I second the myriad problems of Cloudflare.
I started very enthusiastically believing the hype: Cloudflare was the greatest thing since sliced bread.
I can’t count the endless hours and days I’ve spent troubleshooting OS, data provider, each site in question because I’d actually forgot I switched to Cloudflare.
-
It may very well be that many sites use insecure web practices- then again, absolutely nothing is bulletproof on the web, like in real life. But what do we want, when our own government leaders handle classified info on unsecured phones and home computers. Everyone knows everything about everyone else while pretending they don’t do as to not risk losing access.
-
Far too many apps, even those specifically created for security just don’t work on Cloudflare to varying degrees from mild to complete, to name a few: Privacy.com, Stripe (and gosh, they supposedly securely validate & interface between Banks, fintechs, and customers), some bank apps, some vpn’s, food apps (some are the world’s largest to boot), survey apps, government sites like some of NYC’s, etc.
It’s not confined to small or just emerging companies. Ditto for security texts and two factor authentication- TMobile, Microsoft…Google was a past example but looks like they found a workaround.
Signing up for various forums is not possible either. -
All these problems immediately go away by disabling Cloudflare to the default. Nor they occur when using Google DNS.
-
Everybody has to eat, but the individual customer paid subscription model and the individual business paid prioritization model trigger the suspicious and conspiracy theorists.
Just the fact that you have MVP’s, that you felt this need, is telling and a self-admissive… Just like at Microsoft, which I happen to belong to.
And btw, NONE of the MSMVP’s ever are rude, sarcastic or condescending. -
I just spent a half hour on another of your roadblocks just by trying to sign up to post this. It seems you don’t like when we stumble onto your site / an interesting thread, sign up, but validate on another peripheral so as not to lose the exact place mark.
And can you please add the feature of returning to original placeholder upon verification and signup? That feature has only existed for two decades.
Validation link immediately throws a link expired message with a prompt to resend another one- how about a more truthful prompt like not allowed to validate on different hardware? In order to avoid an endless validation loop, because most those messages end up in Spam.
AND because the site keeps one logged in and allows accessing Dashboard, this leads one to believe validation worked, delays finishing the validation. BTW There is one popup that disappears almost instantaneously- who knows what that message says.
Can you make trusted agreements with the big email providers so as not to wind up in Spam?
And why validate and sign up only thru email instead of using the large social portals? That is so 1989, today’s web surfer will not have the patience, will just not post.
If you wish to validate, secure code to phone is much easier on people- ahh, but that may never arrive for many… Back to the drawing board.