0
0
mirror of https://codeberg.org/crimeflare/cloudflare-tor synced 2024-11-05 08:52:39 +00:00
cloudflare-tor/what-to-do.md
2018-09-03 10:17:32 +00:00

4.1 KiB
Raw Blame History

What you can do to resist Cloudflare?
  • As a website consumer
  • If the website you like is using Cloudflare, tell them not to use Cloudflare.

You are just helping corporate censorship and mass surveillance. https://trac.torproject.org/projects/tor/ticket/24351

  • Try not to use their service. There are many alternatives and opportunites on the internet!

  • If your browser is Firefox, use Block Cloudflare MITM Attack! add-on.

  • Convince your friends to use Tor Browser on the daily basis. Anonymity should be the standard of the open internet!

  • As a website owner / web developer
  • Do not use Cloudflare solution. You are loser if you fall to that easy solution. You can do better than that.

  • Install Web Application Firewall and Fail2Ban on your server and configure it properly.

  • Set up Tor Onion Service if you believe in freedom and welcome anonymous users.

  • Ask for advice from other Clearnet/Tor dual website operators and make anonymous friends! :)

  • As a software user
  • If you use Debian GNU/Linux, or any derivative, subscribe to bug #831835 ( https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831835 ). And if you can, help verify the patch, and help the maintainer come to the right conclusion on whether it should be accepted.

  • Always recommend Tor Browser or Orfox. Other software's privacy is JUST A ILLUSION.

  • For example, if you really need to use Firefox, pick "Firefox ESR". ESR is developed for company and organizations, thus some spyware code is disabled by default.

  • Remember, Mozilla is using Cloudflare service. They also using Cloudflare's DNS service on their product.

  • If you use one of the websites on this list, contact the webmasters if you still can, and tell them not to use Cloudflare.

  • If they can't leave CloudFlare(perhaps they are merely tech support at the website, and management has decreed that Cloudflare MUST be used) get them to exercise option to whitelist Tor without changing to the "basic level of security" within Cloudflare's options. CloudFlare customers can use this tool(?) to whitelist tor. Advise them, however, that using CloudFlare(or any Cloudflare-like competitors, see philosophy and non-cloudflare list ) exposes readers/viewers/customers to a giant supplier MitM. This is a questionable practice, regardless of whitelists.

  • Tell others around you about the dangers of Cloudflare.

  • Help improve this repository, both the lists, the arguments against it and the details

  • Document and make very public where things go wrong with Cloudflare (and similar companies), making sure to mention this repository when you do so

  • Get more people using Tor by default so they can experience the web from the perspective of different parts of the world.

  • Start groups, in social media and meatspace, dedicated to liberating the world from Cloudflare.

  • Where appropriate, link to these groups on this repository - this can be a place for coordinating working together as groups

  • Start a coop that can provide a meaningful non corporate alternative to Cloudflare

  • let us know of any alternatives to help at least provide multiple layered defence against Cloudflare

  • Try using globalist to maintain this list!

  • If you are in the United States of America

** If the website is a bank or an accountant

*** try to bring legal pressure under the GrammLeachBliley Act https://en.wikipedia.org/wiki/Gramm%E2%80%93Leach%E2%80%93Bliley_Act and report back to us how far you get

** if the website is a government site

*** try to bring legal pressure under the 1st Amendment of the US Constitution

  • For companies that claim to offer service on their website try reporting them as "false advertising" to consumer protection organizations and BBB