Account has been Blocked

f0o · July 15, 2021, 7:34am

Ticket#2207312

Repasting:

Hi!

I seem to have gotten my CloudFlare Account blocked (at least for CloudFlare Pages) and I suspect it has to do with my finding at https://f0o.dev/posts/2021/07/cloudflare-pages-or-free-ci/cd-runners/

So uhm… I guess it’s too late for an “I’m Sorry it was for educational purposes”?

I’ve paused deployments of that runner-repo and also removed the GH perms to build it so it wont start up again.

However, if possible, I’d like to restore build-permission for my blog…

If not, no biggie - it was fun while it lasted!

Keep up the great service and greet the Engineering team for me

/f0o

fritex · July 15, 2021, 7:38am

Maybe @cloonan can take a look at your ticket.

f0o · July 19, 2021, 7:15am

So should I do the @moreHelp thing or just accept this (and my whole account) as lost?

TKlein · July 19, 2021, 8:48am

Hi @f0o, you should definitely not just accept this. Can you share more information either here or in the ticket about the block? How exactly did you notice that you are blocked? Is there any error? Are you able to login? etc.

With this information, we can check what the issue might be or if you indeed are blocked.

Best

f0o · July 19, 2021, 9:19am

Hi @TKlein,

Well at first I noticed that an update I made via GitHub didn’t trigger the Pages.

After looking at it through the dashboard I noticed I hadn’t stopped my cronjob to feed the cloudflare-runner PoC repo every 20 minutes with a job which likely added me to the abuse-list as I was effectively hogging a machine continuously…

When I then finally revoked access to that repo and disabled build (paused deployments) to further abuse the system I also noticed that scheduling new builds would yield a HTTP 400 response with JSON Payload:

{
  "result": null,
  "success": false,
  "errors": [
    {
      "code": 8000036,
      "message": "Account has been blocked"
    }
  ],
  "messages": []
}

So my assumption is that during the Pages maintenance you guys noticed my cloudflare-runners and put me on the NoFly list - Which to be fair, is more than legit and entirely my own fault for forgetting to turn off builds after the initial PoC passed. (Assumption based on the coincidental timelines)

So that leads me to here now

On the up side, I moved the domain to a new (personal) account and noticed that it resolved the issue…

Which leads to further ways of abuse unfortunately.

Even though this is effectively a foot-bullet to me I’d suggest blacklisting Page builds per GitHub Integration Token since I was able to circumvent the Block by just using a different CloudFlare account without unlinking/relinking the GH Application.

/0o

TKlein · July 19, 2021, 10:02am

Thanks for the quick reply. The error code is helpful and helps confirm that this is indeed on our end. Thanks a lot for being honest and I’d recommend putting this information into your ticket. I’ll reopen your ticket in a couple of minutes.

Best,
Tom

system · July 22, 2021, 10:03am

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cloudflare Pages - Account has been blocked Cloudflare Pages	11	2554	March 31, 2022
Cloudflare Pages - MY Account has been blocked Cloudflare Pages	2	1550	December 20, 2022
Cloudflare blocked my account? Billing	11	2156	September 10, 2022
My pages blocked Cloudflare Pages	6	193	April 15, 2024
My Cloudflare Page vanished from my account Cloudflare Pages	3	1113	January 21, 2023

Account has been Blocked

Related topics