request to reach that server exactly as-is. CloudFlare breaks this fundamental aspect of trust.

(That is without mentioning the gate-keeping bullshit they pull.)

No, you didn't have to.

There are plenty of alternatives to CloudFlare that are actually good at what they do.

Barring that, there are hosts that provide excellent, creative, and sometimes passive protection against DOS and bots while also giving you the tools to further build your own protection to that end. I've run a 10k+ user site with guest (non-login) features for 8+ years now with zero DOS attacks and bot behavior below the level of noise. I host with Nearly Free Speech, but there may be others like it.

https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fwww.nearlyfreespeech.n...

Yes.

1) CloudFlare launches a DOS attack on your browser (and others), then ignores your communication, and only stops the attack only after a huge user outcry. Promises are made that this won't happen again.

2) 4 months pass and the exact same thing happens. Your bug reports and similar get completely ignored, the DOS attack only stops after a huge user outcry. Promises are made this should not and will not happen again. Your browser will be added to their test suite.

3) 6 months pass and they are DOS-ing you again. Your comms get tossed in the trash. A huge user outcry doesn't work this time. A full month goes by and bad media coverage finally brings CloudFlare to the able. They give you the run-around. 6week in and the DOS continues.

You're blaming the browser dev in all this? Calling them incompetent is being kind. Likely they are being malicious.
Fuck off.

Pale Moon
Basilisk
Waterfox
Falkon
SeaMonkey
Various Firefox ESR flavors
Thorium (on some systems)
Ungoogled Chromium


Source: https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fforum.palemoon.org%2Fvie...

Zappos dot com used to (still does?) advocate this exact behavior on their web site. They literally told you to order 4-5 pairs of shoes, and return for free the ones you don't want after trying them out. Not the ones that specifically don't fit, but any one you just don't fancy in person once they arrive. This is of course a money-making policy. It's kind to the customers and earns repeat customers, but also they no doubt benefit from the inertia and minor hassle involved with returns so gain extra sales there as well. Why a retailer wouldn't join Zappos in this tactic seems a little odd to me, unless return shipping is costly because the items are large or whatever.

My main point is, why should the mindset of the people be fixed? From the retailer's point of view this is a desirable situation.

Pale Moon really is the old Firefox we all knew and loved. I can't fathom why anyone would be on Chrome or a Chrome-based browser in the past, let alone these days.

Your experience with Pale Moon + uBO + YouTube is not normal. Submit a ticket to the uBO/EasyList filter folks to see what's going on.

Parent is incorrect. NoScript installs in Pale Moon just fine even to this day if you ignore the (well-placed) warning that it is known to cause major stability issues with the browser.

I'm using the definition of PC (Personal Computer) as it was coined, and the only version that ever made any logical sense.

A personal computer is a computer that is two things:

1) Small and inexpensive enough for a typical person to personally own and comfortably place in their home. This of course includes microcomputers, but also smaller devices like game consoles, telephones, etc.

2) Runs a general-purpose operating system. Examples are MS Windows, GNU/Linux, MacOS, BeOS, TempleOS, etc.

Most game consoles, smartphones, and the like are not PCs because they don't run general-purpose operating systems (although there are some rare exceptions).

The headline implies Macs are not PCs. Macs are PCs.