zlacker

[parent] [thread] 14 comments
1. bombca+(OP)[view] [source] 2023-08-02 14:23:29
Supposedly Cloudflare uses a feature of DNS archive.* doesn't like, or vice versa.

Nobody cares; the reality is if you use CF DNS, shit don't work.

replies(4): >>nuker+p >>jeroen+d1 >>joseph+N1 >>cesarb+Iu
2. nuker+p[view] [source] 2023-08-02 14:25:31
>>bombca+(OP)
Im using iCloud Private Relay, and it affects me.
replies(1): >>almost+N
◧◩
3. almost+N[view] [source] [discussion] 2023-08-02 14:27:15
>>nuker+p
I’m using iCloud Private Relay and it works fine.
replies(2): >>kalleb+t4 >>mdasen+o6
4. jeroen+d1[view] [source] 2023-08-02 14:29:06
>>bombca+(OP)
It's not just Cloudflare, it's any DNS resolver that doesn't implement EDNS extensions. If you (or the company you work for) run a recursive resolver that doesn't submit such data, you'll run into the same issues.

I've switched to archive.org because archive.* is broken. For stuff that .org doesn't have, there's always the Tor version. The Tor address seems to be more responsive as well, so that's nice.

5. joseph+N1[view] [source] 2023-08-02 14:31:30
>>bombca+(OP)
> Nobody cares; the reality is if you use CF DNS, shit don't work.

This is super misleading because it ignores the fact that archive.* goes out of their way to make CF DNS not work.

replies(2): >>xnyant+I9 >>flutas+Ql
◧◩◪
6. kalleb+t4[view] [source] [discussion] 2023-08-02 14:42:30
>>almost+N
I use iCloud Private Relay and it only affects me over IPv6. Disabling either private relay or ipv6 "fixes" it
◧◩◪
7. mdasen+o6[view] [source] [discussion] 2023-08-02 14:51:43
>>almost+N
iCloud Private Relay uses a variety of third parties for their network connectivity. If it's working fine, you might be going out via Fastly or someone else. The person who it's not working for is likely getting Cloudflare.

With iCloud Private Relay, it sometimes works for me and sometimes doesn't depending on which CDN's system I'm using at the time.

◧◩
8. xnyant+I9[view] [source] [discussion] 2023-08-02 15:07:10
>>joseph+N1
Doesn't really change anything for the end-user that wants to access the website and is bummed that it doesn't work. There might be politics in the way but all they care is that it doesn't work.
◧◩
9. flutas+Ql[view] [source] [discussion] 2023-08-02 15:58:22
>>joseph+N1
> goes out of their way to make CF DNS not work.

No, they go out of their way to make a system that can handle people trying to abuse it. Cloudflare doesn't like that system and refuses to help them.

> There have been numerous attacks where people upload illegal content (childporn or isis propaganda) and immediately reported to the authorities near the IP of the archive. It resulted in ceased servers and downtimes. I just have no time to react. So I developed sort of CDN, with the only difference: DNS server returns not the closest IP to the request origin but the closest IP abroad, so any takedown procedure would require bureaucratic procedures so I am getting notified notified and have time to react.

> But CloudFlare DNS disrupts the scheme together with all other DNS-based CDNs Cloudflare is competing with and puts the archive existence on risk. I offered them to proxy those CloudFlare DNS's users via their CDN but they rejected. Registering my own autonomous system just to fix the issue with CloudFlare DNS is too expensive for me.

replies(1): >>joseph+FA
10. cesarb+Iu[view] [source] 2023-08-02 16:34:49
>>bombca+(OP)
> Supposedly Cloudflare uses a feature of DNS archive.* doesn't like, or vice versa.

From what I understand, it's the opposite: Cloudflare doesn't use a relatively new feature of DNS (EDNS Client Subnet), and that site doesn't like the lack of that feature.

◧◩◪
11. joseph+FA[view] [source] [discussion] 2023-08-02 17:00:55
>>flutas+Ql
Isn't the Internet full of major websites that need to be able to handle that kind of abuse? If what archive.* did were really necessary to do so, then why haven't any other websites needed to do the same thing?
replies(1): >>rnd0+YH
◧◩◪◨
12. rnd0+YH[view] [source] [discussion] 2023-08-02 17:31:10
>>joseph+FA
>Isn't the Internet full of major websites that need to be able to handle that kind of abuse?

I don't know; since their whole reason for being is to act as (a temporary?) archive of websites that would make them more vulnerable to these attacks than someone like ebay I'd think?

replies(1): >>joseph+II
◧◩◪◨⬒
13. joseph+II[view] [source] [discussion] 2023-08-02 17:34:28
>>rnd0+YH
But archive.org provides the same service as them, and it doesn't need to do that.
replies(1): >>brirec+Hn1
◧◩◪◨⬒⬓
14. brirec+Hn1[view] [source] [discussion] 2023-08-02 20:11:05
>>joseph+II
It’s not the same service, though.

As I understand it, the main reasons people use archive.is over archive.org are because archive.is is more of an immediate proxy/cache/cdn, rather than a long-term archival system that requires a bot to crawl based on schedule parameters. That, and also it includes features to help bypass paywalls by sanitizing some (all?) JavaScript.

On the other hand, Archive.org doesn’t remove or alter scripts or anything like that. And as far as I know you can’t just request them to crawl a site and then browse it there immediately, but you can on Archive.is

replies(1): >>joseph+ry1
◧◩◪◨⬒⬓⬔
15. joseph+ry1[view] [source] [discussion] 2023-08-02 20:56:24
>>brirec+Hn1
> And as far as I know you can’t just request them to crawl a site and then browse it there immediately, but you can on Archive.is

Yes you can. After you put in the URL, you get a button to do so. I just did it for your comment: https://web.archive.org/web/20230802205505/https://news.ycom...

[go to top]