Ok, Cloudflare I am leaving
lexx.grI read the terms before signing up with cloudflare for any of my sites, and it was quite clear it's not meant to be used as an image proxy
> 2.8 Limitation on Serving Non-HTML Content
> The Services are offered primarily as a platform to cache and serve web pages and websites. Unless explicitly included as part of a Paid Service purchased by you, you agree to use the Services solely for the purpose of (i) serving web pages as viewed through a web browser or other functionally equivalent applications, including rendering Hypertext Markup Language (HTML) or other functional equivalents, and (ii) serving web APIs subject to the restrictions set forth in this Section 2.8. Use of the Services for serving video or a disproportionate percentage of pictures, audio files, or other non-HTML content is prohibited, unless purchased separately as part of a Paid Service or expressly allowed under our Supplemental Terms for a specific Service. If we determine you have breached this Section 2.8, we may immediately suspend or restrict your use of the Services, or limit End User access to certain of your resources through the Services.
Iirc, Cloudflare offers image caching through their CDN service.
So it’s not like they don’t allow it at all. You just need to pay for it.
Yes, jumping up to the Business tier is usually enough to ensure you won't get suspended[0].
The point of Cloudflare is that hosting your website for free is a service, and you "pay" for that service in strengthening their network; from their S-1[1]:
> Free customers are an important part of our business. .. Our free customers create scale, serve as efficient brand marketing, and help us attract developers, customers, and potential employees.... In addition, the added scale and diversity of this traffic makes us valuable to a diverse set of global ISPs, improving the breadth and economic terms of our interconnections, bandwidth costs, and co-location expenses.
Your theoretical cost as a free customer is outweighed by the positive effects of protecting over 10% of websites on the internet, largely for free. Now, if you run a free video site proxying all your multimedia stream segments to serve pirated movies, or create a site dedicated to user image uploads and quickly balloon to serving hundreds of terabytes a day at the expense of Cloudflare, your value to the network is trumped by how much you're actively costing them in uplink costs and risk exposure.
0: https://community.cloudflare.com/t/the-way-you-handle-bandwi... (they were suspended for proxying over 140TB of a bunch of archive files/binary files over the course of 15 days)
1: https://gist.github.com/judge2020/e49138d588950167b736c630aa...
TFA explicitly says they're on the Pro plan, ie they're not a free customer. And good job spamming the same incorrect comment in the thread multiple times.
I address that - $200/mo is a lot more than the $20/mo a pro plan costs, which is why upgrading to Business might've been enough, depending on the traffic levels of the service in question. But if your service is pushing terabytes of images or billions of requests, you're costing CF a lot more than they're getting back (in both money and a stronger network presence). Pretty much every booru gets away with paying $200/mo to Cloudflare for pushing likely 20TB/day minimum with a lot of it cached (thus saving them on bandwidth costs to their main image hosting provider).
Also, using r2 to host the images and a worker to proxy them, is allowed, with unlimited traffic and requests.
Can you elaborate or point to a guide with more detail?
For it being allowed, the CEO commented as such here. I realise it's not the best reference but I'm not searching through ToS during lunch haha https://news.ycombinator.com/item?id=20791605
As for how to, something like this (Maybe don't use this specifically in production, it was cobbled together from examples as a proof of concept).
It may be missing caching, depending on if/how Cloudflare caches the output of Workers. It's been a moment since I've looked at this project but I'm pretty sure it was caching files that could be cached (using the etag bit on line 22).
https://gist.github.com/cohan/1b154156c9c3d3b269581c940339ce...
You configure what `R2` in my example refers to in wrangler.toml
E: Random thought you probably don't actually need to do this anymore, R2 has public bucket and custom domain settings now. I needed this for the CORS headers, as that was being a pita at the time[[r2_buckets]] binding = 'R2' # <~ valid JavaScript variable name bucket_name = 'mybucketname'
I’ve seen this exact poor customer experience dozens of times and I shake my head each time.
If there’s a tier to pay for that removes the restriction, then every agent who supports that product should know about it and guide users on why and how to upgrade.
Is js considered as non-html?
The gist is (to me) clearly that you're not meant to be effectively reselling cloudflare's own service. It's being sold (or given freely) under the assumption that it's largely used to build something else, not to build another CDN.
EDIT: There's questions downthread if I've misunderstood ImageBoss's role here. I think ImageBoss was also blocked by CloudFlare recently and separately and is not OP's website.
OP's website (imageboss) looks pretty rad, you can host images and have all sorts of derivative transformations that are done by imageboss and cached for you.
But it's functioning as a CDN (and boasts unlimited transformations, requests and bandwidth, which I think we all know is not actually possible.)
I think you misunderstood the involvement of imageboss. From the post:
"We use Imageboss for all our image manipulation needs. During our migration out of cloudflare we had some difficulties with their service... small businesses like Imageboss were humane, professional and could really help us when we were in need"
OP didn't built imageboss or have any relationship with it until they were booted from Cloudflare and moved to it. They certainly didn't build it on top of Cloudflare.
Thanks for the correction. Looks like ImageBoss was also (separately) blocked which was confusing me.
https://www.linkedin.com/posts/igorescobar_cloudflare-just-b...
No worries! After reading your comment I briefly questioned my understanding of the situation and had to re-read the post again to confirm it.
The post leans pretty heavily comes across as a reactionary rant - it could be much clearer on the entire situation.
Right, a SPA is like 1% HTML and rest JS and CSS and some images. Maybe that's what they mean by "or other functional equivalents"
> Maybe that's what they mean by "or other functional equivalents"
Yeah, but I think that js can be considered as a "functional equivalent" to HTML only when Browser APIs are used
Break the terms of service, get mad and write a blog post. It's not even hidden in some legalese; they tell you not to serve majority image/video content _everywhere_ in the UI.
All my tunnels are still running great, for free. I could not be happier.
I feel like as a paying customer a warning and migration deadline would have gone a long way.
Enforcing vague rules is always problematic. The rule itself is intrinsically problematic, because people will see that others get away with it, often for seemingly no reason. While the OPs case looks clear cut, rules like this are always going to catch out people small hard to explain changes will cross the invisible and likely fuzzy line at moments people don't predict correctly.
And that further underlines the need for a grace period, if this really is the best model cloudflare can come up with (presumably it is).
Yeah, that's a fair point.
Google and AWS don't have any issues posting the limits on their free-tier usage, I wonder why CF is so secretive about it?
I'd imagine vague rules allow them to give their customers leeway and handle infractions on a case by case basis. Like a popular open source project could get away with a cheaper plan, while on AWS they couldn't.
I think this particular instance is pretty cut and dry. If I understand correctly, they were just reselling cloudflare's services.
However, I DO think under that vague policy they should issue warnings for cases they seem inappropriate
I am not saying I am right. I did break the TOS. They have the right to do what they did. It's just not nice and I don't like them anymore :)
It's not nice that they want you to uphold your end of an agreement?
I sure hope your customers read this comment, they should know that you're likely to defraud them, since it's not "nice" of them to want you do what you agree to.
Er, so do you run around and dive in pools when the rule boards posted everywhere explicitly list those as forbidden, then get mad when you get kicked out?
That's exactly what I do in pools. On my case though I haven't read the TOS. And I would really appreciate a warning. Also, as I have already said, it's not clear when and how you are considered an image proxy. There is no way to know or monitor it. Do you consider any website with images breaking the TOS, or because we have a separate subdomain with images makes this a problem.
I think it's fair that you would appreciate a warning.
In the blog post your claim that "small businesses cannot depend on huge providers like google or cloudflare" may or may not be right, but it's absolutely not evidenced by you not reading the TOS.
I suppose you're also right that there's no way to monitor whether you would be considered an image proxy. I would appreciate more clarity on that myself.
It's extremely clear in your case though. You said it yourself, "all my subdomains that operate as image proxies are banned."
I agree with your comment
Lemme just say I do have sympathy for you, and I think your website looks great.
Thank you very much. I really appreciate it
> Also, as I have already said, it's not clear when and how you are considered an image proxy.
I don't understand your position, you called your own servers image proxies. So how could you not know they were image proxies?
> they tell you not to serve majority image/video content _everywhere_ in the UI
Do they? I'm looking at the docs related to proxy and CDN and I don't see anything.
> they tell you not to serve majority image/video content _everywhere_ in the UI.
Where? I've never seen it outside of the fine-print legalese.
Isn’t the payload of most marketing websites majority image content size-wise?
Majority of the bytes? Yes. Majority of the requests? Usually not. Majority of the caches miss bytes? Probably not.
There are probably exceptions, but even the most graphically heavy sites have a decent amount of HTML, CSS, and JS content. This is probably due to Google bot not appreciating excessive image use. Marketing folk typically listen very closely to whatever Google dictates.
this assessment is reasonable, but not productive.
- Read your terms of service, contractual responsibility and liability for all services. as a leader, youre authoritative and liable for shareholder and corporate risk.
- What you do after the fact is just as important --if not more-- than what you didnt do before. Channel this outrage into action, identify the problem, and countermeasure it to ensure future success.
- Risk is an isotope, do not concentrate it all into one single provider/platform/service or its criticality will prove a detriment to your business. You can mitigate it, accept it, or delegate it, but it cannot be ignored.
- if the product is for free, its likely the roles are reversed. re-evaluate your needs and understand whether youre a consumer, or a product and if this shift in roles aligns appropriately with risk and compliance in your industry. Do not assume the coffee is free.
It is impossible to read all the the terms of services, especially including all the updates, to all of the services an average person uses. There simply is way, way too much text and vague legalese to read and understand.
This is incidentally true of (by)laws too, and it's part of the why behind the familiar adage that it's better to ask forgiveness than permission.
While I agree, I think they should set some more objective limits.
Setting a specific limit is going to result in people pushing up as close to the line as possible, instead of holding to the spirit of the policy.
I don’t know. How would you feel if your ISP would say something like “We will throttle excessive traffic” without specifying what this traffic is.
I think limits should be clearly defined. Especially for paying customers.
For free customers, that's okay I guess, but not for paying ones.
Genuinely curious. Why does Cloudflare prevent that?
Images and Videos tend, in comaprison to text, consume a lot of data even if compressed. This additional data leads to a stark increase in bandwidth usage when accessing a video compared to, e.g., a (text) blog. Because cloudflare is the one handling most of the bandwidth usage and routing this amounts to a significant cost for them (more servers, bigger pipes, ...).
All of the pipes should have been implemented by ISP's and Telcos if all that damn Federal grant money would have actually gone to infra instead of exec bonuses and lobbying.
Because the large carriers make a ton of money by extorting their clients (ISPs and data centers) with absurd data interchange pricing. Some like Deutsche Telekom are even worse, they charge both their residential and mobile customers as well as anyone trying to peer with them.
That's partially also the reason why the extremely large players like Google and Facebook have built their own sub-sea fibre lines. Utter madness.
I don't fully know, but I am guessing because Cloudflare doesn't charge for bandwidth, only requests... non-html content is going to be more data per request, which might not fit into their cost model.
Because money.
This is a problem of CloudFlare's own making. They provided a lot of services for "free" to gain scale and market share. Now they are a public company, and things are changing. A pro plan does not give you unlimited CDN data transfer, but I've heard from people enough times, "Just do it on Cloudflare for free", and that perception is CloudFlare's making. When you get to the Enterprise tier, CloudFlare works just like a traditional CDN in terms of metered usage and billing.
* I've been using various CDN's since the 90's, and I'm currently a Cloudflare Enterprise customer. However, Cloudflare, not without its faults, is still the best option out there.
> However, Cloudflare, not without its faults, is still the best option out there.
What type of pricing on enterprise per TB on how bulk usage?
So how much bandwidth were you using, and what proportion of it was images? Like, is it a obviously cut and dry case or is there actually some ambiguity?
(There's some very good reasons to leave terms a bit vague rather than specified exactly, but then you probably wouldn't expect enforcement in cases that are ambiguous.)
We are a really small business. We have a headless CMS. We just use media for Content purposes. Nothing out of the ordinary.
He said "image proxies" so I guess 100%?
Tell me one web site where images and video doesn’t count for most of the size. The time of 35k image on a 50k text page is long gone.
Just a guess, but I'm wondering if it's more about their system detecting someone serving almost entirely image requests, versus someone serving 20-40 images per web page, a pattern more consistent with images served alongside a web page.
It also has to reach a critical point. Serving maybe 100k unique visitors and 1tb in a month isn't that big of a deal, but 100x that might be enough to where you're using a lot more than every other free customer.
Non-trivial amounts of Javascript for example
https://almanac.httparchive.org/static/images/2021/page-weig...
news.ycombinator.com
The thing that scary me most is that his business get shut down without any notice period (at least the author not mentioning any previous communications from Cloudflare team about the issue).
This is really a shitty thing from Cloudflare, you cannot shut down an already running business without any notice/grace period.
If you break any companies ToS they have the right to terminate your service at any time, unannounced. If you break Facebooks ToS, do they email you with a headsup warning? No, they would just ban you instantly.
Yes they should give you a warning to stop or migrate or pay. Companies should be fair to people, Cloudflare and Facebook included.
I partially agree with you if he would had suddenly started doing something wrong, but he was doing this for a lot of time and no one complained before. Cloudflare should give him the possibility to clarify or resolve the issue.
Obviously, in some cases immediate shut down is fine (eg. crazy resource usage, serving some illegal content) however doesn't seem to apply here.
This post would have much more credibility if the use-case that triggered the ban was described:
"all my subdomains that operate as image proxies are banned"
That sounds anywhere from perfectly reasonable to completely shady. Writing a post like this and not providing any additional detail on what you were actually doing to trigger the ToS boot leads me (for one) to believe elaboration on your use case would harm your argument, any sympathizing, etc.
From what I've seen before in many cases Cloudflare uses the "non-html content is disproportionate to html content" ToS clause as a catch-all to boot customers they don't like for one reason or another, are wildly "expensive" from a bandwidth standpoint, etc. As many have pointed out here on HN it doesn't even really fundamentally make sense and most websites, by nature, are going to consume more bandwidth with JS/SVG/PNG/etc vs HTML.
They should just be upfront... "If your service uses a disproportionately large amount of any of our resources for the amount of revenue it generates, we will ask you to either pay extra or leave. We'll try to give you a notice period to leave, but in extreme cases the period will be very short or none at all".
Then the TOS should give examples of common things that trigger use of this policy, for example running an image/video host.
I'd like them to commit to always offering a monetary amount which would satisfy them. Often in business, a migration is a slow and painful process, so simply paying 10c/GB to serve video/images might be preferable.
They are extremely upfront about this:
> 2.8 Limitation on Serving Non-HTML Content
> The Services are offered primarily as a platform to cache and serve web pages and websites. Unless explicitly included as part of a Paid Service purchased by you, you agree to use the Services solely for the purpose of (i) serving web pages as viewed through a web browser or other functionally equivalent applications, including rendering Hypertext Markup Language (HTML) or other functional equivalents, and (ii) serving web APIs subject to the restrictions set forth in this Section 2.8. Use of the Services for serving video or a disproportionate percentage of pictures, audio files, or other non-HTML content is prohibited, unless purchased separately as part of a Paid Service or expressly allowed under our Supplemental Terms for a specific Service. If we determine you have breached this Section 2.8, we may immediately suspend or restrict your use of the Services, or limit End User access to certain of your resources through the Services.
“a disproportionate percentage of pictures, audio files, or other non-HTML content is prohibited”
1. It doesn’t help that the “percentage” is ambiguous
2. A couple of days warning or suggestion to move to a higher paying plan would be nice instead of just shutting them down.
I’m this case Cloudflare reminds me a quote from Big Lebowski: “You're not wrong Walter, you're just an asshole.”
The complaint is that Cloudflare was not upfront about this limitation. They are clearly quite upfront. They more or less say exactly what the other commenter accuses them of not being upfront about.
> 1. It doesn’t help that the “percentage” is ambiguous
Would it have mattered? OP said they are using them as an image proxy; that's nearly 100% traffic served. Any way you interpret the word "disproportionate", running an image proxy will trigger.
> 2. A couple of days warning or suggestion to move to a higher paying plan would be nice instead of just shutting them down.
How they choose to handle an issue is also outlined upfront in their ToS. It's not really relevant in the context of this thread.
They may be an asshole, but they straight up told you, the other commenter, and OP exactly what they don't allow and what will happen.
The only thing I keep using from cloudflare is their DNS service.
I know this is not related to the post, but I tried to use workers for a few times, specifically the Cron workers. However it never worked as it should. My Cron was never triggered. And then, when I contacted their support throught the community, theirs mods seemed to basically don't care that Cron workers don't work. I tried and did everything the support mods said to me but nothing worked.
And then, they just stopped answering me.
And more, it wasn't just me. A bunch of people were having the same trouble with Cron workers.
So I don't use workers anymore.
Their support is really trash. There's a lot of "go to the forums", and you go there and get ignored.
We had issues with ZeroTrust and could get literally ZeroHelp. We were told the ZeroTrust team doesn't monitor the forums (which were where we were told by support to go for help, lol).
About two years ago they started moving towards free tier users receiving no official support outside of billing issues. Trust me, even for us forum MVPs, it's a point of contention.
There are better CDNs for image proxies, Stackpath is way nicer than Cloudflare for image hosting and cheap. Plus you don’t have to let them MitM your pages and endpoints.
Tough to beat r2's pricing at $0.015/GB-month for storage and no bandwidth fees. https://developers.cloudflare.com/r2/platform/pricing/
R2 is not a CDN, but object storage. You also have request fees.
Stackpath is an excellent alternative. I use stackpath (moved from incapsula after they got bought out) though I still use cloudflare for some areas. Stackpath support is much better than cloudflare in that I can always contact someone and get a response quickly even over live chat so for support stack path wins - really both tend to just work. I prefer stackpath waf over cloudflare. Only network issues I found is there were issues accessing from China which newer not issues on cloudflare. Pricing for cloudflare is flat which for the business and pro plans, and I really like flat fees instead of usage based . where stackpath varies each month based on usage.
I feel amazon cloudfront is a much better option for an image proxy. Takes less than a minute to setup, offers automatic ssl and dozens of caching endpoints. Also super easy to automate with AWS cli. Even optimizes for streaming videos. I have never had any issues with them.
You can check the AWS calculator to figure out the pricing based on your average bandwidth. Depending on your use case you may be paying less than a Cloudflare pro account.
at about 10c per gigabyte though?
Haven’t used Cloudfront but every time I use AWS I always get a ridiculously higher bill than what I was expecting.
> We use Imageboss for all our image manipulation needs. During our migration out of cloudflare we had some difficulties with their service. I reached out to them and within an hour they helped us go through this migration and really saved the day for us. A really huge "thank you" to Igor for treating use with professionalism.
Ironically, weren’t these difficulties due to Imageboss being itself blocked by Cloudflare? [1].
[1]: https://www.linkedin.com/posts/igorescobar_cloudflare-just-b...
Ironically this did happen but it was a coincidence. They banned us one day later. They did not mention in their tickets anything related to that.
Although it is not clear from the blog post, I think what the author did, was to use an old technique for blogs, where you would serve images under many different subdomains. You did this in order to force the web browsers to deeply parallelize the requests, as browsers used to limit to around 4 concurrent requests per domain IIRC. This was pre-HTTP2/QUIC era, and it made a huge difference, as a website could have tens or hundreds of requests per page.
There were even specialized wordpress plugins to take care of this. You just assigned multiple subdomains to your website and the plugin would round-robin the subdomain each image would come from.
If this is indeed the case, then we are in a gray area, where he did and did not violate cloudflare's rules at the same time.
I don't think it's that. OP seems to have a CMS (LucentCMS) and some sites using it (eg: kritikos-sm.gr) load images from a sub domain (eg: images.lucentcms.com).
While the CMS website receive normal visits and serves HTML content, for Cloudflare it's being used mostly to serve images, breaking their ToS. If the customer website was behind Cloudflare and they used their own (sub)domain to serve images they'd probably be fine because that domain would be serving a healthy mix of HTML and media content.
I think both OP and Cloudflare are in the wrong here. OP was using the wrong product for this and Cloudflare didn't give him time to fix the problem, losing a customer in the process.
We're quite interested in a related case here of byte-addressable CDN caching of data table reads for web-scale publishing. So right in that gray area of web publishing. Imagine something like an infinite on-demand parquet table scrolling UI on the NYT website. S3 supports this quite cleanly for internal use, but not for web publishing, where a CDN is needed for the typical hot reads.
So the question is which CDN would make sense for fronting that, both technically and, as seen here, wrt ToS. If not cloudflare... who?
---
(Also, if you're into building such experiences, we're looking for a platform engineering owner to help build out our global gpu network!)
There are several such cases discussed in the Cloudflare forums. It usually turns out that the webmaster was serving very large amounts of media, which no one should expect to be free.
So you are mad that the service doesn’t support what it says it doesn’t support and throw a fit online for internet points.
I give up on understanding why these things go viral.
This is something that always concerns me when I start a new project. I often want to handle as much internally as possible to avoid situations like this one, but large services often make things much easier in comparison (until they pull something and you're stuck doing the work anyway). I really should start tracking how much time I actually lose to things like this so I can do a proper analysis.
TIL : the free cloudflare proxies will serve your static HTML files only, and you need to host your images elsewhere.
You can get away with using a few TBs/month on the free plan if you also serve a healthy share of html content (static or dynamic). For example, a normal blog where images are part of the content will be fine.
Disclaimer: I am neither pro-Cloudflare nor anti-Cloudflare...
To me, it seems that Cloudflare is just another additional abstraction layer / proxy -- between web sites / web apps / SAAS providers -- and the Internet.
There might be benefits from such an arrangement -- such as Cloudflare's ability to block DDoS attacks...
But there also might be drawbacks from such an arrangement -- such as what do if Cloudflare for whatever reason -- blocks/bans/or otherwise limits you?
Opinion: A good website / web app / SAAS -- would be as distributed as possible -- that is, it would use the Internet natively AND it would Cloudflare AND it would use N Cloudflare competitors/proxy services -- ideally all of them -- at the same time!
In other words -- let the user choose their own route to a provider!
Do you want to use Cloudflare?
Great, we have that!
Do you want to use the Internet natively?
Great, we have that!
Do you want to use a competitor to Cloudflare?
Great -- we have that too!
If it is technically impossible to do that with one domain -- then mirror your site/service/SAAS -- to multiple domains.
Let the user decide what they want...
Incidentally, towards that end, I found the following excellent list on GitHub:
https://github.com/anderspitman/awesome-tunneling
(https://news.ycombinator.com/item?id=30443747 -- for related discussion)
It's non-canonical -- but it's probably a step in the right direction...
Now that they have their own image solution they are using all the tricks they can to blow competition. Not giving notice is really bellow the belt on my opinion. That is not how you treat your customers.
Uh, can't cloudflare just choose not to cache images beyond a certain bandwidth limit if they want to? Why throw the customer off the service completely?
You're still accessing the file via their network, so for them it's probably cheaper to actually cache the file so they don't have to hit the origin server every time a request comes in.
So, if they want to penalize a customer, it's pretty trivial for them to route those excessive requests around their cache and directly to the customer's server. Cloudflare can choose to dump a ddos they're mitigating on their customers whenever they feel like it, so why the hell not throttle or redirect their own throughput when it's in their financial interest or people aren't paying enough for it?
They can choose not to cache and pass each request to the customer's server, but the traffic is still going through their network. Not caching or letting DDoS requests reaching the customer's server doesn't stop using their bandwidth or lower the load on their systems. For that, they need to stop accepting traffic to that domain.
In this case I believe they simply blocked the sub-domains being used as CDN for other sites (which breaks their ToS). They didn't point the domain directly at the origin server (which would expose the original IP) or throttle the traffic (again, wouldn't reduce the load on their system).
My understanding is that what OP was doing is allowed on a higher plan, but like any other CDN, it costs more than the $20/month plan OP was using. Still, a warning and a few days to deal with the problem would be better for everyone: OP wouldn't have downtime and Cloudflare could be making more money. Instead they lost a customer and have some bad PR.
They have to pay for the bandwidth!
Cloudflare, to me, is seen as worlds largest mitm.
"mitm" strongly implies Cloudflare is somehow unauthorized, like they're slipping in and hijacking the connection.
I know why Cloudflare detractors use this type of intentionally misleading language, but can we maybe say something like "worlds largest _proxy_" that is more accurate?
Maybe not even the largest proxy by volume. Akamai and Google Cloud load balancers serve bigger customers with comparable, if not more overall bandwidth. Cloudflare only puts out stats for "percentage of websites"[0], which includes all of the random blogs that get less than 1k views a day.
0: https://community.cloudflare.com/t/statistically-speaking-wh...
Fair enough, I was more focused on their misleading language and took the claim at face value.
Yeah? People use MITM because it has large benefits.
This line of reasoning is poor.
Taken to horrible extremes: Slavery has large benefits.
Even if not taken to extremes, we're talking about the same argument that erodes privacy; "We need to take away your freedom so that the terrorists can't groom your children and bomb your daycare centers!".
I can't even begin to steelman an argument like this, it's just poorly reasoned out.
Alifatisk didn't make any arguments. I didn't make an argument. Not everything is an argument.
argument is anything thats a disagreement.
You literally made an argument against something the parent said.
Discussion can also include “making arguments” even if the discussion itself is not otherwise classified as an argument.
Larger than AWS?
These are the nightmare stories for me. So much of the internet depends on these worldwide CDNs that people are bullied into using by DDoS attackers, which, in turn, allows these companies to have a chokehold.
Cloudflare is a "global network built for the cloud" that.... doesn't allow images? Really?
They have partnerships with Backblaze and Wasabi, object storage providers, but wont allow images to be served over their CDN? Really?
They have their own object storage solu--- ohhhhhhh
Even before r2 they didn't allow sites like image hosting or video hosting.
The point of Cloudflare is that hosting your website for free is a service, and you "pay" for that service in strengthening their network; from their S-1[0]:
> Free customers are an important part of our business. .. Our free customers create scale, serve as efficient brand marketing, and help us attract developers, customers, and potential employees.... In addition, the added scale and diversity of this traffic makes us valuable to a diverse set of global ISPs, improving the breadth and economic terms of our interconnections, bandwidth costs, and co-location expenses.
Your theoretical cost as a free customer is outweighed by the positive effects of protecting over 10% of websites on the internet, largely for free. Now, if you run a free video site proxying all your multimedia stream segments to serve pirated movies, or create a site dedicated to user image uploads and quickly balloon to serving hundreds of terabytes a day at the expense of Cloudflare, your value to the network is trumped by how much you're actively costing them in uplink costs and risk exposure.
0: https://gist.github.com/judge2020/e49138d588950167b736c630aa...
It’s not clear to me that running an image host (or, say, something like NPM or CPAN) on cloudflare is allowed, even if you’re serving it using (paid) workers and R2 and not using them as a proxy at all.
Maybe it is, maybe it isn’t, my point really is that it’s difficult to tell.
As I told you in the other comment in this thread that you copy-pasted from this one, they're not a free customer.
If they did offer all-inclusive image caching as a product, how much storage would they end up deploying?