0
0
mirror of https://codeberg.org/crimeflare/cloudflare-tor synced 2024-11-13 21:02:40 +00:00

Merge branch 'master' of anonymous/no_cloudflare into master

merge
This commit is contained in:
themusicgod1 2019-11-14 00:09:36 +01:00 committed by Gitea
commit 785764fd21
44 changed files with 309 additions and 7 deletions

View File

@ -50,6 +50,10 @@
(Just don't add Medium.com articles. It's Cloudflared. Whether the content is good or not doesn't matter.)
"[Cloudflare - why the fuss?](https://decentralize.today/decentralization/cloudflare-why-the-fuss)" by [O S Layman](https://decentralize.today/cryptocurrency/blogger/big-h)
"[Cloudflare considered harmful](https://www.devever.net/~hl/cloudflare)"
"[Does Cloudflare help my WordPress site?](https://seravo.com/blog/does-cloudflare-help-my-wordpress-site/)" by [Seravo](https://seravo.com/)
"[Say no to Cloudflare](https://robinwils.gitlab.io/articles/say-no-to-cloudflare/)" by [Robin Wils](https://robinwils.gitlab.io/contact/)
@ -116,6 +120,8 @@
###### Forum / Wiki
"[That's not how the web works, sorry. Cheers](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941394)"
"[Pale Moon developer shows disdain for Tor and people who combat Cloudflare MITM](https://www.reddit.com/r/privacy/comments/cnqwr3/pale_moon_developer_shows_disdain_for_tor_and/)" by [vargasgetulio](https://www.reddit.com/user/vargasgetulio/)
"[...Cloudflare DOES TLS termination, directly having access to all the data in clear.](https://www.reddit.com/r/privacy/comments/ckwlem/cloudflare_does_tls_termination_directly_having/)" by [JustCondition4](https://www.reddit.com/user/JustCondition4/)
@ -312,9 +318,75 @@
###### Twitter (aka "Birdsite")
> Too many to list here. [See for yourself](https://twitter.com/search?q=Cloudflare).
> Too many to list here. It is IMPOSSIBLE to list them all! [See for yourself](https://twitter.com/search?q=Cloudflare).
""We have blocked you from visiting a webpage so contact the webpage owner to resolve the issue". Ummm…. how do you contact the webpage owner when you have blocked everyone in Singapore from seeing the webpage's "contact us"?" by @[MichaelSmithSG](https://twitter.com/MichaelSmithSG/status/1194515123903164416)
"hi, what's wrong with ASN 12714 that you're blocking on Cloudflare?" by @[cjmaxik](https://twitter.com/cjmaxik/status/1193842746605408256)
"I've tried Cloudflare, but they somehow blocked one of my bank sites, so I went with Google DNS instead." by @[nanianmichaels](https://twitter.com/nanianmichaels/status/1194688408985227264)
"Cloudflare attempted to CENSOR this negative review on Trustpilot." by @[phyzonloop](https://twitter.com/phyzonloop/status/1194458264026660864)
"Also, can anyone from UKLabour or Cloudflare explain why I haven't been able to access the Labour Party website for a day?" by @[BernieSnell](https://twitter.com/BernieSnell/status/1194688395164950528)
"You having a bad day ? I am having voip trouble, tried logging in to your customer-zone and getting cloudflare errors.." by @[4t4ri](https://twitter.com/4t4ri/status/1194613025535381505)
"Looks like Cloudflare is broken - 429 error." by @[RHJOfficial](https://twitter.com/RHJOfficial/status/1192398412911652864)
"I've been trying for almost 1,5 hour to order something in the outlet store. Keep getting "Cloudflare error 524" or "503 Service Unavailable"." by @[JWestra11](https://twitter.com/JWestra11/status/1192416998065627138)
"cant checkout online, tried cards from three different banks and always get a cloudflare error after card verification. Any idea?" by @[rossburton](https://twitter.com/rossburton/status/1192808969250717696)
"Hey Pinterest, you're DNS is down Origin DNS error" by @[DemosthenesPol](https://twitter.com/DemosthenesPol/status/1192831438707548160)
"the one site that has the one show that I like, and is the only site I know of that has it, is giving me the cloudflare bad gateway error " by @[otomequeene](https://twitter.com/otomequeene/status/1193397915844263937)
"I keep getting "Error 1016 Ray ID Origin DNS error" which is a Cloudflare error" by @[7leaguebootdisk](https://twitter.com/7leaguebootdisk/status/1193617137039888385)
"Cloudflare's WARP VPN is now available to everyone. I tried it and it made the internet so slow it was unusable" by @[waddling](https://twitter.com/waddling/status/1177615384616325120)
"Unfortunately I live in Mobile Third World country (Germany) and unfortunately warp seems to slow down or even block my devices instead of improving anything." by @[raupach](https://twitter.com/raupach/status/1189132930486034432)
"I use 1.1.1.1 with warp. But the speed is very slow. I just turned warp off and my speed is about 1000% faster on my iPhone. When will you fix this bug? I payed for unlimited use." by @[tombalfoort](https://twitter.com/tombalfoort/status/1179724521575735296)
"Hi, I'm not sure what you can do, but I've been having issues accessing your site for the last week. I keep getting a 502 error or sometimes "this page is currently offline". Looks like it might be an issue with Cloudflare. I'm using Firefox." by @[MrB0nd07](https://twitter.com/MrB0nd07/status/1193916853325836288)
"Outage today? Getting the "web server reported a gateway time-out" error" by @[knapjack](https://twitter.com/knapjack/status/1194002384273338368)
"Great...now @VPSCheap_NET is using cloudflare to block legitimate customers from accessing the client area. I have no plans to use the Net without the protection of a VPN, so may have to take my virtual servers elsewhere." by @[CFSummers](https://twitter.com/CFSummers/status/1189932851564818432)
"You mean you offload your problems onto legit customers by using cloudflare to block every VPN you can find. Emailing isn't going to help, since I have no intention of surfing w/o one. So will start looking for a company that cares about customer security." by @[CFSummers](https://twitter.com/CFSummers/status/1189941994170269696)
"You actually don't get it - I CAN NOT OPEN A SUPPORT TICKET. I cannot access the client area because you are blocking my VPN's access. Using a VPN IS a part of MY security. Will make sure clients who have servers there & others also know how little you care..." by @[CFSummers](https://twitter.com/CFSummers/status/1189945582699384832)
"is cloudflare happy to allow isps to block websites in pakistan for no reason at all. the whole point of using cloudflare dns was to access blocked websites and since u partnered with ptcl in pakistan the blocking has started again?? r u even aware of this shit?" by @[untitled413](https://twitter.com/untitled413/status/1192110658353061889)
"Since 22nd Oct I was getting "Sorry, you have been blocked" CF message on DO website. No help from DO." by @[zedfoxus](https://twitter.com/zedfoxus/status/1194124693067812864)
"I really wanted to like it but I found so much content being blocked (Tidal for example) it wasn't usable for me. Do you not have any media streaming issues?" by @[chadl2](https://twitter.com/chadl2/status/1193432188923961345)
"I recommend you stop 'just blocking' people for the hell of it. You've blocked my IP for no reason. You do realize that these IPs are handed out by the ISP all day long and change often, or are you new to IT?" by @[random_interrup](https://twitter.com/random_interrup/status/1191785034547650561)
"If someone finds themselves wrongly blocked, they can't go to Cloudflare to complain because Cloudflare has blocked them from that site as well. So every day they sentence thousands of people to Internet purgatory because they got randomly handed an IP address they blocked." by @[random_interrup](https://twitter.com/random_interrup/status/1191798471914852352)
"Y'all need to dump Cloudflare . I'm blocked from your site without cause. ISPs randomly hand out IPs all day and I've inherited one they've blocked. This garbage directly impacts your business and shows how poor Cloudflare design is." by @[random_interrup](https://twitter.com/random_interrup/status/1191798470585323520)
"I cycle the IP and now I'm in. If I were a malicous actor I could do the same. Some security feature. Now some other guy can be blocked." by @[random_interrup](https://twitter.com/random_interrup/status/1191800765490368513)
"I got some weird “redirecting, checking my browser” message - I thought it was on my end." by @[Cindy_M_McCraw](https://twitter.com/Cindy_M_McCraw/status/1193246807435948032)
"The answer appears to be Cloudflare: the CAPTCHA-wall was theirs, and I'd recently looked at an unrelated site they host that was under their DDoS protection, so I bet that's why I was on the naughty list." by @[xlerb](https://twitter.com/xlerb/status/1189530664606953473)
"CloudFlare is currently fed up and I cant log into my account: the login screen sends me to a captcha which sends me back to a login screen, repeat forever." by @[kstrauser](https://twitter.com/kstrauser/status/1191082449511440384)
"I wonder if Google is funding Cloudflare in exchange for them to put their CAPTCHA on as many users as possible. Would make total sense google need users to train machine learning algorithms. Cloudflare can market it as a service while deceiving webmasters " by @[catgirlsec](https://twitter.com/catgirlsec/status/1192161900810973184)
"Furaffinity Cloudflare protection is so good that even artists can't upload anything" by @[PaigeScribe](https://twitter.com/PaigeScribe/status/1194042797680054272)
"Hi, we can't log in this morning..." by @[isaacgrover](https://twitter.com/isaacgrover/status/1192430529032810497)
"Your site just went down when I was mid-course, whats the problem? Something with Cloudflare..." by @[Best__Lux](https://twitter.com/Best__Lux/status/1164673967552004096)
"looks like cloudflare are blocking requests. Will need a cool off period before it starts accepting again." by @[TheCryptarch](https://twitter.com/TheCryptarch/status/1164256030039035904)
@ -1855,9 +1927,15 @@
###### Mastodon
> Too many to list here. [See for yourself](https://mastodon.social/tags/cloudflare).
> Too many to list here. It is IMPOSSIBLE to list them all! [See for yourself](https://mastodon.social/tags/cloudflare).
"To MITM an entire domain with CF you give Cloudflare authority over the entire domains DNS resolution. This is the best indicator of a full domain MITMing." by @[Trysdyn Black](https://marf.space/objects/6a07884a-cfe8-4eeb-9486-63ffe791259f)
"The corp., project + devs lost my trust once they pushed EME, Pocket, Studies, censorship and #Cloudflare crap." by @[NullWhereMan](https://social.bobcall.me/@NullWhereMan/103115226792755635)
"It's a bit of a #hypocrisy for #privacytoolsIO to subject their donors to a #Cloudflare site. No warning is given to tell their pro-privacy supporters that their name, address, and sensitive financial data will be shared with a #privacy abuser." by @[batalanto](https://todon.nl/@batalanto/103097101716393570)
"interessant, eine Website a la github, die die Umtriebe von #cloudflare dokumentiert" by @[alm10965](https://social.bau-ha.us/@alm10965/102670940812325433)
"OK #cloudflare hat mich blacklisted. Hmm, von cloudflare habe ich schon so manch schlechtes gehört ! Irgendwie ahnte ich doch so etwas, daß ich XXX.com nicht mehr nutzen kann." by @[alm10965](https://social.bau-ha.us/@alm10965/102670832938054598)

View File

@ -146,9 +146,9 @@ Is there any way you would sell us that data?
---
Cloudflare also offer _FREE_ VPN service called "[Cloudflare Warp](https://blog.cloudflare.com/1111-warp-better-vpn/)". If you use it, all your smartphone connections are sent to Cloudflare servers. Cloudflare can know which website you've read, what comment you've posted, who you've talked to, etc. You are voluntary giving [all your information](https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-478686469) to Cloudflare. If you think "_Are you joking? Cloudflare is secure._" then you need to learn how [VPN works](https://en.wikipedia.org/wiki/VPN).
Cloudflare also offer _FREE_ VPN service called "[Cloudflare Warp](https://blog.cloudflare.com/1111-warp-better-vpn/)". If you use it, all your smartphone ([or your computer](https://techniapps.com/2019/09/26/download-cloudflare-warp-vpn-for-pc-windows-10-mac/)) connections are sent to Cloudflare servers. Cloudflare can know which website you've read, what comment you've posted, who you've talked to, etc. You are voluntary giving [all your information](https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-478686469) to Cloudflare. If you think "_Are you joking? Cloudflare is secure._" then you need to learn how [VPN works](https://en.wikipedia.org/wiki/VPN).
Cloudflare said their VPN service make your internet [fast](https://www.wired.com/story/cloudflare-says-new-vpn-service-wont-slow-you-down/). But VPN make your internet connection _slower_ [than your existing connection](https://techcrunch.com/2019/04/01/cloudflares-warp-is-a-vpn-that-might-actually-make-your-mobile-connection-better/).
Cloudflare said their VPN service make your internet [fast](https://www.wired.com/story/cloudflare-says-new-vpn-service-wont-slow-you-down/). But VPN make your internet connection _slower_ than [your](https://twitter.com/ExYakuza/status/1182317536089526273) [existing](https://twitter.com/waddling/status/1177615384616325120) [connection](https://techcrunch.com/2019/04/01/cloudflares-warp-is-a-vpn-that-might-actually-make-your-mobile-connection-better/).
---
@ -189,6 +189,7 @@ This repository is a list of websites that are behind "_The Great Cloudwall_", a
**Data**
* [Cloudflare Users](cloudflare_users/)
* [Cloudflare Domains](cloudflare_users/domains/)
* [Cloudflare Inc.](cloudflare_inc/)
* [Domains: Non-Cloudflare but filtering/blocking Tor users](not_cloudflare/)
@ -196,6 +197,7 @@ This repository is a list of websites that are behind "_The Great Cloudwall_", a
**Information**
* [Short version of README](README_short.md)
* [Padlock icon indicates a secure SSL connection established w MITM-ed](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831835) by Anonymous
* [Block Global Active Adversary Cloudflare](https://trac.torproject.org/projects/tor/ticket/24351) by nym-zone
* [Problem with Cloudflare](https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-460077544) by libBletchley
@ -203,15 +205,19 @@ This repository is a list of websites that are behind "_The Great Cloudwall_", a
* [Cloudflare Watch](http://www.crimeflare.org:82/) (cons: _down quite a lot, old data, search restricted to EU only_)
* [Another landmark day in the war to control, centralize and censor the internet.](https://www.reddit.com/r/privacy/comments/b8dptl/another_landmark_day_in_the_war_to_control/) by TheGoldenGoose8888
* [Disadvantage of relying on only one service](https://twitter.com/w3Nicolas/status/1134529316904153089) ([DO is CF](https://www.digwebinterface.com/?hostnames=ns1.digitalocean.com%0D%0Ans2.digitalocean.com%0D%0Ans3.digitalocean.com%0D%0Awww.digitalocean.com&type=A&ns=resolver&useresolver=8.8.4.4&nameservers=))
* [CloudFlare is asking for charitable contributions.](https://web.archive.org/web/https://opencollective.com/cloudflarecollective#section-about)
![](image/watcloudflare.jpg)
# What can you do?
* Read [our list of recommended actions](what-to-do.md) and share it with your friends.
* Read [other user's voice](PEOPLE.md) and write your thoughts.
* Search something on [Ansero](http://ansero.xgwglrypkjbgecns2zru5ekyu7tnqgg7l5blojlq7roohxbwkr5k77id.onion/) or [Searxes](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/). ([clearnet](https://searxes.eu.org/))
* Update the domain list: [List instructions](instructions.md).
* Add Cloudflare or project related event to [history](HISTORY.md).

106
README_short.md Normal file
View File

@ -0,0 +1,106 @@
# CrimeFlarE
***Why you should say no to Cloudflare***
`This is a draft`
![CrimeFlarE logo](image/crimeflare-logo.png)
Are you already aware of the problems?
You might want to check:
- [Alternatives](#alternatives)
- [Solutions](#solutions)
## Who are we?
`CrimeFlarE` is a group of volunteer Tor, privacy and net neutrality
enthusiasts working to counter CloudFlares oppressive attack on the Tor
community and reduce the harms CloudFlare brings to all users (Tor users and
clearnet users).
## Who is Cloudflare?
Cloudflare is the world's largest man-in-the-middle proxy. This means that it
sits between you and the server which sent you the pages and images.
Cloudflare is a content delivery network, which means that it has different
servers in different locations, so that websites are supposed to be better
reachable. This has a bad side.
*ADD IMAGE*
## Why you shouldn't use it
### Privacy problems
#### Single point of failure
Cloudflare goes down from time to time. All the content which uses Cloudflare
goes down as well when that happens.
Read more about the
[single point of failure](subtext/single-point-of-failure-problem.md).
*ADD IMAGE*
#### It removes anonymity
Cloudflare usually blocks Tor or makes it hard for Tor users to access the
website or content. Tor is not only for criminals. It is important for many
people and everyone has the right on privacy.
Tor is important, read more about
[why Tor matters](subtext/why-tor-matters.md).
Cloudflare often uses Google reCATPCHAs to check if you are human. These
CAPTCHAs which check if you are human, track you and many claim that they
even try to find out which human you are.
Read more about the
[reCAPTCHA problem](subtext/recaptcha-problem.md).
#### Project Honey Pot
Project Honey Pot is a project which collects a lot of personal data
and much of that data is from innocent people who deserve privacy.
Cloudflare was created by people who worked on that project.
![Honeypot](image/honeypot.gif)
### Not convenient
Cloudflare is not convenient for many visitors of your site. You will
lose visitors when you choose Cloudflare. Many people who helped writing
this file even block Cloudflare.
Did you know that you can lose visitors because your site doesn't load
in a few seconds?
Cloudflare often makes visitors wait for a few seconds. Many visitors will
leave your site when they see this.
### Other problems
There are other problems as well, but we want to keep this file simple.
Those problems are listed in
[another file](subtext/more-cloudflare-problems.md).
## Alternatives
Do own a website?
We created a
[file with Cloudflare alternatives](subtext/cloudflare-alternatives.md)
to make your life easier if you agree with us.
## Solutions
### Blocking Cloudflare request or IPs
- [Add-ons](subtext/solutions/add-ons.md)
- [Cloudflare IPs to block](subtext/solutions/cloudflare-ips.md)
- [Change default DNS provider of firefox](subtext/solutions/change-firefox-dns.md)
### Share information about the problem
Many supporters of CrimeFlarE have written some
[articles](subtext/articles.md) about the problem.
You can check them out and share them.
You can ask website owners to stop using Cloudflare, please do so in
a polite way. It might be good to mention some [alternatives](#alternatives).
There are more files on this repository to educate yourself.
We haven't included them all in the README to keep it fairly readable.
## Not convinced yet?
Many supporters of CrimeFlarE have written some
[articles](subtext/articles.md) about the problem.
You can check them out and share them.
Still not convinced?
That's fine. Just know that many people won't be able to use your content or
website. It works against you.

View File

@ -29,6 +29,9 @@ Kristian Freeman | Developer | https://twitter.com/imkmf https://www.signalnerve
Shannon Colin | Employee | https://twitter.com/ShannonColin1
Matthew Gall | Trust & Safety Engineer | https://twitter.com/matthewgall mgall@cloudflare.com
Tim Obezuk | Solutions Engineer | https://github.com/obezuk https://www.linkedin.com/in/obezuk
Jade Wang | Employee | https://opencollective.com/jadewang https://twitter.com/_devrel/status/1004055740808491008
Andrew Fitch | Developer | https://twitter.com/fitchaj
Val Vesa | Community Manager | https://instagram.com/adspedia https://twitter.com/adspedia
Ex-employee:

View File

@ -1,5 +1,6 @@
https://github.com/4-FLOSS-Free-Libre-Open-Source-Software
https://github.com/BurungHantu1605
https://github.com/HLFH
https://github.com/Herohtar
https://github.com/Hillside502
https://github.com/Matir
@ -44,6 +45,12 @@ https://github.com/x5engine
https://github.com/yegortimoshenko
https://infosec.exchange/@slh
https://mastodon.xyz/@Liberapay
https://opencollective.com/andrew-fitch
https://opencollective.com/connor-peshek
https://opencollective.com/cristian-bicheru
https://opencollective.com/jadewang
https://opencollective.com/junade
https://opencollective.com/mabin
https://social.avareborn.de/@nipos
https://social.privacytools.io/@BurungHantu
https://social.tchncs.de/@wallichii
@ -230,6 +237,7 @@ https://twitter.com/ArturRarinca
https://twitter.com/AsakawaP
https://twitter.com/AsepMul35508728
https://twitter.com/AshleyPooleUK
https://twitter.com/AsiaYHameed
https://twitter.com/AssamReporter
https://twitter.com/AssetCobalt
https://twitter.com/AssimiMly
@ -4364,21 +4372,83 @@ https://www.reddit.com/user/grahamperrin
https://www.reddit.com/user/rediii123
https://www.reddit.com/user/zaarn_
https://twitter.com/3nomicMY
https://twitter.com/BestCompar
https://twitter.com/BrianAlaway
https://twitter.com/Bwya77
https://twitter.com/ClamP_Chen
https://twitter.com/DeezayLong
https://twitter.com/DoqumentMe
https://twitter.com/EAxarlis
https://twitter.com/GaryGregory
https://twitter.com/GautomMitra
https://twitter.com/HaSanQaSim13
https://twitter.com/Henryk90312508
https://twitter.com/HinduWebsite
https://twitter.com/KriptoBuz
https://twitter.com/Kyle62861046
https://twitter.com/Lar81502724Lara
https://twitter.com/Leavy__Lee
https://twitter.com/LeeHempfling
https://twitter.com/LisaCalighan
https://twitter.com/MELTechSolution
https://twitter.com/NadimHussain
https://twitter.com/NewerAstro
https://twitter.com/Peerapong1812
https://twitter.com/QAInsights
https://twitter.com/RakeshK48443857
https://twitter.com/Rashedk61182337
https://twitter.com/RsosApa
https://twitter.com/RyanSoElectric
https://twitter.com/SVOML
https://twitter.com/Searge
https://twitter.com/SnsnSultan
https://twitter.com/SuatBezeng
https://twitter.com/Sven48822333
https://twitter.com/Tazhys
https://twitter.com/TuanLe63373595
https://twitter.com/WizmegaC
https://twitter.com/_shikah11
https://twitter.com/ajaybabu_01
https://twitter.com/alikomal4
https://twitter.com/alimhmad18
https://twitter.com/andrewdavidj
https://twitter.com/andristealer
https://twitter.com/assistenza_roma
https://twitter.com/aymenfadel8
https://twitter.com/dPatho
https://twitter.com/ef_hag
https://twitter.com/fabianendes
https://twitter.com/filomargaraujo
https://twitter.com/ga0770
https://twitter.com/hoangso86700297
https://twitter.com/hrmOq9vCEltxMO4
https://twitter.com/jessedhammu
https://twitter.com/kenrobert10
https://twitter.com/kng_100
https://twitter.com/kuvi41
https://twitter.com/laisengchew
https://twitter.com/lazerl0rd
https://twitter.com/lemonade19x
https://twitter.com/muhammadriyad97
https://twitter.com/murilodelete
https://twitter.com/mydressplaner
https://twitter.com/odoyie
https://twitter.com/ohseongkooi14
https://twitter.com/omaridrissid
https://twitter.com/pengpenalib
https://twitter.com/proglasnik
https://twitter.com/qreynald
https://twitter.com/radiox5stereo
https://twitter.com/realman0713
https://twitter.com/richardmckeon
https://twitter.com/rocket4_44
https://twitter.com/shani_raj_ji
https://twitter.com/snnsann
https://twitter.com/thauwf_fiq
https://twitter.com/tnda92
https://twitter.com/tranvanvu43
https://twitter.com/vikkymmk
https://twitter.com/treastrain
https://twitter.com/tuonetti
https://twitter.com/vikkymmk
https://twitter.com/wmst_design
https://twitter.com/zennie62

BIN
image/crimeflare-logo.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 10 KiB

View File

@ -32,6 +32,7 @@ There are many ways to detect it:
- [These add-ons](what-to-do.md) will help your Cloudflare collection.
- Visit a website via Tor or VPN, and you will be greeted by "Attention Required! Cloudflare" webpage.
- Use "[Is MITM?](https://searxes.eu.org/collab/sxes/tool_ismitm.php)" webpage.
- Dig "[NS record](https://www.digwebinterface.com/?hostnames=emsisoft.com&type=NS&ns=resolver&useresolver=8.8.4.4&nameservers=)" of the domain.
```
@ -50,13 +51,19 @@ Route 104.18.224.0/20
```
2) How to add your data
2) How to add your data (A or B)
Type A: Push to Codeberg.org
1. Log in to *Codeberg.org*.
2. Click "*Fork*" button. (top-left corner)
3. Edit text file.
4. Click *Double-arrow* button to create a *new pull request*.
Type B: Just scan the FQDN on "[Is MITM?](https://searxes.eu.org/collab/sxes/tool_ismitm.php)" webpage.
```
IMPORTANT: Please add only "Base Domain"
@ -190,3 +197,30 @@ to codeberg are automatically over Tor with this configuration
(because the `url` in `.git/config` references the virtual host
`codeberg-snowden` in `~/.ssh/config`).
# About Cloudflare `base domain` list
Our mission is clear - `stay away from Cloudflare`.
If the `subdomain.example.com` is cloudflared, we add `example.com` to the database. (`subdomain.example.com` is the sub-domain of `example.com`. Only `the owner` of `example.com` can create sub-domain)
Even if `whatever.example.com` is _not_ behind cloudflare we _will_ raise a warning, because the base domain `example.com` is `cloudflare user`.
`The owner` of `example.com` can enable Cloudflare to `whatever.example.com` at any time without user's notice. It can be done from `dash.cloudflare.com` webpage or hitting `Cloudflare API`. `The owner` is supporting `Cloudflare` and this is severe `security risk`.
Until `the owner` completely stop using Cloudflare service for `example.com`, we _do not_ remove `example.com` from the database.
There is `no exception`.
If `the owner` moved away from `cloudflare` **completely**, you are welcome to add `example.com` to the "[ex_cloudflare_users.txt](cloudflare_users/ex_cloudflare_users.txt)" - after checking `example.com` with online tool below.
1. Open "[Is MITM?](https://searxes.eu.org/collab/sxes/tool_ismitm.php)" webpage.
2. Input `gitlab.com` and click `Skanu`.
3. Click `testo` for detailed scan.
4. If you got `---Finish---`, the domain might stopped using Cloudflare. We'll investigate and remove it - or not. (wait some days and scan again to see whether the domain is removed)
`Only a few Cloudflare user leave Cloudflare. False positive is uncommon.`

View File

@ -73,12 +73,15 @@ If Cloudflare leak your information or won't let you to connect to our servers,
| Name | Developer | Support | Can Block | Can Notify |
| -------- | -------- | -------- | -------- | -------- |
| **[Bloku Cloudflaron MITM-Atakon](https://searxes.eu.org/)** | Searxes | [Link](https://searxes.eu.org/) | **Yes** | **Yes** |
| **[Ĉu ligoj estas vundeblaj al MITM-atako?](https://searxes.eu.org/)** | Searxes | [Link](https://searxes.eu.org/) | No | **Yes** |
| [Block Cloudflare MITM Attack](https://trac.torproject.org/projects/tor/attachment/ticket/24351/block_cloudflare_mitm_attack-1.0.14.1-an%2Bfx.xpi) | nullius | [Link](https://github.com/nym-zone/block_cloudflare_mitm_fx) | **Yes** | **Yes** |
| [Detect Cloudflare](https://addons.mozilla.org/en-US/firefox/addon/detect-cloudflare/) | Frank Otto | [Link](https://github.com/traktofon/cf-detect) | No | **Yes** |
| [Cloud Firewall](https://addons.mozilla.org/en-US/firefox/addon/cloud-firewall/) | Gokulakrishna Sudharsan | [Link](https://web.archive.org/web/https://gitlab.com/gkrishnaks/cloud-firewall/) | **Yes** | No |
- Convince your friends to use [Tor Browser](https://www.torproject.org/) on the daily basis. Anonymity should be the standard of the open internet!
- If you cannot use Tor for some reason, you can use Tor Browser without Tor. We'll show you how below.
------------
@ -221,8 +224,10 @@ There is no 100% secure nor 100% private on the internet and technology.
> 1. Download [Tor Browser](https://www.torproject.org/) and launch it.
> 2. Open Add-ons Manager (about:addons) and *disable* EVERYTHING but "*Torbutton*". **Do NOT *remove* them**.
> 3. Open about:config and search "*extensions.torbutton.use_nontor_proxy*". Set it to "*true*".
> 4. Go to Options, scroll down to "*Network Proxy*". Click "*Settings*" and select "*No proxy*".
> 4. Create new boolean "*extensions.torlauncher.start_tor*". Set it to "*false*".
> 5. Close Tor Browser.
>
> (In version 9.0, Tor project suddenly removed the ability to set custom proxy. Ask your friend for help if you still unable to disable Tor.)
>
> Other guide is [here](https://www.whonix.org/wiki/Tor_Browser_without_Tor#Disabling_Tor).