Cloudflare stops the API access #166
Comments
|
Sourcing from 35.79.238.0/24, but im not asking to whitelist this subnet. Cloudlfare defeats the purpose of API access, cloudflare needs to be removed? |
|
Cloudflare enterprise can make rules to bypass bot prevention with granularity. Free, pro and business can only turn it on or off. Uptime-Kuma project has the same issue. Cloudflare itself doesn't break this. We have our own instance of echo IP behind cf and query with curl. The bot protection creating false positives is the issue. |
|
well, the IP address that had <10/accesses to ifconfig.co in the past 90days is getting blocked by cloudflare. cloudflare is falsely blocking non-abusing IP address. |
Yes, they are. The only remedy is to go on an expensive plan or disable bot fighting option in CF for the domain. IIRC it is on by default. They have a way to get certain clients or apps whitelisted but this is not possible for python -requests or curl as that's exactly what a bot would use. |
|
im asking to disable cloudflare for the main website |
|
I don't think this will be done. It would expose the origin server and lose ddos protection. The compromise is to toggle "bot fighting mode" off. |
|
well, to bad i cannot use the website because of false positives |
|
@dhrp is in charge of hosting now. Maybe we can try turning off the bot-fighting mode? |
|
Seems like it was silently fixed, I can |
@fiskhest nope. I just tried again via GitHub actions: <!DOCTYPE html>
<html lang="en-US">
<head>
<title>Just a moment...</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-[8](https://github.com/***/***/actions/runs/***/jobs/***#step:5:9)">
<meta http-equiv="X-UA-Compatible" content="IE=Edge">
<meta name="robots" content="noindex,nofollow">
<meta name="viewport" content="width=device-width,initial-scale=1">
<link href="/cdn-cgi/styles/challenges.css" rel="stylesheet">
</head>
<body class="no-js">
<div class="main-wrapper" role="main">
<div class="main-content">
<h1 class="zone-name-title h1">
<img class="heading-favicon" src="/favicon.ico" alt="Icon for ifconfig.co"
onerror="this.onerror=null;this.parentNode.removeChild(this)">
ifconfig.co
</h1>
<h2 class="h2" id="challenge-running">
Checking if the site connection is secure
</h2>
<noscript>
<div id="challenge-error-title">
<div class="h2">
<span class="icon-wrapper">
<div class="heading-icon warning-icon"></div>
</span>
<span id="challenge-error-text">
Enable JavaScript and cookies to continue
</span>
</div>
</div>
</noscript>
.... |
|
Yes, the service is worthless as is, but fortunately there are alternatives that actually work: |
|
@mpolden or any maintainer? ping. |
|
Simple solution for me was to self host the project on a domain of my choosing with LB/WAF settings of my choosing. Runs well and requires very very little resources. Perhaps y'all could consider doing that. |
That option is kind of obvious, but then again at the cost of maintenance. Mind sharing your process of self-hosting it? How much resources you gave the instance? Did you implement a load balancer? What about updating the Geo location databases, did you implement automation for it to auto-update? AFAIK also for getting the Geo location databases it requires creating an account and such. |
|
For anyone finding the same problem I made the host of https://ifconfig.la which is cloudflare-free. |
|
|
|
@hydrargyrum It is intentional since we could not check tor exit nodes against IPv6 exit nodes. If some amount of donation is received will host another instance under a new domain that will support both IPv4 and IPv6. |
While trying to access the
curl ifconfig.co/I'm getting cloudlfare challenge that is impossible to do in curl. The "How do I get this programmatically?" section does not work.Remove the cloudflare, of this website is not usable for its intended purpose.
The text was updated successfully, but these errors were encountered: