FWIW I also had a recent experience with Cloudflare "Trust & Safety" and it was my first negative Cloudflare experience, unfortunately.
A client-of-a-client had their site reported to CF for malware distribution via Netcraft. I reviewed the site and found nothing unsual-looking. I dug out a month's worth of access logs for the site, carefully filtered them, and then eyeballed all of the tens of thousands of remaining lines, and again, nothing unusual. No sign whatsoever that the site had ever distributed any malware.
There were signs that the site had been probed a number of times by one or a few bad actors, a bit more than just the usual background scanning. Best guess was that, having failed to take the site down through direct means, somebody filed some fraudulent reports against it.
DigitalOcean also received a report on the site, and that's where the difference in handling the issue really became apparent. I sent essentially the same response to both DO and CF. DO sent back a quick, "thanks for taking a look at it, we're not going to take any action at this time, have a nice day" response.
Cloudflare on the other hand pre-emptively took the site down and then took a while to reply at all. When they did, the reply was extremely opaque: "this report has been processed". Like, okay... and?
I had by that time already routed the site off of Cloudflare and had it back online, so the impact was minimal, but now that I know what it's like to deal with this category of issue at Cloudflare, I have to ensure that it's always easy to take anything off of Cloudflare. I love Cloudflare generally, so this is really disappointing.
My only interaction with cloudflare's "Trust and Safety" team involved reporting a site using their services, and that site hosted a large archive of child pornography [1], for which I provided a sizable chunk of evidence, which would have let them easily verify my claim.
All I got back was a canned response that cloudflare is not actually hosting anything and cannot do anything and will forward my complaint to the ISP that really hosts the website.
Replying back to that email, asking whether they couldn't at least close the cloudflare account in question, I was greeted with exactly the same canned response again.
Responses form law enforcement I tried were also rather underwhelming, but that isn't cloudflare's fault.
This was a while ago, and it all was rather discouraging.
And I can only hope they got their act together now...
But I guess not. I just checked, and the site is online again, under the same domain, and using cloudflare again. I'll report them again now, I think.
[1] Including a lot of the child porn this UK blackmailer had traded and sold: https://www.bbc.com/news/uk-england-birmingham-59614734
The site I reported was re-selling the stuff for crypto or gift cards, with a lot of free samples.
Now you may wonder why in hell I would even know about any of this. I used to be a small time moderator on a small time website where some of our users shared some of the content/links to the content.
Isn’t CloudFlare’s whole schtick about keeping you online? Requiring you to deploy technical means to deal with your domain name being automatically thrown under a bus by their AI seems like the exact opposite of what I’m looking for.
Does this only affect free accounts? Do you at least get an account manager for escalation if you pay?
Honestly, this whole thing of scaling service abuse handling through AI is a dumpster fire.
>I have to ensure that it's always easy to take anything off of Cloudflare. I love Cloudflare generally, so this is really disappointing.
This line pretty much echos my attitude to cf going forward. Come to think of it, not just CF guess its going to apply to every company I deal with going forward. Although it sounds good in theory, wonder how hard it is going to be to apply this on every situation I rely on a 3rd party company.
Yeah. CF and kin provide a lot of advantages for cheap, but they are also big consolidations of infrastructure. There are more companies than ever before that can carelessly ruin your day, and they all have more customers than they can handle, and none of them want to staff a support team.
You can burn a lot of productivity trying to make everything completely fail-safe. Building stuff out of today's technology requires deciding which companies you're willing to gamble on and accepting that eventually the odds will catch you.
Huge thanks for taking the time to post this. I am working with clients who are disrupting Chinese imports for things more easily made here, and the number one concern is bad actors using any easily available digital means to interrupt operations. DO sounds like the way to go.
A client-of-a-client had their site reported to CF for malware distribution via Netcraft. I reviewed the site and found nothing unsual-looking. I dug out a month's worth of access logs for the site, carefully filtered them, and then eyeballed all of the tens of thousands of remaining lines, and again, nothing unusual. No sign whatsoever that the site had ever distributed any malware.
There were signs that the site had been probed a number of times by one or a few bad actors, a bit more than just the usual background scanning. Best guess was that, having failed to take the site down through direct means, somebody filed some fraudulent reports against it.
DigitalOcean also received a report on the site, and that's where the difference in handling the issue really became apparent. I sent essentially the same response to both DO and CF. DO sent back a quick, "thanks for taking a look at it, we're not going to take any action at this time, have a nice day" response.
Cloudflare on the other hand pre-emptively took the site down and then took a while to reply at all. When they did, the reply was extremely opaque: "this report has been processed". Like, okay... and?
I had by that time already routed the site off of Cloudflare and had it back online, so the impact was minimal, but now that I know what it's like to deal with this category of issue at Cloudflare, I have to ensure that it's always easy to take anything off of Cloudflare. I love Cloudflare generally, so this is really disappointing.