←back to thread

Tell HN: Cloudflare is blocking Pale Moon and other non-mainstream browsers

1343 points Hold-And-Modify | 1 comments | 05 Feb 25 19:08 UTC | HN request time: 0.241s | source

Hello.

Cloudflare's Browser Intergrity Check/Verification/Challenge feature used by many websites, is denying access to users of non-mainstream browsers like Pale Moon.

Users reports began on January 31:

https://forum.palemoon.org/viewtopic.php?f=3&t=32045

This situation occurs at least once a year, and there is no easy way to contact Cloudflare. Their "Submit feedback" tool yields no results. A Cloudflare Community topic was flagged as "spam" by members of that community and was promptly locked with no real solution, and no official response from Cloudflare:

https://community.cloudflare.com/t/access-denied-to-pale-moo...

Partial list of other browsers that are being denied access:

Falkon, SeaMonkey, IceCat, Basilisk.

Hacker News 2022 post about the same issue, which brought attention and had Cloudflare quickly patching the issue:

https://news.ycombinator.com/item?id=31317886

A Cloudflare product manager declared back then: "...we do not want to be in the business of saying one browser is more legitimate than another."

As of now, there is no official response from Cloudflare. Internet access is still denied by their tool.

1. johnklos ◴[06 Feb 25 20:46 UTC] No.42966318[source]▶

>>42953508 (OP) #

Cloudflare is discriminatory. They, and their fanbois, will likely claim that they can't publicly discuss their criteria for who they block, so some mysterious magic is going on in the background, and we're supposed to just trust them because they're big.

That in mind, I'd love even the most fawning of the fanbois to come up with rationalization for why for a very common browser (Safari on modern macOS), most links through Cloudflare work, but trying to get past the are-you-human checkbox on Cloudflare's abuse reporting page doesn't work half the time.

Obviously that shouldn't be on an abuse reporting page at all, but Cloudflare has been making abuse reporting extremely difficult for years. Adding rate limiting (a human can easily hit it) and prove-you're-human verification on their abuse page just unambiguously proves this.