addon_chrome | ||
addon_firefox | ||
bcma | ||
globalist | ||
image | ||
ismitmlink | ||
not_cloudflare | ||
split | ||
tool | ||
article.txt | ||
cloudflare_CIDR_v4.txt | ||
cloudflare_CIDR_v6.txt | ||
cloudflare_corp_members.txt | ||
cloudflare_owned_ASN.txt | ||
cloudflare_owned_domains.txt | ||
cloudflare_owned_NS.txt | ||
cloudflare_owned_onions.txt | ||
cloudflare_range_v4.txt | ||
cloudflare-philosophy.md | ||
ex_cloudflare_users.txt | ||
faq.md | ||
history.md | ||
instructions.md | ||
LICENSE.md | ||
NEWS.md | ||
PEOPLE.md | ||
README.md | ||
what-to-do.md |
The Great Cloudwall
"The Great Cloudwall" is CloudFlare, the world's largest MITM proxy(reverse proxy).
It is called this in reference to the Great Firewall of China which does a comparable job of filtering out some people from seeing web content (ie everyone in mainland China and some people outside) while at the same time those not affected to see a dratically different web, a web free of censorship of such images as "tank man".
Cloudflare similarly prevents those in southeast asia and elsewhere who have poor internet connectivity from accessing the websites behind it (for example, they could be behind 7+ layers of NAT) unless they solve multiple image CAPTCHAs. Cloudflare also has a massive harassment problem. Tor users and VPN users are a victim.
And their DNS service, 1.1.1.1, is also filtering out users from visiting the website by returning fake IP address owned by Cloudflare or just return nothing. See NEWS.md for more information.
And here you might think, "I am not using Tor or VPN, why should I care?". If you visit website which use Cloudflare, you are sharing your information not only to website owner but also Cloudflare. It is impossible to analyze without decrypting TLS traffic. Cloudflare knows all your data such as raw password. Cloudbeed can happen anytime. Do you really want to share your data with Cloudflare, and also 3-letter agency?
Cloudflare also offer FREE VPN service called "Cloudflare Warp". If you use it, all your smartphone connections are sent to Cloudflare servers. Cloudflare can know which website you've read, what comment you've posted, who you've talked to, etc. You are voluntary giving all your information to Cloudflare. If you think "Are you joking? Cloudflare is secure." then you need to learn how VPN works.
You might already know about the PRISM scandal. It is true that AT&T lets NSA to copy all internet data for surveillance. Let's say you're working at the NSA, and you want every citizen's internet profile. You know most of them are blindly trusting Cloudflare and using it to proxy their personal website, chat website, forum website, bank website, insurance website, search engine, secret member-only website, auction website, shopping, video website, NSFW website, and illegal website. You also know they use Cloudflare's DNS service ("1.1.1.1") and VPN service ("Cloudflare Warp") for "Secure! Faster! Better!" internet experience. Combining them with user's IP address, browser fingerprint, cookies and RAY-ID will be useful to build target's online profile. You want their data. What will you do?
Cloudflare is a honeypot. Free honey for everyone. Some strings attached.
Do not use Cloudflare.
Decentralize the internet.
This repository is a list of websites that are behind The Great Cloudwall, and also actively blocking Tor users.
Domain list - mirrors: NixNet, CodeBerg
Information
- Padlock icon indicates a secure SSL connection established w MitM-ed by Anonymous
- Block Global Active Adversary Cloudflare by nym-zone
- Problem with CloudFlare by libBletchley
- Criticism and controversies by Wikipedia
- Cloudflare's Advertisement is just wrong
- Akamai said 0.2% of Tor exit nodes had malicious requests, yet CloudFlare claims 94% (mirror)
There are more details of why what they are doing is wrong available here. Also see Frequently Asked Questions.
What can you do?
-
Read our list of recommended actions and share it with your friends
-
Read other user's voice (if you write a blog, tell us your URL)
-
Update the domain list: List instructions
-
Add WTF-Cloudflare news to NEWS.md
-
Search something on Searxes Tor or clearnet (this will help collecting Searxes' "MITM domains")
-
Take a look at add-on code and try it:
isMITMlink / BCMA -
Subscribe to RSS feed: "The Great Cloudwall News" or follow crimeflare@ieji.de
-
Take a look at add-on code and try it
Name | Firefox | Chrome |
---|---|---|
Block Cloudflare MITM Attack | Code | Code |
Are links vulnerable to MITM? | Code | Code |
Which website rejected me? | Code | - |
There are other lists, but this one is one where every entry on the list a human being has actually tried to go to, and has been blocked. Human is not a robot.
- List of services blocking Tor by Tor project contributors
- Sites using cloudflare by pirate
WARNING: Github.com is very hostile to Tor users. If you create an account on Github via Tor, your account will be automatically flagged for spam and will be deleted. See "List of services blocking Tor" for details.
Who uses this list?
- Searxes meta-search engine
- Block Cloudflare MITM Attack add-on
- Some Firefox Add-ons