Is there a Cloudflare friendly VPN? I’m looking for a way to protect my outbound privacy on a third party network, but the site I’m attempting to access blocks my connection based on my choice of VPN provider(at the Cloudflare level, before I even get to their actual domain). I get stuck at the captcha, in an endless loop.
“Cloudflare friendly” VPN is a contradiction in terms - if you are using a VPN then, as a Cloudflare user, I want Cloudflare to give me the ability to block the VPN you are using
Creating a “Cloudflare friendly” VPN would be pointless as, like all VPN’s, it would just get misused - you cant make a good security product like Cloudflare then say “but we’ve created this friendly VPN that gets around the blocking”
I thought the main point of Cloudflare was to mitigate the effect of DDoS attacks(at least, that’s what the site I’m trying to use is doing with it).
Is the assumption that all VPNs are used by threat actors to perpetrate DDoS attacks, or is it just a cold hard fact that they are primarily used for that?
Cloudlflare offer a good suite of services, DDOS protection is just one of them
Our experience from our 25+ websites, some of which are 25 years old, is that we see many VPN’s that are used primarily for attacks, we see almost no real customer traffic through VPN’s and proxies, and don’t run any websites for sensitive content where you may expect VPN’s and proxies to be used so we ban them - well we actually go further than that by allowlisting who we see as our customer base, a very restricted set, and ban everyone else
We see ASN’s that are only ever used for attacks, a large proportion are VPN’s but by no means all of them, we also see some countries where traffic is only ever attacks, some is VPN traffic but not all
We also see that the sources of attacks moves all the time, currently we are seeing a massive shift to attacks from the Netherlands, Germany, Ukraine, and Russia, a reduction from other countries, and new ASN’s appearing which are a threat source, so approach has to be agile
You could, in theory, provide a Cloudflare friendly VPN, just get each subscriber to provide multiple pieces of Govt level identity security checks, copy of Passport, driving licence, proper proof of address, criminal records check, etc., etc. and only allow subscribers who are prepared to do this, log every thing that they do and every site that they visit, and you would then have a safe user base - but I doubt you would ever get anyone to sign up for it
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.