←back to thread

Cloudflare starts blocking pirate sites for UK users

(torrentfreak.com)
234 points gloxkiqcza | 7 comments | 15 Jul 25 14:33 UTC | HN request time: 0.787s | source | bottom
1. specproc ◴[15 Jul 25 15:10 UTC] No.44571969[source]
The site suggests that VPNs may be effected. What's the mechanism here? Is this likely to cause trouble for all VPNs?
replies(5): >>44572120 #>>44572155 #>>44572543 #>>44573086 #>>44578576 #
2. grumpyinfosec ◴[15 Jul 25 15:22 UTC] No.44572120[source]
realistically blocking low cost personal VPNs / proxies is pretty easy. Any new servers they stand up are gonna get picked up by commercial threat intel services with an hour and then just blocked. Especially if the CDNs are working with the government.

You could roll your own but wireguard/openvpn going to random hosting provider is gonna achieve the same thing if they are playing hardball.

replies(1): >>44572208 #
3. ◴[15 Jul 25 15:25 UTC] No.44572155[source]
4. pjc50 ◴[15 Jul 25 15:30 UTC] No.44572208[source]
They're not playing hardball, it's all on a "will this do" basis, like the US state-level bans. They're certainly not going to start blocking random IPs in hosting providers, that's reserved for email spammers.
5. johnisgood ◴[15 Jul 25 16:00 UTC] No.44572543[source]
This is how I block VPNs for game servers: https://zolk3ri.name/cgit/schachtmeister2/about/. It could work for any servers. It is very easy to do so. It gives you a "score" of the IP address (README.md explains it) that connected to your server, and you can decide what to do based on that, for example in my game servers there are certain thresholds. It has been working great.
6. instagib ◴[15 Jul 25 16:41 UTC] No.44573086[source]
DNS blocking via 1.1.1.1 is suggested. So, change to another dns.

https://www.cloudflare.com/trust-hub/abuse-approach/

7. JdeBP ◴[16 Jul 25 04:07 UTC] No.44578576[source]

    You <----> residential ISP <----> VPN endpoint <----> CloudFlare CDN <----> actual site
The older blocks were being done by residential ISPs, so using a VPN (even simply with an endpoint inside the U.K.) bypassed them. One could obtain the same effect by having a business ISP instead.

Now CloudFlare is also doing the blocks in its CDN, which means that it does not matter whether the ISP is business or residential, or whether a U.K. endpoint VPN is being used. All three end up talking to CloudFlare's CDN from inside the U.K., and that CDN is now blocking the content.

The tinfoil hat brigade can rest easy. (-: They aren't detecting VPNs. They're just blocking things at a point that is closer to the content origin than all of the U.K. VPNs and ISPs, rather than at a point that that is further away than the U.K. VPNs are.