←back to thread

The web does not need gatekeepers: Cloudflare’s new “signed agents” pitch

(positiveblue.substack.com)
454 points positiveblue | 1 comments | 29 Aug 25 16:35 UTC | HN request time: 0.223s | source
Show context
Animats ◴[29 Aug 25 21:45 UTC] No.45069763[source]
Are bots using a large number of IP addresses simultaneously, so they look like a DDOS attack? Or are they just making ordinary requests from a small number of addresses. If it's the latter, all you need is some kind of fair queuing so those requests compete with each other for access, not with other users.
replies(3): >>45069941 #>>45071164 #>>45073051 #
1. jeroenhd ◴[30 Aug 25 08:49 UTC] No.45073051[source]
Bots are probing for access from various servers, eventually falling back to executing requests from residential IP addresses: https://blog.cloudflare.com/perplexity-is-using-stealth-unde...

Cloudflare is dealing with a couple million faked requests every day just from Perplexity users, and Perplexity is far from the worst player in the field.

The problem would be quite easy to solve with basic rate limiting if it weren't for the attempts to bypass access controls.