I think the majority of contributors to that thread are being very reasonable and measured. CF should not be in a position to determine which UAs are viable on the Internet.

> CF should not be in a position to determine which UAs are viable on the Internet

Site operators explicitly subscribe to their DDoS protection service. They're not intercepting random traffic they don't terminate.

How do you propose we solve the bot problem? The Internet is a digital Mos Eisley cantina. The "come one, come all" approach isn't viable in 2025.

What if a server operator decided to block Pale Moon user agents? Is that his right? What about blocking bot user agents? How is that any different?

They are fighting a losing battle. Like running your own SMTP server in 2025 and expecting the big dogs (Google and Microsoft) to accept your mail and play by anyone's rules but their own.

Huh? Malicious actors would just use a Chrome user agent. The only people being hurt by such blocking are legitimate Palemoon users.

If your so-called "bot blocking" is nothing more than a string.contains() on the user agent, it's literally less than worthless.

A new account that dismisses, but offers not the slightest bit of technical reasoning. Please point out something that the Palemoon people have said that's incorrect, or that is even exagggerated.

Thank you for your input, Mr Cloudflare CEO

What do you think about the substance though?