Ariadne Conill 🐰Nov 21, 2022
hi yes, please don't put your fediverse instance behind cloudflare, it really really really fucks up federation
Show threadAriadne Conill 🐰

this is because cloudflare sometimes intercepts (and even blocks) cross-server API calls.

this is a problem with any ddos mitigation proxy service.

Nov 21, 2022 at 7:11pmWeb
Show threadAriadne Conill 🐰Nov 21, 2022
muting this, too many people are asking questions already answered in the thread.
Show threadDoridianNov 21, 2022
@ariadne could you get around that by setting the security level to "essentially off"? That should turn off their blocking, I think.
Show threadAriadne Conill 🐰Nov 21, 2022
@Doridian yes, but cloudflare is a shit company anyway
Show threadDoridianNov 21, 2022
@ariadne oh I don't disagree. I removed my everything from them a while ago. But a lot of good people that don't have the money depend on the free protection from DDOS they give you.
Show threadCodfish  Nov 21, 2022
@ariadne @Doridian morally maybe, but they're unfortunately very useful for stuff like cdn and ddos protection for free or a low price
Show threadMark Shane HaydenNov 21, 2022
@codfish246 @Doridian The CDN service doesn't interfere with mastodon too much, but I really strongly suggest to ditch the DDoS protectuon. Your instance may work OK at the start but over time you will randomly have more and more federation issues. There is a really good chance it will cause you tears and rage.
Show threadfackNov 21, 2022

@ariadne 👀 I'm gonna have to look into this.

I'm using them for object storage, so I'm also using some of their caching services.

Show threadnfgrepNov 21, 2022
@ariadne oh shit, didn’t know this. Would have def put my instance behind cloudflare. Noted.
Show threadwitchlectical runeterialistNov 21, 2022
@ariadne cloudflare is not only a shitty company that proudly protects nazis and loves sites like KF to the point they had to have their money spigot threatened to stop protecting them, it is also a technically bad idea
Show threadMatti RedskyNov 21, 2022
@anna @ariadne The worst part about the money thing is they reported that they lost revenue from blocking KF, so that should say something about the clientele they keep.
Show threadwitchlectical runeterialistNov 21, 2022
@MattiRedsky @ariadne enough noise was made that the real money spigot was being threatened though, which is investors and the stock price
Show threadwitchlectical runeterialistNov 21, 2022
@ariadne (posted as a thing i wanted to boost, not AT you hopefully your mute kept you from having to read it at all ❤️ 🐰 )
Show threadYsera the Fae-TouchedNov 21, 2022
@anna Why is ddos protection a bad idea? Is this specifically in the context of the fediverse or in general?
Show threadwitchlectical runeterialistNov 21, 2022
@ysera instances need to send each other a lot of backend api calls for the whole thing to work, so yeah basically it interferes with that
Show threadJustin FitzsimmonsNov 21, 2022
@ariadne how can we work around this problem? Some instances are definitely going to need ddos mitigation services
Show threadRodri MoraNov 21, 2022
@ariadne any way to fix this. Using cloudflare seems great for caching and security.
Show threadShmnel Nov 21, 2022

@ariadne Yup, only problem I had was adding relays. Other than that it worked just fine.

I'm still behind cloudflare but I'm not using their proxy service.

Show threadAnilNov 21, 2022
@ariadne we’ve got a number of folks looking into how Fastly can be useful for this kind of stuff, and I’d caution that I do think there are cases where smart caching can help a lot.