>>tardis+(OP)
I've asked internally to understand this.

>>jgraha+k
thanks, much appreciated!

>>tardis+(OP)
Looking at this with interest as I've multiple projects on cloudflare now and in development.

>>Roark6+f2
Likewise

>>tardis+(OP)
I'm very interested in this. I also have clients with very large usage volumes on CF

>>tardis+(OP)
Welcome to Google I mean Twitter I mean Facebook I mean cloudflare support.

>>tardis+(OP)
i'm about to move a significant amount of traffic to cloudflare. holding off until i see how this is handled. Can you please update this to reflect the total time of service outage and time to resolve. As a busy tech company, this is an unneeded problem. We pay cloudflare to be fast. Not make our sites slow and unresponsive.

>>tardis+(OP)
How are you using the workers? Is the JSON cached? Where do you get the JSON?

>>tardis+(OP)
I recently signed up to CloudFlare for their Yubi key deal that was still being advertised on their website. A week later I received an email saying only customers subscribed by a certain time could claim the offer.

I asked them to delete my data or provide the Yubi offer and they did neither. So they sit in an email folder known as bad companies. Because my data has value and they lied to obtain it for their own gain (aka fraud).

In Canada we have private prosecution/rules about falsely acquired data. Every bad story on HN puts me closer to opening that folder up and ensuring my data costs at least 100k.

Enough is enough.

>>sgarg2+a6
Outage started around 00:00UTC today.

I was able to contact via support chat to confirm it's indeed Cloudflare related issue as wasn't sure as it's not displayed in any form on Cloudflare dashboard that indeed account is restricted. That was around 8AM UTC.

Since then I also contacted with sales team (got the details already as they approached me in last few weeks as mentioned before) in order to upgrade to Enterprise plan as it seems like the only solution, but did not get the quote yet and account is still restricted.

>>tardis+(OP)
Also want to be kept updated on this issue since it touches some clients of mine

>>tardis+(OP)
Literally just sent an email to my devops guys to move off cloudflare asap. This cavalier lack of respect is a diservice and insult to all the people who rely on my product for their livelihood.

>>tardis+(OP)
Sales said something would never happen...

>>ddoria+g6
I'm using Workers as basically API gateway/smart load balancer to backend services that handle actual load (resource intensive data filtering). Most of the responses are not cached on Cloudflare level. Thing is that I was using Workers for about 4 years already with not issue at at all, I'm aware that I use lots of requests and bandwidth but I just wish I was contacted about mandatory upgrade before effectively turning my service down.

>>dboreh+h7
That's almost the same as Sales promising that the feature will be available in the next few weeks..

>>tardis+v7
How much are you paying for the workers/month?

Why didn't you use the load-balancer service?

>>jgraha+k
[flagged]

>>tardis+(OP)
I've recently dropped and then readded (a few months later) a zone to Cloudflare for a domain only I ever owned. And they refused to add it for "policy" reasons, so I had to wait a week or so until Cloudflare just unlocked it without providing any rationale.

It's not a company I trust to not randomly screw me over out of the blue anymore.

>>ddtayl+16
Last but not least, Stripe support.

>>tardis+(OP)
I went to look at your website to see what the service was about… but of course it’s down :(

>>sanat+q5
And another

>>tardis+(OP)
Cloudflare: MitMaaS

https://framagit.org/dCF/deCloudflare/-/blob/master/readme/e...

>>tlonny+X7
I replied when this has no upvotes and was nowhere near the front page.

>>iinnPP+q6
Report them to Consumer Affairs.

https://ised-isde.canada.ca/site/office-consumer-affairs/en/...

>>jgraha+h8
That response misses the point by a wide margin.

>>sgarg2+a6
By now most SLAs are already breached

>>tardis+P6
> Since then I also contacted with sales team … in order to upgrade to Enterprise plan as it seems like the only solution

Talk about coercion.

Considering that you weren’t, technically speaking, violating any terms of service, this response from them leaves a very bitter taste in my mouth.

Good luck, and thank you for sharing this with us all.

>>tlonny+X7
I'm always unsure how to read this. One one hand it is nice that there is someone in the company willing to do work which is in the interest of the customer (of sorts). But on the other hand it shows the company is willing to let quality, support, customer care, service and everything else decline but when it comes to public image is prepared to do everything within their power, even (yuck) their job in order for damage control. Now that I'm writing this I know exactly how to read comments like "now that it's in the public eye, we'll do something - maybe".

>>rvz+18
To be fair, most of the stripe whiners I see on here are trying to do shady shit... like that guy last week who didn't think we'd connect the dots from his last shady stripe scheme.

>>cultof+47
Are there any good alternatives that you (or him) already looked into?

>>tardis+(OP)
Very similar to this other one https://news.ycombinator.com/item?id=34235237

I just repost the same comment I put in the above thread

> The thing that scary me most is that his business get shut down without any notice period (at least the author not mentioning any previous communications from Cloudflare team about the issue).

> This is really a shitty thing from Cloudflare, you cannot shut down an already running business without any notice/grace period.

>>jgraha+h8
and I really appreciate it, not trying to blame anyone, I created HN post as desperate attempt to have my service online again, hope you understand.

>>nubine+89
Got a link? Curious what he was doing!

>>tardis+(OP)
Are there no laws around account removal/shutdown? In the future I will be actively asking service providers their procedures on account shutdown.

>>tardis+(OP)
What even is the restriction on returning JSON? One of the examples is explicitly how to return JSON

https://developers.cloudflare.com/workers/examples/return-js...

From the terms

> 2.8 Limitation on Serving Non-HTML Content

> The Services are offered primarily as a platform to cache and serve web pages and websites. Unless explicitly included as part of a Paid Service purchased by you, you agree to use the Services solely for the purpose of (i) serving web pages as viewed through a web browser or other functionally equivalent applications, including rendering Hypertext Markup Language (HTML) *or other functional equivalents, and (ii) serving web APIs subject to the restrictions set forth in this Section 2.8*. Use of the Services for serving video or a disproportionate percentage of pictures, audio files, or other non-HTML content is prohibited, unless purchased separately as part of a Paid Service *or expressly allowed under our Supplemental Terms for a specific Service*. If we determine you have breached this Section 2.8, we may immediately suspend or restrict your use of the Services, or limit End User access to certain of your resources through the Services.

Supplemental terms

> The Cloudflare Developer Platform consists of the following Services: (i) *Cloudflare Workers*, a Service that permits developers to deploy and run encapsulated versions of their proprietary software source code (each a “Workers Script”) on Cloudflare’s edge servers; (ii) Cloudflare Pages, a JAMstack platform for frontend developers to collaborate and deploy websites; (iii) Cloudflare Queues, a managed message queuing service; and (iv) Workers KV, Durable Objects, and R2, storage offerings *used to serve HTML and non-HTML content.*

I can't quite figure out how to parse this such that workers would be deemed unusable to just run an API.

I'd absolutely have gone ahead with using it for an API.

>>philli+u9
Actually, my mistake... it was almost 3 weeks ago.

https://news.ycombinator.com/item?id=34383720

https://web.archive.org/web/20230114202232/https://news.ycom...

>>Picbli+V8
It doesn't make the problem go away by itself, but I would rather have jgrahamc helping people than not.

>>cybrox+b9
Not OP, but we run two environments each of our service on Cloudflare Workers, Deno Deploy, and Fly.io (a small service albeit, 200 to 300 requests per second). In the event one is down, we switch to the other (via DNS).

>>Aeolun+28
You can look at it here:

http://web.archive.org/web/20230112195712/https://tardis.dev...

>>cybrox+b9
we had already been discussing amazon s3 since we are on aws. As clunky as aws can be, you can get in touch with a human if you need to.

>>tardis+(OP)
Cloudflare has non-transparent pricing, unlike AWS, which will charge you for every thing with detailed usage tracking.

When ever there is non-transparent pricing, it's scary to try and use an infrastructure related service.

The sales teams can't go around saying that you are not a profitable customer, and they can't argue with the marketing team to be more honest about pricing on the pricing page.

So, end result, let's bump of these small free loaders. Large enterprise deals is what gets us the bonus anyways.

I like fly.io pricing in that sense. And I am sure there might be others offering a more transparent pricing, otherwise like me still stuck on AWS.

>>tardis+s9
Dude, I'm not mad at you for reporting it. I'm working internally to figure out why your site was throttled and take appropriate action.

>>IanCal+E9
Seems like my account was restricted due to https://www.cloudflare.com/en-gb/supplemental-terms/#cloudfl...

2.Cloudflare may, with or without notice to you and without liability of any kind, temporarily limit your storage and/or the number of requests you can make or receive using the Developer Platform for any reason (in its sole reasonable discretion), including without limitation, if processing such requests would put an undue burden on the Cloudflare network, adversely impact the Service, or otherwise threaten the integrity of Cloudflare’s networks.

To be fair I'm using lots of requests and bandwidth so could be reason, just if only I got an email about that before shutting everything down.

>>tardis+(OP)
Well this isn’t good. I’m leading an effort to move some of our services and about a hundred domains over to Cloudflare.

Given all of this I think we’re going to have to push pause and see how this shakes out.

>>iinnPP+q6
There isn’t a practical way to fractionate their revenue or determine what proportion of their profit is derived from your data. This can be proved by the fact that there is no way to make any money with only the data you gave to them separated from the rest of their customers and potential customers. Therefore you are entitled to all of their revenue. Please clean out their shareholders and destroy their business. They deserve this for not cooperating with you. It would be very low cost or low effort to correct their mistake and they are choosing not to because it is easier.

>>tardis+(OP)
Maybe they booted you because your business model is to use Cloudflare to repeatedly and aggressively scrape data from cryptocurrency exchanges and then resell it for hundreds of dollars a month.

Sounds like an abuse of their terms of service to me.

>>Wowfun+P9
[deleted]

>>Veen+G8
Not a big surprise given they think HN threads are an acceptable form of customer support for paying customers.

>>Ethery+Za
[deleted]

>>tardis+(OP)
Word of warning: don't use cloudflare

Or really any service that has it written that they can end your business without notice~

>>tardis+(OP)
> ...anyways I get it, perhaps I pay too little and should be on enterprise plan already

If you're on Workers Unbound, you're probably paying closer to ~$800/mo for 4b requests; or if you're on Workers Bundled, then ~2000/mo. What were you quoted for the Enterprise plan? I thought those start at $1500/mo?

>>rvz+18
I haven't even used Stripe yet but I'm wary of ever relying on it from all the horror stories. It's almost become common sense to use two payment provides, and just rotate between them. More work but when one goes wrong, it's only half your income gone not all of it.

>>tardis+qa
Out of curiosity, are you connecting to third party websockets from your workers?

>>Ethery+Za
As the joke goes, "A failure in the outage reporting service can take surprisingly long to notice."

When your customer service is failing to handle a case, how exactly are you gonna catch on without using out-of-band signaling?

>>nnx+Lb
no, I'm not using WebSockets at all in Workers.

>>jgraha+k
I would really like you to clarify your intentions on serving non-HTML content.

I say this slightly nervously as a Cloudflare customer who serves some amount of binary data. One message is "it's ok if you're on a paid plan". Another is "it's not ok at any time". My suspicion is that "it's ok unless we notice you".

If you could come up with consistent understandable messaging that would help a lot. I don't mind paying (stay competitive against AWS and Hetzner and that's all I need) but the uncertainty is not good.

>>jgraha+Pa
I think people see a lot of posts like "I tried to get help with my problem but received no response" and don't think about the selection bias involved. (Of course, if someone gets helped by customer service with no issues, that doesn't tend to come to Hacker News' attention.)

But from their perspective it does feel like these sorts of posts are the only way to get attention on a problem.

>>tardis+(OP)
Sad it happened. This highlights why it is important to reduce your exposure to external services. Right now I just deploy on bare metals servers and are ready to move them if need to. As they say, there's no cloud - just someone's else' computer

>>nubine+M9
Ah damn, all it says is "I was advised to remove this post" and what was there before is not in archive.is

>>Feepin+Wb
[deleted]

>>katsur+T9
thanks

>>jgraha+ec
Right, I agree it sucks for you, I'm just trying to explain why I think it happens.

(People don't think about incentives either.)

>>jgraha+bb
Friendly advice, stop digging and step away from this thread/talk to your PR team. You're not helping yourself or Cloudflare by responding in this way.

>>lolcro+La
Is that illegal or something?

>>jgraha+h8
Scraping sites can be useful, huh?

>>cultof+47
You’re changing your arch because you saw a one-sided completely unverified post on HN?

At this point @jgrahamc has the worst of it - people show up here time after time hoping they can make enough of a stink to get him involved.

>>fragme+0c
It’s somewhere in there: https://news.ycombinator.com/item?id=34384172

>>tardis+v7
That’s interesting.

I’m using cloudflare pages with workers doing the same as you on a much smaller scale. The workers reverse proxy a rest api under the same host so I don’t need to worry about CORS, take the country HTTP header provided by Cloudflare then route the request to backend servers in the nearest AWS region and also cache any responses with cache control headers utilising Cloudflare’s Edge caching. It works great and gives a fast user experience regardless of where you are in the world.

I was going to implement rate limiting backed by durable objects to protect my backends.

It seems exactly the usecase and ideal usage of workers! Now seeing this, it has me rethinking using/investing in cloudflare if they can decide if they like how you use workers or not and kick you off. It shouldn’t matter what output the worker generates as long as it conforms to https://developers.cloudflare.com/workers/platform/limits/

>>tardis+(OP)
4 Billion requests per month involving 1 Petabyte of traffic doesn't seem like a "small SAAS", at least packet-wise. If its small revenue-wise, addressing that is a business concern as important as having your platform throttled for using the cheapo economy edition tier of whatever you've signed up for with Cloudflare. Did Cloudflare issue any formal communication with you warning about usage and how it violates contractual terms, or did they "ban" you out of nowhere?

>>Veen+lc
You're right. I'm taking all this too personally.

>>TigerT+Zb
Do you manage your own global CDN network?

>>tardis+qa
Unless you saw a huge spike I feel like not letting you know before is totally unacceptable.

Also, while that's in the terms that's a generic get out clause I know they need but doesn't at all help you figure out what services are ok.

>>Dowwie+Yc
Sounds like OP has spoken with cloudflare previously about their usage/cloudflare services, likely looking to upgrade by the sounds of it but sales maybe gave the impression OP was ok on current level of service.

> I would fully understand that I am required to upgrade, but why not sending me an email before shutting down my business completely? I even asked about such scenario on zoom meeting I had with their Sales and they said it will never happen

>>ImHere+rc
It doesn't have to be illegal to be against the terms of service. Cloudflare can decide how they wish their service to be used.

>>Dowwie+Yc
I worked for a large bank, my internal backend would receive couple orders more requests from other internal apps and users and probably similar traffic.

It is very easy (relatively) to build a SaaS platform that serves this amount of traffic and this can be done by even a one determined individual or a small startup team.

I don't think it is useful to measure the size of the company in the amount of requests they are serving. Revenue/number of employees are much better measurements saying more about the type of things that are/can be happening. They may have relatively low margins per request and need to get to 4B to get by to pay for couple salaries?

>>IanCal+rd
No huge spikes at all, so not sure what triggered it.

>>tardis+(OP)
> when I got approached by Cloudflare sales team I explicitly asked if I can still be on pay as you go/self server model and reply was:

Never entirely trust what is said to you to secure/continue a sale, unless you have it written in a contract.

> … "Enterprise wise, that's up to you and you could likely get away with utilising self-serve as you go

… especially if what sales say to you is couched in vague works like “likely to get away with”.

>>Dowwie+Yc
No formal communication at all as mentioned before if Enterprise plan is a must for my account I'll sign up on it, just was told before it was not required - I'm not using or need any enterprise level features.

>>tardis+(OP)
I really curious about how this unfolds, I was planning to migrate from AWS Lambda to Cloudflare Workers. And we have LOTs of Json, and APIs. Why would they cancel paying Workers customers?

>>tardis+(OP)
Since "there is no such thing as bad publicity":

- Is that a good way to get cheap "influencers"?

- Are there companies helping you measuring the potential "outreach" of your customers in case you piss them off?

>>dspill+3e
Lesson learned!

>>vishal+7a
fly.io is pretty expensive compared to wholesale bandwidth rates. Especially for Europe.

>>herodo+T8
Around 12:00UTC today ban has been lifted for my account thanks to @jgrahamc - thanks!

>>tardis+(OP)
Around 12:00 UTC today ban has been lifted for my account thanks to @jgrahamc - thanks!

>>gambit+Pd
Is there a clause in the terms of service against it then?

>>tardis+P6
Seems like blackmail from the Cloudflare side. Waiting for a quote while having an outage doesn't give any negotiation possibility.

However, good luck. And hope your enterprise contract with Cloudflare will be limited only to amount of time you need to migrate from their platform.

>>jgraha+k
Can you clarify the terms an conditions about Cloudflare R2 please?

On the R2 page https://www.cloudflare.com/products/r2/ we see:

> No more egress charges. You shouldn’t have to pay to access your data. Pay no egress charges for data accessed from R2. Our affordable and consistent pricing means no more surprise bills.

Whereas I think the non-HTML traffic terms still apply to R2. Or do they?

>>kkielh+Oc
When they could just email me (jgc@cloudflare.com)

>>kkielh+Oc
sorry, I did HN post in desperate move so my service can be online again - did not try to blame anything on @jgrahamc - other than that incident I'm very happy with Cloudflare Workers, it's an awesome tech.

>>kkielh+Oc
we use cloudflare for their dns so not a complete change of arch. (this kind of lockin is precisely why I've stayed away from faas)

more importantly, its important to send a message. We depend on these services for our livelihood. if I'm paying for a service, the least I'm owed is the ability to get in touch with a person to rectify the situation as soon as possible. Companies who want other companies relaying on their service need to provide that if they want to be taken seriously.

EDIT: also, not to knock jgrahamc. appreciate that you're looking into this but one person on an email is not a scalable customer service solution for B2B. at the very minimum, there should be some sort of platform for filing the tickets, getting a timeframe on resolution as well as options to pay for faster turnaround.

>>jgraha+k
I really curious about how this unfolds, I was planning to migrate from `AWS Lambda` to `Cloudflare Workers` as a paying customer. I'm basicaly an API with lots of JSON.

Why Cloudflare cancel paying Workers customers? Makes no sense to me.

>>tardis+Ae
So HN to the rescue again. It's unfortunate (although the outcome is great for you!) that you have to go through the social media amplifier first.

>>tardis+qa
Not getting a warning scares me. I moved hosting large GB+ files from DO Spaces to R2 for the free egress and have served 1 petabyte in January alone saving thousands of dollars.

>>dspill+3e
> Never entirely trust what is said to you to secure/continue a sale, unless you have it written in a contract.

This time last week, Cloudflare shut off our access to one of their services we were using because we went over quota. Well, we had actually negotiated overage charges and did actually have this in our contract. They turned the service off anyway instead of applying the overage charges we had agreed.

This is one of many things that Cloudflare has totally screwed up. Their services and devex look great from the outside, but when we started to use it for real, we found that it’s all beta quality at best and completely disorganised at an operational level.

>>cultof+4f
If you’re using Cloudflare for DNS/registrar they have pass-through pricing. It’s a loss for them - you’re not paying for anything.

>>danuke+d8
Good things to keep in mind

>>tardis+(OP)
Cloudflare pricing is crazy rabbit hole. What are the triggers the need to migrate to Cloudflare enterprise? moreover is possible to just be pay-per use?

>>jgraha+1d
No matter how you took it, I want to say that there are others here who appreciate your presence.

>>kkielh+Of
Thats even more reason to switch to Route 53. I didn't choose cloudflare at the beginning but its clear its a bit of a liability here.

To put it in perspective, we had to send out apology emails to very irate customers when our system went down for 10 minutes in December.

edit: Route 53 not S3*

>>tardis+(OP)
Can someone explain to me why anyone would pay for this SaaS, and instead just use an api from all markets?

>>jgraha+Ve
Funny. That's what OP said:

> I would fully understand that I am required to upgrade, but why not sending me an email before shutting down my business completely?

>>jgraha+Ve
The fact that stuff needs to be raised at all is the problem.

Clearly something has gone wrong if customers get treated this way.

>>ddoria+O7
> Why didn't you use the load-balancer service?

Speaking from experience, if you only need rudimentary L7 load balancing, then Cloudflare Workers is as good as it gets.

> How much are you paying for the workers/month?

Per my estimate, probably between $600 to $2000 for Workers: https://news.ycombinator.com/item?id=34639930

>>twawaa+Rd
Are you doing RAM-aaS or something?

Must be alot of redundant data back and forth.

>>jgraha+1d
Wow this is the worst take about customer service I have ever seen by a company. You cause huge issues for business with the touch of a button, and when they require help and don’t think the cause was acceptable behavior, they’re whining? Just wow.

>>lolcro+La
Cloudflare is not used at all for data collection (it's not scraping, it's using official exchanges APIs), only for the APIs that serve historical data.

>>wewxjf+Kc
HN has an official API, no scraping needed.

>>undefi+2h
I've removed the word "whining" but to be clear I was not talking about the person who posted on HN that they had a problem. I immediately jumped on their problem when I saw it and I've ended up spending almost all morning on it. I took the long threads personally and should not have done.

>>rafael+je
If you're looking eagerly to replace human support with searches of someone from CF on HN to help... why not.

>>cultof+rg
You use Cloudflare for DNS but are moving over to S3 to replace Cloudflare?

Do you not mean Route 53, AWS’s DNS product?

>>fragme+0c
The OP got saved in the wayback, I edited my earlier post with the link.

>>cultof+4f
Totally agree they should have provided a warning. Any Saas (and really would apply to social media, web mail, etc) should clearly warn before taking drastic action if possible. But I don’t see how you’d have dns without vendor lockin. It’s not like moving dns to godaddy would be better. Route53 is nice, but aws is also a vendor lots of people are locked to

Similar for ddos protection- you almost have to use somebody.

>>jgraha+Ve
Dear John, I absolutely love and admire Cloudflare’s services as a customer (and recent investor), but please please get stuff like this sorted as it will absolute ruin Cloudflare’s reputation in the long run. I beg you!

>>tebber+dj
Believe me that this is what I'm doing. I'm really disappointed this customer got into this state and I'm working internally to figure out why it did.

>>gnu8+xa
Sure there is a way. In fact, there are many ways. CAC/ conversion ratio would give you the value of a quality lead.

>>ignora+Rg
> Speaking from experience, if you only need rudimentary L7 load balancing, then Cloudflare Workers is as good as it gets.

What would you do in Workers that you couldn't do with Load Balancing? LB handles origin health, can do traffic steering, session affinity etc included. With Workers, you'd need to take care of all that.

I see a point if the Workers do some lifting / caching / transforming etc before passing on the requests, but as a simple load balancer, the actual Load Balancing service seems a better fit.

>>tardis+(OP)
Glad to hear this got resolved. Heads-up that your name may be infringing on a US trademark held by the BBC.

>>RektBo+wg
APIs from Exchanges return the current state of the market, and this SaaS captures and stores this market data. Imagine you want to enter a new market or instrument/symbol for which you never recorded market data yourself. You can buy historical data from this SaaS to train your models and backtest your strategy.

>>MrGilb+hf
Personally I maintain my opinion that problems getting fixed by HN are a bigger red flag than problems not getting fixed at all. The HN reader Upper Management Person either thinks putting out fires before they become higher profile failures is a cheaper way of avoiding bad press than instituting actual good policies with regards to not fucking over their customers, or they want to implement those policies but are not competent to do so.

"Send me your details and I'll fix it" = incompetent or asshole

"Don't send me your details, I've fixed the problem for you and everyone else with the same issue" = green flag

>>jgraha+h8
Damned if you do, damned if you don't.

>>JimDab+Df
What was the cost of the overages charges?

>>runako+Tj
Trademarks are for specific categories of goods/services. The trademark is for:

  - Audiovisual media
  - Books
  - Clothing
  - Toys
  - Entertainment events

>>causi+uk
Well OP chose to use Cloudfare and stay on it. It's his choice.

>>JimDab+Df
Did you resolve it? If so, did you have to use their HN customer support or did they have a phone number?

>>danuke+d8
Wow that's a whole lot of ire, rivalling some other large tech firms. Definitely worth investigating. I consider Cloudflare to be an annoyance generally but I hadn't put it in context to what they ultimately have control over.

>>superm+0m
The USPTO record for this trademark includes several more categories:

https://tmsearch.uspto.gov/bin/showfield?f=doc&state=4803:lq...

In particular, if I ran this business, I would be concerned that I was infringing on this part of the trademark:

"( computer software for use in downloading audio, video, still and moving images and data in compressed and uncompressed form from a computer or communication network; )) [ computer software for use in database management; downloadable electronic publications, namely, magazines, books, newsletters, pamphlets, printed guides, catalogues, manuals and programs featuring entertainment, instruction, education, sport and news; ] "

That said, IANAL and specifically IANAIPL so as I said just a heads-up.

>>causi+uk
They may need the user's details to look into it and determine if it's an actual issue. When they have done that, it makes sense to fix it for that user at the same time. They should definitely come back and tell us that they have fixed it and why it happened as soon as possible afterwards, but I would understand if it takes a few weeks given normal levels of corporate bureaucracy.

That said, it's bad that this happened in the first place, and it makes me a little anxious about using Cloudflare's services.

>>nickcw+Se
The supplemental terms about the developer platform apply to R2 (https://www.cloudflare.com/supplemental-terms/#cloudflare-de...). Same goes for Workers itself (the Cache api within Workers is also covered under these vs the non-HTML content restriction applies to the normal CDN path).

>>undefi+2h
Those are the people in control of like half the internet traffic in the world.

Let that sink in.

>>causi+uk
> "Don't send me your details, I've fixed the problem for you and everyone else with the same issue" = green flag

While I agree with the sentiment, fixing it in this way for any org of the CF-like scale will take days or weeks (because of peer reviews, compliance etc.). Fixing it fast by adding exception in some control panel is probably fine.

What's alarming is that the escalation process didn't really change for all the time I'm using Cloudflare as a customer (8 yrs now?) and watching jgrahamc's involvement. The fact he has a bat signal trained on the HN is a major red flag.

>>rightb+Tg
I said nothing about the application and you already know everything about it.

Seems like I spent quarter of century in this business for naught.

>>tardis+Ae
It would be interesting to see what caused the ban and what will be done by Cloudflare to prevent this from happening in the future. It is good that your issue got solved but I hope others that don't know about HN can also benefit from a more structural fix.

>>Ethery+Za
It’s an acceptable form of support as long as it’s reliable.

>>tardis+(OP)
I stopped paying for cloudflare after their support team was unable to debug why one of my rewrite conditions wasn't working. I provided them full details like for kindergarden, but they replied after days saying it's working on their end, lol. I deeply respect the cloudflare tech and the dev team, but support sucks and i don't trust cloudflare anymore. I won't pay even a single cent, even if they would have stellar support from now on. After reading all these cloudflare stories lately, and knowing how they treated me, i don't care about them anymore. Someone should write a "you probably dont need cloudflare" article. I'm disgusted by these kind of companies that grow large and they stop caring for the people who were there with them from day 1.

>>danuke+d8
All of that is well known surely, it's still the site owners choice, including whether to block tor traffic which is often the source of these issues.

>>JimDab+Df
That sounds more or less the same as everything AWS produces.

>>cultof+47
This is the height of knee-jerk reactions, worse still it's largely pointless. Unless you're big enough to negotiate a specific contract with a cloud provider you're always going to be at the mercy of their catch-all policy.

The only way to actually be protected in this case is to run a multi-cloud strategy. Even then it's only going to protect you so far if you piss off the powers-that-be / community (see the hosting trouble Parler had as an example, not that I'm fond of Parler or anything).

>>MrGilb+hf
Perhaps there should be a site with metrics on which services only provide social media outrage mediated support.

>>tardis+ye
So you got a 12 hour outage over... Some random automated system kicking you off their platform for serving non-HTML in requests, which they demonstrate doing in their documentation?

Truly amazing.

>>jgraha+Ve
Had similar issue in recent past, and was able to get it solved via the Discord channel. From what I understood is that it requires a manual over-ride on R2/ Workers because the thing that checks for the 2.8 TOS violation is not able to see the difference between Workers/ R2 and the standard CDN service.

If you go to the R2 Discord channel you see this happening every other week.

What is also kinda annoying is customers can't create support tickets because it requires a plan. Which imo is bad given these customers pay for R2 and often have a ton of data on it (which is why the 2.8 gets hit...).

Hopefully you can get this fixed permanently (for all customers at once, and not case-by-case).

>>causi+uk
It's very common that you need someone's details to fix their situation right away, and avoiding similar situations in the future will take relatively slow engineering and policy changes. Additionally, details about a particular person's case can be helpful in understanding how exactly your process went wrong. Asking for details is not a red flag to me at all.

>>tardis+(OP)
Was your account disabled including the DNS?

>>MrGilb+hf
On the other hand, any company should consider as soon as financially possible to get paid support and a TAM (technical account manager) from their main infrastructure/service provider… most things can be managed and escalated through such people.

>>tardis+qa
I think what you're showing here is the safety net that protects them if they make some missteps trying to execute what's covered by other policies. But it seems like the heart of your cancellation is the interpretation of 2.8, i.e. them deciding (probably in an automated way) that the stuff you were serving via API (significant volumes of trading data, I'd gather) does not qualify as web content.

It's definitely an unfriendly combo to have (a) a really ambiguous policy like 2.8 and (b) enforcing via a no-warning cutoff -- even if the two policies have good justifications individually. But I wouldn't jump to the conclusion that part (b) is part of the sales strategy. (Part (a) obviously is meant to incentivize a paid account for applications like yours.)

>>Dowwie+Yc
So them just banning the customers service with no explanation until they raise a stink here is okay?

>>jgraha+aa
he's constantly thankful for ur help despite 12 hours downtime

>>kkielh+Oc
If your arch has a single point of a failure its probably wise to remove it

>>vishal+7a
This is the big issue. There is always tension in these “free” setups.

I get more worried when the giveaways / marketing is VC funded - they often end at some point or pressure inside to dial back etc.

“We have free egress to Oceania!” - no, you don’t. You are subsidizing that.

Given what aws charges and how they charge for almost everything- no reason to be any pressure to move me to another plan. AWS free tiers are relatively minuscule

>>Wowfun+P9
People like jgrahamc are the people who care and are embarrassed their company provides such unreliable service. I just wish the people in charge of these companies felt the same responsibility and embarrassment.

>>badcpp+y7
Haha - this. Or next quarter etc

>>tardis+(OP)
OP, you have garnered a lot of sympathy by the HN community which I believe in part contributed to your problem being resolved. I think it would be fair to provide more info about what the issue was in the end. It's not OK to be like "HN I had a bad experience with Company X" and then be like "k, thx @jgrahamc, bye" when your complaint gets resolved due to the attention it received.

There are so many questions this leaves unanswered:

- Was this a one-off error in Cloudflare's processes? (These things happen on a big enough scale.)

- Were you violating a specific clause of Cloudflare's T&C? How clear was the clause? What did you do to fix this?

- Was the issue that Cloudflare estimated that you're not paying enough given the bandwidth you're consuming? Did you end up signing up for the Enterprise plan?

Transparency would benefit both Cloudflare (in not making people unnecessarily apprehensive about becoming/remaining a customer) and you (in demonstrating that you're handling this issue in a professional and responsible manner).

>>jgraha+1d
It's pretty amazing to me that even after seeing a response from a real human being, people continue to dog pile.

To those continuing to foam at the mouth: what would be the ideal outcome? Cloudflare closing up shop entirely after this? The whole "this shouldn't have happened in the first place" mentality is completely unproductive.

>>mcv+Qv
jgrahamc is the CTO of Cloudflare.

>>rightb+Tg
I've worked with several EMR (Electronic Medical Record) systems that communicate an absolute metric shit-ton of redundant data for no reason other than just because and bad programming habits. Banking and Healthcare thrive in redundant redundancy.

>>plesiv+Sw
Would be nice if any parties which end up “using” HN to solve their customer service issues were somehow obligated to provide the community with a candid postmortem.

That would be the right way to give back for customers using us as an amplifier and for corporations relying on us to be a shibboleth (a prefilter so providers know that this is a true issue unsolvable through existing support channels they have established for customers).

Sharing these learnings with other potential founders would also be in line with the raison d’etre of HN. It would provide other founders with lessons they can takeaway and apply to their future startups to maybe do a few of these things right the first time around.

For both sides, HN is “picking up slack” in the system and it would be right to support the community with candid postmortems.

>>thejos+uu
It's not clear that was the issue at hand, and is why I literally just asked about communication

>>vertis+wq
If the redundancy is already in place to not fully rely on cloudflare's product (whatever it is, DNS, R2, etc) the it's not a kneejerk reaction.

It's an "I don't want to wake up to all our stuff running only on the backup provider because cloudflare shut us down for seemingly no reason with no warning".

It's avoiding unnecessary alerts and triage for the ops team by snipping an apparent liability from the stack. I've already done the same after seeing a few of these kinds of interactions with cloudflare in the R2 discord.

When I see a blog post detailing why this has been happening so often, and what they've done to fix it, I'll happily pull that infra code out of the mothballs.

>>tardis+Ae
Hey tardis_thad, can you please do a detailed post mortem on this?

>>resoni+0x
>To those continuing to foam at the mouth: what would be the ideal outcome?

Cloudflare changing their TOS from

>Cloudflare may, with or without notice to you and without liability of any kind, temporarily limit your storage and/or the number of requests you can make or receive using the Developer Platform for any reason (in its sole reasonable discretion), including without limitation

to something that does not allow them to do so on a whim, or with requiring upfront notice.

>>tardis+(OP)
From an earlier comment I made regarding Stripe shutting merchants down, and those merchants resorting to posting on HN and getting someone on HN to advocate for them to resolve their problem [0]:

"The main issue is not that [COMPANY] is working hard to protect itself and its customers, but that customers feel very powerless in these situations. When it takes a massive effort to get attention, especially if you're small and powerless, you feel that you have no control, and that your issues will go unanswered. What can the average, powerless customer who doesn't have the weight of social media, HN, @dang, or others on their side do when their hard-earned money or business is being held, locked, or otherwise prevented, and when the cause is not fraudulent, or if the customer is unaware of that activity? The problem is that accounts are just shut down, moneys are held, and there's no quick or clear communication, with customer support simply saying it's not in their control. It's this feeling of powerlessness that's the issue, regardless of whether or not [COMPANY] is in its rights or doing what it feels is in its and its customers best interests.

What can you do to help empower the powerless customers when their livelihoods are at stake? Can you provide some way to not instantly assume fraud or malicious intent on behalf of the customer and provide some quick and direct way for the customer to feel empowered?"

Having to resort to HN to get major problems resolved that are major customer service and potential legal / liability issues causes me a lot of stress when I realize that I have don't have nearly the same sort of power or influence as some of the others here do on HN. I worry that my complaints would simply go ignored.

@jgrahamc would love you to comment on what we can do to avoid people having to resort to HN for a solution to these problems, which favors the well-connected and squeaky wheels and disfavors everyone else.

[0] https://news.ycombinator.com/item?id=34274456

>>Malp+Ex
I did not know that. That certainly changes things.

I don't know how many people work at Cloudflare, but I'd imagine it's more efficient to have a working customer support system than to have the CTO personally handle every problem.

>>plesiv+Sw
oh it is 100% entirely OK to share that you got screwed by a company .. this crap happens all the time.. companies like this get away with ZERO shits give about customer support all the time.. it is insane..

>>jgraha+Ve
The fact that you just post your e-mail address and invite your (likely many) customers here to reach out to you would probably surprise me from another company.

I've been doing this long enough that just about every major vendor I've worked with has had (and taken) the opportunity to disappoint me with some unreasonable decision/change and even an occasional (unwarranted) account suspension. I think I've convinced every customer I've worked with to purchase a Cloudflare subscription. I've worked with support once and I've worked with someone handling the beta testing for Warp (a Romanian gentleman -- he called me and shipped me a T-Shirt).

The two people I talked with didn't have to tell me they enjoyed their job. You could hear it in their voice. The guy I talked to about Warp was as far from a salesperson as someone could be, yet he couldn't help explain some of the details about how interesting of a product Warp is.

I can't count how many times I've pointed people at the Cloudflare blog to learn about "how all of the stuff between your code and the user's browser 'works'". I remember reading a post several years ago thinking "they're basically explaining how they achieved a major competitive advantage well enough for a competitor to duplicate." I didn't think that it was a bad idea to do so -- realistically, it didn't represent a loss of IP -- I'm just surprised so much energy/time would be spent writing highly technical posts that sometimes "give away secret recipes" in a sense. It's wonderful from where I sit.

I expect the HN crowd will recognize that people who have a problem/issue/incident with a company/product are a "flobbity-jillion" times more likely to write a post (and have it hit the front page) than a guy like me who's had 30-ish opportunities to integrate your products into things I've written and have been delighted every time.

>>worldo+se
Their bandwidth pricing is competing with AWS, not wholesale bandwidth rates.

>>tardis+(OP)
While I agree HN shouldn't be used as a way to get direct customer support, I don't think it's fair to grab and point our pitchforks to @jgrahamc over a one sided story. There's not nearly enough information from both sides to create fair judgement (these things happen, unfortunately, at larger scale with automated processes). What matters is the afterthought and actions taken of what's going to prevent a similar situation in the future (which I'd love to read from both OP and @jgrahamc if possible). HN is my go to stop for well formulated opinions written by people way smarter than me and I think we dropped the ball here, HN can do better. That said, happy that your issue got resolved OP and goodluck with your project!

>>tardis+(OP)
The comments here have mainly focused on the issue of instant suspension - which is obviously deeply concerning - but I also feel like there is a huge issue at Cloudflare regarding their Enterprise pricing model.

Cloudflare's sales team and Enterprise pricing model are one of the least effective sales organisations I have encountered in this space. Given the technical nature of their product, it's extremely hard to explain even basic uses of the tool and things like Workers are near impossible to discuss with them. I was really unsurprised to see that OP had a failed Enterprise negotiation with them as I have had the exact same conversation at three different companies now and can imagine perfectly what you were told.

The current offerings of Enterprise and Enterprise Lite simply do not map to the reality of how people use the tool and scale businesses on top of it. I think in part due to Cloudflare's history essentially selling bandwidth and caching, the model is fixated on high binary traffic workloads and simply cannot comprehend the SaaS service model that runs on it and tools like Workers.

This is mostly a rant and hopefully a small +1 signal that this area needs major improvement - but I would also love to hear if anyone else has had interactions with Cloudflare Enterprise and how they found that process?

(Disclaimer: I'm a massive fan of Cloudflare, a user of their products and hold their stock)

>>herodo+T8
The correlation between between being contacted by Cloudflare sales and the throttling should serve as a warning for other customers.

>>plesiv+Sw
I'd be happy to provide more info but I have none. First I communicated with support which told me that my account was restricted most likely due to 2.8 clause violation (non html content) and suggested to contact with sales which I immediately did.

Sales over the phone (was fastest) told me that it's good I contacted as otherwise in 24hours my account would be fully banned(whatever it means) and that they will prepare me an offer in 15 minutes, but it was taking longer (no response after an hour or so) and in the meanwhile I wrote Twitter and HN post which CTO of Cloudflare noticed and then after a while I've got another phone call from sales that I should update my ticket to ask unbanning my account as it was approved now by CTO which I did and that solved the issue at least for now - and that's it - no further info what the issue was, still waiting on Enterprise plan quote for me.

>>runako+1o
Its for the media. i.e. it would need to be a downloadable piece of software that you run. SaaS is a different category entirely.

Also, regardless of trademark registration, its legally only trademark infringement if it is likely to cause confusion, deception, or mistake about the source of the goods and/or services.

I doubt anyone is going to confuse a fictional time-ship (or related paraphernalia) with a SaaS providing crypto pricing (or whatever it is they do), or believe that they are made by the same organization.

But I suppose people do litigate this stuff (or threaten to...), regardless of the spirit and letter of the law.

>>plesiv+Sw
Cloudflare is really transparant about things ( eg. outages).

Reality is that Cloudflare serves 60% of the internet and this issue popped up. They are checking it internally what happened, as I understand from jgrahamc.

>>ignora+S9
This, my system architect friends, is the proper response.

Do NOT put all your eggs in 1 basket. Build redundancies and failovers so no 1 vendor can shutdown your business.

>>jgraha+Ve
I have a question that I couldn't find on the help docs: I got several domains on the early bird Pro price. Do you plan to discontinue the Early Bird pricing this year with the pricing increase?

>>byteof+UB
I'm also a massive fan of Cloudflare in general, love their Workers and related products, just that one aspect of account suspension without warning could be improved a little bit :)

>>eganis+jz
I don't know anything more just yet, just that my account was unbanned.

>>dezb+tA
Not that this is true in this case, but a large number of HN support thread creators are very cagey about the nature of their business. I suspect a lot of the time they know they broke the ToS and are hoping that HN will get the pitchforks out to help them get their way regardless.

Again, that doesn't seem to apply here, but I've stopped assuming that the existence of an HN support thread by itself shows malfeasance or incompetence on the part of the company.

>>iamacy+Kg
Before piling on too much more, here ...

... Cloudflare has a lot of customers[0]. They have to balance the cost of providing (a lot of) human support against the cost they can reasonably charge for their products. It's a balancing act, and one that has worked out well for me, personally. It sounds like this issue is happening related to R2, which is quite new.

You're not likely to see a post hit the front page with the title "I've integrated Cloudflare's products with 30 or so customers and never had an issue" (or even be written). But experience an issue this large and you're going to do everything -- make calls, post things to social media, reach out on HN where you know the CTO is an active participant -- and a lot of those are going to get attention from the small percentage of customers who felt wronged by CF but hadn't spoken up.

It's a crappy situation because it gives the impression that things are a mess when -- I'm willing to bet -- it's something along the lines of a problem in a quota checker and a failure of internal process to escalate the problem appropriately. That happens at every big company in various places all the time.

Really, the only major difference here is that unlike every other big company, their CTO actively watches Hacker News. When a problem pops up, he willingly chooses to be Customer Service and from the sounds of it, that escalation to address "problems like this" is now happening. There's going to be gaps like this at every company. When I worked at "BigCo", if something like this hit the front page of HN, you could expect a mess of people to have their phones ring. Work would be done to respond to the customer (variations on "acknowledge/minimize/suppress" communications -- on official company hosts). Staff would be forbidden from interacting in the ongoing discussion. The CTO might have had to have explained to him how to get to the web site containing the complaint.

[0] I don't work for them; I'm just a happy customer so everything here is my view from the outside.

>>tardis+P6
Your biggest mistake is building a service that depends on a single vendor. Where's your redundancy? Where's your failover?

Creating a HN post is not a proper failover strategy.

All vendors do crap like this. They often have automated systems that sometimes make mistakes. It's your responsibility to build a system that takes these failure points as a reality and build working redundancies and failovers to keep your service online while you sort them out.

>>Roark6+f2
The lesson here isn't that you can or cannot trust Cloudflare.

You can't trust any vendor. Build your system with redundancies and failovers so no 1 vendor can take your system offline.

>>byteof+UB
> Cloudflare's sales team and Enterprise pricing model are one of the least effective sales organisations I have encountered in this space.

I have seen this everywhere. Any large software company seems to operate with 2 completely different heads when it comes to technical sales support.

The "best" experience I've had was with GitHub Enterprise sales, but mostly because they just gave me access to the docs/binaries without much frustration. If I had a bunch of questions about the technology vs cost vs how we actually want use their product, it would have been a substantial nightmare.

>>mdip+1G
I wouldn't say it indicates there's a mess, just that there's clearly some sort of broken process somewhere.

1. The customer is deplatformed without any notice

2. Customer support is failing to act on a false positive in a prompt manner and the customer has no recourse but to kick up a stink publicly

Both of those are fixable problems and I agree that it's generally a positive to see a company's CTO act in so public a manner. That doesn't mean they shouldn't try to improve things from an internal process perspective though.

>>vishal+7a
My perspective looking at them and other options for a bandwidth-heavy, largely non-HTML load a couple years ago:

1) All but the top self-serve plan ($200 at the time) wasn't worth anything for a business past the "finding a market" stage. No SLA at all under that level (at least, at the time)

2) The $200 plan, though, is actually a hell of a bargain. You get a lot for it. If your load is almost all HTML/CSS/JS and some light-ish worker use. And (allegedly, see #5) your bandwidth use isn't crazy high.

3) They basically don't care about serving any need between the top self-serve plan and a ~$5,000-to-start Enterprise plan. If you don't fit in the top self-serve but are under that level...

4) Surprisingly, given their reputation at the lower levels of service, in the Enterprise tier, they weren't competitive on bandwidth. If the main thing you need to do is sling bits, you can do that quite a bit cheaper elsewhere. Overall, they seem to want customers who need lots of their services, not just any one component. If you don't need their various corporate VPN type products and a bunch of other stuff, they're a bad fit.

5) We were told by a competitor that OP's experience is common and is often perceived by customers (their perception, mind you) as a bait and switch (see also: that huge gap between self-service and enterprise, in which they offer no options). Now, the competitor has some self-interest there, but even the non-sales guys on the call instantly kinda smirked and shook their heads when I mentioned CloudFlare.

6) We were told incorrect things by CloudFlare's sales folks. If we'd followed their advice, we might be OP.

>>tardis+uC
Hilarious you got sales to call you back. I had to ping their CTO after multiple attempts to have sales work with me failed. He finally got them to give me a demo of their zero trust solution. No one ever followed up with me again though. It’s like they don’t want to sell an enterprise (tens of thousands of dollars a year) subscription…

The only sales guy who called me back before the CTO got involved was Kingsley Okoroh out of their UK office. I’m in the states. He even had no idea why no one in the states would call me. Anyway, Kingsley tried hard to help, Kingsley should be their head of sales since no one else cares.

>>tardis+(OP)
Just imagine how many people that this happens to who don't know enough to post online on a forum that lots of people read.

For the CloudFlare people here, this is an upsell opportunity that's being missed. The whole point of the cheap plan is to hook people so they move up. But if you cut them off you can't move them up, duh. You need to rework the sales pipeline for this scenario, obviously.

>>tardis+(OP)
Cloudflare has gotten incredibly bad lately. If you don't want to offer your services to someone that's fine but you should at least do the bare minimum and reach out before completely terminating a vital piece of infrastructure they rely on.

>>lolind+OF
Why "doesn't it seem to apply" that a blockchain scraping/data aggregation firm would be cagey about the nature of their business? I can't think of shakier grounds for a business to rest on, in two different dimensions (https://news.ycombinator.com/item?id=34639879). (Reliance on customers not being sophisticated enough to set up API integrations themselves, reliance on blockchain as a failing segment of the market). Obviously it's not necessarily against Cloudflare's TOS to be a precarious business, but generally when a business' foundation is sketchy than it's more likely that more of the interactions they have with others are going to be sketchy.

>>tardis+uC
"most likely due to" 2.8 clause violation? So Support wasn't able to say conclusively why your account was restricted?

>>tardis+(OP)
Oh my, 2.8 is "great". Time to reread the service terms. And it is in the times of API-s (and 20 years since ajax). Otherwise, this means that we can use workers for some stuff but need to use another provider for other stuff. Complexity overload, would rather use one provider, unless there are some great savings to move stuff to workers (that could cover the development complexity).

>>tardis+(OP)
> Small SaaS > 4 billions requests & 1PB of data per month

Pick one!

>>tardis+(OP)
My experience with the Cloudflare sales team is they were woefully disconnected from any ability to make good on their promises, and that it didn’t matter to them at all. It was a strange narcissism -bit wasn’t that they were deliberately lying, it was as if the notion of truth and lies didn’t matter. That if they kept blabbering assumed that they’d get the sale.

In general you can’t trust salespeople and need to get everything in writing. Cloudflare is a prime example of why.

And I’d add in my case because we were keeping track of their promises, we caught them before the sales process completed. It cost them seven figures a year. But maybe it doesn’t matter - their sales approach still has them worth $20 billion.

>>jgraha+vj
Worrying part is the account could get banned. Could you reply here if that’s true? Would that take down dns/registrar etc functionality? Google does this and people would move to cloudflare thinking you wouldn’t do this account ban but nowhere is it stated.

>>superm+8D
As you sound like an IP lawyer, I will defer. But would still suggest the OP get a written opinion for his specific case from his own IP lawyer.

>>tardis+(OP)
Wow very interesting product, what’s your GTM strategy

>>tiew9V+Od
> Sounds like OP has spoken with cloudflare previously about their usage/cloudflare services, likely looking to upgrade by the sounds of it but sales maybe gave the impression OP was ok on current level of service.

They've done this to me, too—I read the TOS and tech docs and plan details and ignored them, because according to their own stuff, they were wrong, and "first-tier sales guy said it" isn't a helpful recourse if you get told to leave (so, migration costs) or pay $$$$ because you're violating their documented permitted usage.

Hilariously, they also seemed really confused when I brought up a gaming use-case that they had an entire sales landing page for.

(Nb I actually like, use, and would recommend CloudFlare for some workloads and use-cases)

>>dezb+tA
Unfortunately the norm in our industry, can't have "Cloud" margins without sacrificing something.

>>nightp+CN
Unfortunately this is the norm when ML algorithms are at the wheel. Nobody can conclusively tell why an AI restricted an account; they can only guess.

I don't know if this is the case for CF but it seems to be for other businesses.

>>zapt02+MP
> 4 Billion requests

> 1 PB of data

That’s not small for me but might be small to OP relatively speaking.

>>tardis+(OP)
I've been interested in using Cloudflare Workers as the backend for an application. I don't care about caching or anything like that, but, can I serve exclusively non-html content from my Cloudflare Workers? Or is that a violation of their ToS?

I would have never honestly considered serving _html_ from a Worker. I hope we can get an extremely clear statement from Cloudflare on what their policy is.

>>godzil+sK
I've had only limited interaction with their sales people, but find it interesting they weren't on-the-ball trying to sell an account that valuable, either—we were more toward the bottom end of their enterprise range, so I'd just assumed we were too small-potatoes for them, but those were by far the least-hungry sales people I've ever interacted with. It was like I was bothering them. LOL. Also some of them seemed to know very little about their offerings, market segments, et c., which was weird.

[EDIT] Oh, tens of K $ per year, not month. Yeah, that'd have been us, too. Mid tens of K $ per year.

>>ajdude+FU
So the takeaway is “use cloudflare and pray to the ML Gods that things won’t go south?”. Doesn’t sound reassuring. Funnily, in all fields were AI and ML has been involved the QoS has degraded. Like these technologies used to be a marketing trick (we use AI) these days poor QoS is reason to find corps that do not.

>>IanCal+rd
Unless you saw a huge spike I feel like not letting you know before is totally unacceptable

I agree... sort of? I mean, this is Cloudflare, right? It isn't as if a huge, legit traffic spike should tax their infra.

IMO, there should be zero shutdown for any long term client, for any reason, at all, ever, without an form of contact.

So weird to have stable uptimes, then support saying "we sorta think you were blocked because..."

So, even account info, with a valid "block" reason, isn't available to their own staff. EG, even their own staff aren't notified?!?

This is sales 101. Mega-simple stuff.

"Hi! You are doing bad thing X, and it needs to change, but we can fix that right now! Let me help you..."

>>webstr+KU
You can serve non-HTML content from Workers. This is explicitly called out in the supplemental terms for the Developer Platform here:

https://www.cloudflare.com/supplemental-terms/

(I'm the lead engineer on Workers. I don't know what happened to OP, though; I'm not personally looped into that conversation.)

>>nightp+CN
Rep probably rolled their eyes, said "that's why 99% of the accounts get turned off", and sighed.

>>zapt02+MP
Small in a sense it's only me running it and relatively low customers number (~400). So in that sense small applies?

>>nightp+mN
Is Zapier untrustworthy? ITTT? Microsoft with Flow?

It’s absurd to think that somehow, just because someone works on tools that help people do things without code, that they’re somehow untrustworthy because of targeting “customers not sophisticated enough”. That’s insulting to both the service and their customers.

>>yamtad+7W
I agree. I contacted Cloudflare sales for a small order of just a 100k or so per year, and they totally ghosted me after my first round of questions. No quote, no contact, nada.

I gave up and went to Fastly.

You may say my order was too tiny but even Akamai gave a response; they just didn’t have any turn key product that suited my needs.

>>slig+ZE
Money is not free, the cost of money has gone up considerably in the past 6 months. I haven't seen any indications that money will be cheaper anytime soon.

All "VC funded" "free tier" and the like will be put on the back-burner. If you know anyone with a small datacenter and a decent peering agreement (3 lines of at least gbit) now would be the time to kick money their way, and tell everyone else to.

It was tough times for small companies these past several years. Imagine trying to compete with netflix when their price was "all you (and everyone you know) can eat MP4s for $8". I actually cancelled my netflix subscription as we weren't using it anymore and the price was creeping up faster than siriusXM subscriptions.

I know this is edgelord to post on a VC forum, but I haven't seen any indication i am wrong yet. Big news is 80,000-120,000 tech workers being laid off by the big 10, but what about all of the layoffs at smaller companies that are VC funded? What's that number look like?

>>vb-844+r9
I disagree. The other one was a clear case of someone knowingly breaking the TOS (same non-HTML content but in that case they were hosting a service which almost exclusively returns non-HTML content). The OP even admitted in the comments that they knew very well they were breaking the TOS but wanted some notice.

I don’t really feel any sympathy for that poster. They knowingly broke the rules, they had to have known that CF could come and shut them down at any time, and they still went ahead and threw the pity party knowing that they are pretty much entirely in the wrong. It’s very much a “play dumb games, win dumb prizes”.

Would it be nice for CF to give a heads up? Sure. But I don’t think it’s required, and especially not in an egregious case like that one.

>>danuke+d8
that site needs an editor. Like a human editor, so that everything is consistent looking.

And whatever happened to ngate?

>>tardis+(OP)
This is very worrying.

I use Workers to cache and stream audio. I was under the impression Workers were under a different TOS since the business model is totally different and paid per req.

>>mathat+WP
20 billion in exchange for control of 10% of global traffic and 30% of US traffic seems awful low.

>>myname+Y11
See https://news.ycombinator.com/item?id=34642984 I wasn't breaking the ToS at least not 2.8 (non html content) - my point was that I can understand I'm heavy user of the Workers and built-in pricing may not be economically feasible for CF to serve me hence push to Enterprise plan - I get it, just wish it was communicated to me clearly and beforehand my site went down.

>>majest+nq
just make your own CDN by installing an old raspberry pi on the network of every house you visit. Simple!

>>disman+b01
exact same experience here.

>>tardis+v41
Specifically was talking about the GP comment’s link to the other post, where they very explicitly and knowingly went against the non-HTML clause. They were running some sort of image SaaS product where the vast majority of their (non-Worker) usage was images.

I think that case is different than this one because it was very obvious that it was against the rules, to the point where even the OP of that post came in to say that yes, they knowingly violated the TOS but would have appreciated a heads up.

The comment I was referring to: https://news.ycombinator.com/item?id=34235749

Sorry for the confusion, I tried to separate using “this post” and “that post” but I’m sure I slipped up somewhere there.

>>Traube+Xo
10% globally and 30% of US traffic. Probably. Google has more aggregate users and traffic, and they're also world renowned for not having any customer service short of "blowing up on twitter" or getting lucky here on HN.

>>jgraha+vj
This happens all the time though. Your business and processes are fundamentally broken.

And all you do is pop up on HN anytime someone complains, that's enough of a red flag to avoid your business completely and actively keep all my clients away from you.

>>disman+b01
Yeah, CloudFlare was unique among the companies in this space that we contacted. The others' sales folks all gave way more shits, even at fairly big companies where I'm certain we wouldn't be a notably-large account. They were also by far the least-interested in tailoring their plan. "Oh you don't want to pay for this giant pile of stuff you don't need? Hm. Well. Too bad." Seemed like they wanted all-or-nothing, for enterprise plans, which leaves a big gap in their offerings between the top self-serve and the bottom end of enterprise—seems like a pretty major gap in their funnel, letting all those accounts just leave if they exceed self-serve but can't justify the very-expensive minimum enterprise plan, but I guess it's working for them?

>>bob102+2J
I've had the exact opposite experience with GitHub enterprise sales. It took 3 months to get them to add a new user block to our existing sub. Sometimes I think it's amazing they're able to even generate revenue as poor as that experience was. It's a shame we like the product (mostly) so much...

>>jgraha+k
Will you come back and tell us what happened here?

>>philli+u9
"Shady shit", aka nothing illegal. If it was illegal, there'd be police, not account closure.

>>byteof+UB
I've been in a sales call with a German CF representative, and it just seemed to be a third party being excited about the features using the demo account half for their hobby and half for demonstrations with almost every feature set up and demoable. They even hosted their own toy AS on Cloudflare Magic Transit.

It was pretty novel and refreshing.

>>lolcro+La
Aren't all users or CloudFlare doing [ACTIVITY] to resell something for profit?

What planet are you on?

>>godzil+sK
Why would I chase 10 of thousands of dollars a year when I can chase hundred of thousands or millions of dollars? You didn't talk to an actual salesperson, you spoke to a BDR. A BDR quantifies leads and determines if your spend is worth the time. If you didn't get a call back it's because the BDR identified you as small time. I'm not trying to be rude, just pointing out how many sales teams tend to work.

>>asmor+wd1
This is really interesting - all my interactions have been with people in the London office and were not like this.

Perhaps it varies by region?

>>jgraha+Ve
There's a number of users in this thread who describe being "ghosted" by your sales team, including for tens of thousands of dollars per year subscriptions. It seems like the email responsiveness you're personally offering does not match with what some people experience from Cloudflare in general, so I'm not surprised people wouldn't think to email you and expect a response.

>>tardis+uC
> I should update my ticket to ask unbanning my account

That is a very broken process! Ask the user to change the ticket, so they can do something that they already know is approved? Sales department sounds like a disaster.

>>rexree+Kz
> What can you do to help empower the powerless customers when their livelihoods are at stake? Can you provide some way to not instantly assume fraud or malicious intent on behalf of the customer and provide some quick and direct way for the customer to feel empowered?"

Legislation and regulation.

Mill owners used to send little kids into running machines and they'd get shredded. Now we have child labor laws where under a certain age someone isn't allowed to operate most powered equipment.

Mill owners used to not pay people for their wages. Now we have laws with civil and criminal repercussions if you don't pay someone timely and in full.

The phone and electric companies have to follow a bunch of regulations around shutting off your service, because of the consequences.

Companies should not be able to say "and if we fail, lol whatevs, fuck off." If you are providing a service, and someone depends on it to run for their business, then you should be responsible if you fail to provide service. Cost of doing business.

>>disman+b01
Wait they're less reponsive than Akamai ? I ran away from Akamai because of their sales people and how they apparently embedded their dark soul straight into the user interface they give you to use, and by use I mean summon an akamai billing person from the depths because you're not allowed to do anything without them.

I know they're doing good but Cloudflare must be even more successful than I thought if they can afford that level of ineptitude at sales level

>>NicoJu+TD
I don't think you realize it, but your answer while being wrong on many levels isn't even saying what you think it is saying. Reading your message, what one understands is "Cloudflare has so much on their hand you would be stupid to give them your business and think they would have time to deal with it", aka run away.

>>genewi+e41
Imagine their size and market cap if people could trust their Sales organization.

>>ignora+Ab
> I thought those start at $1500/mo?

I wasn't able to get them to size something down under high-$4,000/m, when I looked at this a couple years ago. They acted like I was being annoying just for thinking there might exist any option between $200 and $5,000.

We ended up somewhere else that was much cheaper for the actual service we needed. Every other company in this space I talked to was happy to come up with a plan that fit our needs and didn't include stuff we didn't need, plus their (negotiated, not public) outbound transfer rates were in every case cheaper than what CloudFlare's sales team offered us. They'd even offer high-touch onboarding help in that sub-$5k/m range (I didn't ask, they just offered)

I think our spending's actually over $5k/m many months, now, but it'd be even higher at CF since the best rate on transfer they offered us wasn't great. I gather the actual customer demo they want is big, complex enterprises that need tunnels between multiple physical networks, oddball proxying set-ups, and stuff like that. That's not us, so they weren't a good fit—but what's weird is their self-serve plans look like they're trying to court use cases closer to ours, while they have no decent options for smoothly sizing up past that.

>>jgraha+vj
I'm working an audio hosting SaaS and relying on Workers to stream and cache audio.

What can I do to prevent this from happening to me and my users?

This would be disastrous for my company.

>>ajdude+FU
> Unfortunately this is the norm when ML algorithms are at the wheel. Nobody can conclusively tell why an AI restricted an account; they can only guess.

I don't think it's usually that they don't know what's going on, but that they don't want to tell you, because they think that's giving away too many details.

I've been flagged in many systems as I move around in the world quite a bit, so sometimes I use a credit card acquired in one country in another, and a couple of days later using it on the other side of the planet, which triggers their anti-fraud systems. Then I write to them and they reply something like "Unfortunately you cannot continue to use our services as your account been flagged as potential fraudulent use. We cannot give you any details because then it'll be easier for fraudulent actors to work around it, so I'm sorry we cannot tell you anything else. Bye."

>>tardis+uC
Wow. I was just about to code a key part of our startup's platform using workers and durable objects. I had zero idea that workers are intended for html output and that if they were used for JSON-RPC they would ban us if we are too successful. Crazy. The whole point of the service is free egress. What a joke. Pass. Will look into Fastly.

>>tpxl+Vc1
Companies dealing with money often have AML obligations which means shutting down the shady shit before police or regulators get involved.

>>myname+Y11
In my opinion, it doesn't matter.

They "tolerated" a non-compliant use of their service for so long time (maybe because in the past their only goal was to increase adoption?!?) and suddenly they decided to change strategy?! No problem, it's their choice, but adding an x days grace period should be the standard. It's really easy to do.

> Would it be nice for CF to give a heads up?

Well yes, it will be really welcome. Mostly for all other their user(1/3 of internet or something like this) that maybe doesn't even know there are not full-compliant to TOS and risk their business to be terminated suddenly.

>>bastar+He1
BDR?

>>tardis+(OP)
Cloudflare support is complete garbage.

We upgraded to Enterprise, and had some issues because CF's documentation was not clear (literally a blog post), and their support took many days to even respond and then their response made it clear they hadn't even read the ticket.

I'd move everything into AWS in a second if moving DNS wasn't such a pain.

Also am forced to use the global api token because constantly get rate limited using permission-scoped api tokens -- this is from a simple Terraform plan (first thing in the morning) and after them increasing my rate limit to the max.

>>hapidj+nN1
Business Development Representative.

>>vb-844+gN1
> Mostly for all other their user(1/3 of internet or something like this) that maybe doesn't even know there are not full-compliant to TOS and risk their business to be terminated suddenly.

Warnings are nice, but it's ultimately the user's responsibility to read and understand the TOS, what they can and can't do. Ignorance is no defense. Just because you didn't know murder is illegal does not mean you can go kill random people and claim "oopsie, I didn't know, I wish you had warned me ahead of time".

> suddenly they decided to change strategy

They never changed strategy. It has always been explicitly against the TOS and explicitly mentioned as something you can't do in their documentation. Just because someone is below the threshold for Cloudflare's automated detection does not mean CF is allowing their use. Their use is still against the terms they agreed to, it's just not detected yet. If you are doing things you know are against the TOS, like that other poster, then you should very well know that your time is limited and your access can be yanked at any point in time.

>>kenton+QY
Another comment says "From what I understood is that it requires a manual over-ride on R2/ Workers because the thing that checks for the 2.8 TOS violation is not able to see the difference between Workers/ R2 and the standard CDN service. If you go to the R2 Discord channel you see this happening every other week"

Is that at all plausible?

>>myname+FS1
> Warnings are nice, but it's ultimately the user's responsibility

It is actually ultimately the responsibility of the company, cloudflare, to clearly communicate their rules and ToS to the users. Because they are the multi-billion dollar business, and making things clear is their responsibility.

Throwing your hands up, and blaming confusion on the user is a way to rightfully cause users to hate you, and rightfully cause you a large amount of monetary damage as people decide that your company is not worth the risk.

Or even more, a user is within their right to cause large amount of monetary damages to the company, via viral social media outrages, such as this one. PR damage is real, and is a totally valid tactic, that a large company deserves, if they are making mistakes like this.

And it seemed like the damage caused by this post was very real. Cloudflare executives are posting in this thread.

So, actually, I would say that it is not just nice, but obligated to provide warnings, elsewise you get a situation like this, which is causing real damage to the company.

>>jgraha+vj
Thank you.

>>bastar+He1
> Why would I chase 10 of thousands of dollars a year when I can chase hundred of thousands or millions of dollars?

They have someone on the hook with customers hounding them to get their system back online and it isn’t worth spending a few minutes to quote a guaranteed sale?

Something about a bird in the hand comes to mind…

>>CallMe+pQ1
Impressively, the expansion conveys about as much information as the acronym.

"Gatekeeper" is a more accurate translation.

>>stale2+bY1
How, exactly, is the TOS and pages mentioning this limitation not clear?

I mean, it was clear enough for the other OP to know they went against it. They didn’t need to be told, they already knew their usage was against the TOS and just didn’t like that Cloudflare decided to enforce the rule they very well knew they were already breaking. They even said it themselves.

I already even said that is why I don’t agree the issues are in any way the same, but you opted to ignore that and continue down your diatribe of “it’s always the company’s fault”.

> Throwing your hands up, and blaming confusion on the user is a way to rightfully cause users to hate you, and rightfully cause you a large amount of monetary damage as people decide that your company is not worth the risk.

TIL that users are just allowed to do whatever they want with no repercussions because it’s too difficult to read the agreement they signed. The one that tells them what they’re explicitly not allowed to do. But no, definitely the company’s fault that a customer was taking advantage of them and their services. Totally.

> Cloudflare executives are posting in this thread.

So? People post here all the time. “HackerNews support” is a trope at this point and says nothing but that executives want to do damage control. It says nothing about the TOS being clear on the issue.

>>twawaa+Vp
There is a huge waste of power on the internet with data going back and forth for no good reason.

Obviously I have no clue about your work.

>>plesiv+Sw
> It's not OK to be like "HN I had a bad experience...

That is rather aggressive?? Maybe thry live in another time zone and are asleep, or have other obligations like school pickup. Given them at least 24 hours to respond. sheesh...

>>runako+cR
Not an IP lawyer, not giving advice. Just aware of what a trademark is and isn’t.

>>bastar+He1
Why wouldn't you do both? And if your sales department is maxed out by chasing the big contracts so much so that they don't have time to onboard someone spending 50k a year, get more sales people.

>>bastar+He1
Unsure how it's "chasing" when people call you. I'm more than a 'warm lead' at that point. I'm calling you wanting to buy your product. And yeah, I know not everyone who calls wants to buy immediately - some are just tire kickers or getting a quote. But... again... it's not 'chasing'. It's not even 'selling' so much as 'order taking', imo.

>>tardis+(OP)
good to know. will make sure to never give cloudflare a dime.

>>tardis+(OP)
"The large print giveth, the small print taketh away" has never been more true than with Cloudflare.

None of Cloudflare's marketing or technical documentation makes any explicit reference to "permitted usages" for Cloudflare services such as R2 and Workers.

This page for example means one thing without any reference to permitted usages and would mean something entirely different if the permitted usages were promoted with the same level of visibility as the benefits.

https://www.cloudflare.com/products/r2/

Nothing here tells me I cannot write my own video serving code with Workers:

https://workers.cloudflare.com/

You might even believe "whatever you need" from this paragraph from the above link:

"Static assets with dynamic power. Say goodbye to build steps which pre-generate thousands of assets in advance. Harness the unrivaled raw power of the edge to generate images, SVGs, PDFs, whatever you need, on the fly, and deliver them to users as quickly as a static asset."

This developer documentation would takes on an entirely new meaning if a link to "acceptable uses" was prominent at the top of each page (not fine print).

https://developers.cloudflare.com/r2/get-started/

https://developers.cloudflare.com/r2/data-access/workers-api...

https://developers.cloudflare.com/r2/examples/demo-worker/

Have built an entire application around assuming there were no such limitations I now need to rebuild elsewhere.

Humph.

I now no longer even understand what "no egress fees" means - in a way that's worse than the big cloud providers where at least you know they are charging you 9 cents per gigabyte.

>>tardis+(OP)
i feel like this is a repeating theme, and i've seen it at a company i was at.

in my view, the root of the problem is that companies don't have usage limits in place.

they often have 'sort of' usage limits in place -- that is, they don't actually have metrics for their customers' usage, and that leads to these situations.

and these situations are insane resource hogs -- teams of people spending days to try to figure out whether some customer should be bumped up to the next level.

it doesn't happen, then the customer gets cut off.

pretty messed up for Cloudflare to try and destroy a company like that for no reason.

we get these wishy-washy usage/support/sales situations with a lot of ambigous back and forth, and BIGCOMPANY trying to kill _littlecompany_, etc.

set usage limits, when they're surpassed, move the customer to the higher tier, done.

plenty more you can do around the edges, like grace periods, etc. etc., but i feel like this is amateur hour and cruel indifference - in this case, from Cloudflare -- and not the first time we've seen indifference from them, and other BIGTECH companies.

>>ajdude+FU
Unfortunately this is the norm when ML algorithms are at the wheel. Nobody can conclusively tell why an AI restricted an account; they can only guess.

This is why these types of complaints need to be cc:'ed to your congressional representatives in the US or EU representatives elsewhere. No one else can do anything about the root problem of companies that take customers' money and deny any form of accountability.

For every customer who gets lucky on Twitter or HN, there are probably a dozen who end up with no recourse at all.

>>lowerc+p52
yeah, any decently set up sales team for any company selling to the whole market ought to have some sort of sales team member that's happy dealing with higher volumes of transactional sales, even if the main focus of most of the team is million dollar accounts, unless their self service programme scales to massive numbers or they don't deal with smaller companies at all.

Someone ringing up to say "I need a quote for this level of usage as I think I'm into your enterprise tier" might be asking for a smaller quote than the Big Fish the BDR has sent a cold email to who's eventually been convinced to take a meeting, but they're more likely to convert and unlikely to take lots of meetings or a particularly skilled salesperson to do it...

>>tobyjs+sZ1
In most companies it's more accurately translated as "lead generator" or "sender of spam emails and LinkedIn messages"

>>irq-1+Gl1
doesnt make support out any better though. if i can later just update the ticket myself with "cause the CTO says so" seems sus to say the least

>>vishal+7a
It seems like the $200/mo plan and below are subsidized by their marketing budget, and the various ToS terms are there to give them discretion over whether those users are worth it or not: either low-cost users who are using too many resources, or users who they think they can charge more.

I investigated Cloudflare and the $200/mo plan seemed to good to be true so I contacted sales who verified that yes, it was too good to be true and my usage of the $200/mo plan would violate their ToS. They initially quoted $5k/mo over the phone, and then came back with a formal quote with a number much higher than that.

My take is that Cloudflare's product is so good that they can get away with any kind of sales practices they want. It's like shooting fish in a barrel: just analyze customers on the $200/mo tier and find the ones that look like they could spend way more. It's not even wrong in concept: sales upselling is SOP, and the low-cost tiers provide a lot of value to people who couldn't otherwise afford what they're offering. But the combination of the two sure leaves a bad taste in my mouth.

AWS doesn't have transparent pricing either, but in a different way. Yes, you can use more and more bandwidth and know exactly what you'll get charged, but once you get to Cloudflare Enterprise levels of bandwidth the AWS sticker prices would be astronomical and everyone negotiates non-transparent lower rates.

>>pffft8+dG1
Im on the fence about whether this is accurate. There was an addendum posted somewhere in this thread that clarifies that non-html is just fine.

In reality Im in the same exact position you are and maybe I just want to believe this is something other than that. I dont see why they would care about the content. There has to be something else to this story.

I didn't deploy yet and this has me scared enough to get me thinking about an alternative. Time to spin up a new linode instance I guess.

>>notaha+Bi2
I don't disagree, but I've also never seen a enterprise sales organization that caters to businesses that don't already have millions of dollars in spend sitting in the war chest. We'd all jump at 50k because we're reasonable humans that understand thats a lot of money. However, when you're on the hook for booking millions of dollars in business in what amounts to 60 working days (90 day quarters), you might think about it differently is my limited understanding.

>>mcv+cA
I agree about the efficiency and wouldn't expect anyone to know that on a thread, off of a handle alone. However, I see it in a more positive light- based on John's other comments in the thread, he's made the time to stay active in communities like this one even as the CTO and followed up with folks internally to understand how an oversight like this could've happened.

>>myname+G12
> Just because you didn't know murder is illegal does not mean you can go kill random people and claim "oopsie, I didn't know, I wish you had warned me ahead of time".

It's a wrong comparison. I'm not saying that people that are abusing CF's services are not guilty.

> I mean, it was clear enough for the other OP to know they went against it.

The point is not about these specific cases(in the one I posted it's definitely user's fault, this one is more ambiguous) but how CF acts.

The automatic/human process inside CF that decided to "ban" doesn't know if users are aware or not. They just assume (as you) that's user's fault and proceed with the "ban". While, if I'm running a service for months or even years and no one complains, there are a lot of good reason to assume that I don't do anything wrong.

Imagine that you have a totally compliant service but, because of a bug in their detection mechanism, your service goes down, and it takes days or even weeks to clarify everything with them and bring it up again.

It's an insane "default".

I mean, for CF nothing changes if they give you an x days notice but for your business changes a lot and (as mentioned before) when you run 1/3 of internet it's not only about the TOS.

>>nullca+p32
Ok, but it's reasonable to suspect other users might also have had their accounts banned if it had been a systematic outage or ML hiccup, and given there's a 24hr limit to that ban becoming permanent, it's reasonable to expect an update soon as possible, even if that update is just a one-line "our status is X but we still don't know why this happened to us".

>>myname+G12
>

>>bastar+He1
If that's the case, then they should set up a self-serve portal that these small-time customers can use to buy service if they are too small to warrant talking to an actual human.

But I don't understand why he had to talk to enterprise sales at all if he was already a paying customer, why couldn't he just check a check-box for "High JSON file transfer" and pay an extra fee, then sales could contact him at their leisure to discuss an enterprise contract that might save him money (and they can upsell him on more vendor-lockin services that he'd get with that enterprise contract)

>>stale2+9J2
> Something being "clear" only matters, in so far as it is understood. That is my definition of "clear". It is only clear if it is understood, no matter what, or how clear you think it is. It is defined as unclear, if it is not understood, commonly.

> I mean, it was clear enough for the other OP to know they went against it. They didn’t need to be told, they already knew their usage was against the TOS and just didn’t like that Cloudflare decided to enforce the rule they very well knew they were already breaking. They even said it themselves.

It's evidently clear. Did you even read the thread we’re talking about? Like even remotely? Or are you continuing on the same diatribe regardless what was clearly already written?

> I am not saying I am right. I did break the TOS. They have the right to do what they did. It's just not nice and I don't like them anymore :)

This is not a person who was confused. Period.

>>myname+UL2
>

>>stale2+fS2
Says who? You are not the arbiter of what is clear. The examples shown, you know, the ones we are actually discussing, show that it’s clear.

That you chose to discard them is on you. But that doesn’t mean they just magically don’t exist.

>>myname+bT2
.

>>stale2+aU2
Ignorance continues to be no defense but whatever you want to believe to help you sleep at night, bud.

Here’s a gold star, champ.

>>myname+uU2
"

>>stale2+HU2
The issue has been fixed; if you were to actually read the comments you may have discovered that. But you’ve made it clear that’s not something you partake in.

Once again, whatever you want to believe to help you sleep at night.

>>tardis+(OP)
Oh, it looks like Cloudflare is no longer a good choice. We had very similar experience with Ionic. We tried to put our money in, but no one was interested.

>>nolok+9p1
Akamai is growing at 7% per year vs 40% per year for Cloudflare. Akamai is still 5x the size of Cloudflare but their growth rate is a lot more manageable than 40%.

>>bastar+fr2
That’s all true but the entire point of the freemium model is to feed the paid account sales pipeline… and having a gap between the free and paid tiers where your sales people don’t want to handle the accounts destroys a lot of the purpose of having a free account tier.

I fully agree with what you’re saying but it doesn’t speak well of Cloudflare to have this gap. If they don’t want or handle accounts at this mid tier level, they should have a have a self service tier to handle it.

>>last_r+io2
Sure it’s all fine until an ai or person bans your account for it. It’s cool to talk about what the contract says until you try that and find out their practices implement something else. Unless you plan to sue Cloudflare, the implementation is more important than the contract.

>>danuke+d8
Meh. None of that bothers me.

>>kenton+QY
Maybe I'm missing something, but I don't think that's explicit at all (I've tried to understand this before). The only mentions of HTML are in "(iv) Workers KV, Durable Objects, and R2, storage offerings used to serve HTML and non-HTML content": Workers KV, not Workers.

Meanwhile, section "2.8 Limitation on Serving Non-HTML Content" of the terms says: "The Services are offered primarily as a platform to cache and serve web pages and websites. Unless explicitly included as part of a Paid Service purchased by you, you agree to use the Services solely for the purpose of (i) serving web pages as viewed through a web browser or other functionally equivalent applications, including rendering Hypertext Markup Language (HTML) or other functional equivalents, and (ii) serving web APIs subject to the restrictions set forth in this Section 2.8. Use of the Services for serving video or a disproportionate percentage of pictures, audio files, or other non-HTML content is prohibited, unless purchased separately as part of a Paid Service or expressly allowed under our Supplemental Terms for a specific Service. If we determine you have breached this Section 2.8, we may immediately suspend or restrict your use of the Services, or limit End User access to certain of your resources through the Services."

Serving a "disproportionate percentage of [...] non-HTML content is prohibited". To my understanding, that means that web APIs are allowed, but only if they don't return a disproportionate percentage of non-HTML, since the supplemental terms don't expressly allow it (e.g. no JSON-only APIs).

>>dicknu+Oy
So instead you're running only on the backup provider now. Congratulations on invalidating your multi-cloud strategy. You've failed to understand that the core reason you had that strategy is that any of them can let you down.

Every single one of the cloud providers has had instances of this kind of problem. It's somewhat an inevitability of the way they all work. Eventually someone triggers an automated system somewhere and gets taken down. Or has outages that they shouldn't have had.

Better cloudflare where the CTO hangs out on HN, than Google where both the ban and the appeal are not even humans with empathy.

>>capabl+TB1
Normally banks are restricted from explaining why your account was locked. It’s not necessarily their fault.

>>smcin+jC2
What? no. On the flip side what if their company is convulsing at the possibility of being offline for a few days due to the issue, updating a HN post would be their lowest priority untill they find a solution. Give them a break, OP owes us nothing.

>>nolok+2s1
That's not what it says. Having many employees means you need to improve processes sometimes.

I actually don't know any businesses ( except solo ones) that don't have issues tbh. It's part of having employees.

That cloudfare handles 60% of the internet, just makes the odds really high for someone to complain.

It's resolved pretty quick and they are following up internally on what happened.

And the OP mentioned himselve what the issue was fyi. Check his latest post. This whole thing is about someone bending the rules concerning CW and he knows it :)

>>Veen+G8
jgrahamc responded directly to the point. Replying before it made the front page means this post didn't need to go viral or win the front page lottery in order to get support, making it a counterexample to the GP.

>>NicoJu+ja4
> This whole thing is about someone bending the rules concerning CW and he knows it :)

Hell no. Using workers for non-html content is not "bending the rules". It's a normal and encouraged use case. And saying "I'm a heavy user, is that maybe part of it?" does not mean they did anything wrong.

I don't see any signs of bending rules.

>>Johnny+KJ2
Exactly! I would have bought via self serve or a channel partner but they don’t offer either purchasing option.

>>supriy+aH1
There's been a few stories of stores running on Stripe for months, before hitting it big and being shut down. AML would shut this shit down immediately, not after months.

>>Dylan1+WQ5
A very heavy user where they literally said "it could potentially work".

>>NicoJu+Im7
What comment are you talking about?

And someone going "Is this too much load? Are they not being paid enough?" as desperate guesses after getting banned, does not mean they were actually doing anything borderline or that they "know it".

>>tardis+(OP)
I see accounts like this all the time, I run into the endless loop of cloudflare refusing to serve me a webpage all the time. Somehow clicking the captcha seems to do nothing. I don't know if it's my insistence on using my browser of choice, or my regular clearing of cookies or what have you while trying to keep my laptop secure.

All I know is to me Cloudflare seems to be a gatekeeper of the worst kind, the kind that blocks me from accessing the content I seek to load.

And the idea that it somehow is protecting the web seems more and more ludicrous each tale like this I read. With each page that is delayed in a loop before finally letting me read it, I become more and more convinced at the sheer uselessness of it. Why does anyone bother with it in the first place when it clearly doesn't actually work and worse can be turned against you at any time?

>>tardis+(OP)
If anyone interested here’s what happened https://news.ycombinator.com/item?id=34696763 I was not aware about the spike in bandwidth, will also try to handle such cases on my side better.

>>tardis+(OP)
Cloudflare has published a blog post about this event: https://blog.cloudflare.com/how-cloudflare-erroneously-throt...

>>KomoD+rYf
At least they transparently and openly admitted they were at fault as well as how they're going to stop it from occuring in the future. Overall glad it was resolved

>>vb-844+r9
No that guy was clearly wrong. OP is not and Cloudflare admitted it was a mistake https://blog.cloudflare.com/how-cloudflare-erroneously-throt...

>>plesiv+Sw
Cloudflare have posted a public blog post some days later https://blog.cloudflare.com/how-cloudflare-erroneously-throt...

>>chrono+Rm
It was resolved by emailing them directly. It took just under two hours.

>>Aeolun+vq
No? My comment describes the exact opposite to AWS. The primary billing complaint people have with AWS is that there is no way to stop billing when you hit a predefined limit. Meanwhile, AWS devex looks awful from the outside, but if you have to deal with AWS they are very well organised.

>>tardis+1e
Cloudflare seems to be claiming that you did have a huge spike.

> Traffic from this customer went suddenly from an average of 1,500 requests per second, and a 0.5MB payload per request, to 3,000 requests per second (2x) and more than 12MB payload per request (25x)

https://www.theregister.com/2023/02/09/cloudflare_traffic_th...

>>Firero+Pfl
I don't have a reason to not believe them in that regard, there was a spike, but it was not visible in analytics I have access to it seems.

>>plesiv+Sw
Here's good summary of what happened https://news.ycombinator.com/item?id=34696763

>>nullca+094
Noone said it was their highest priority. But given that HN has a daily stream of horror-stories/complaints from SaaS/cloud/payment users, it would be unreasonable to expect us to wade through them if we don't at some point get a brief follow-up saying what the outcome (and possibly the root-cause) were, and in what timeframe, and how to avoid/fix this for other users, or else which alternative companies to use.

And to requote the OP back to you like I did above, given that customer support told them there's a 24hr limit to that ban becoming permanent and tried to help them get it resolved before then, in this case it was in fact entirely reasonable to expect at least a one-line update within (in this specific case) a day, since either way the outcome would be known.

And in fact here's the OP's followup post: https://news.ycombinator.com/item?id=34721870

>>yamtad+9u1
Thanks. Appreciate your response.

Crazy to think that Cloudflare who are super aggressive napping up upstarts looking for cheaper alternatives to the Big 3 (Azure, GCP, AWS), are this incompetent in closing out Enterprise deals. I thought they were as adept at Sales as they are at Engineering.

>>rexree+Kz
My point is proven. @jgrahamc never responded. Because just like all the rest of you, I'm too small and unimportant to get the attention that others have. That's why resorting to HN to get your critical support needs met doesn't work for the 99% of us.

>>luckyl+Aj
You're right: Workers are not a generic L7 load balancer, but of course plenty useful for the other stuff you point out (for ex, transformations and caching).

>>tardis+(OP)
OP, any updates?