The issue I am facing:
While most people want Cloudflare, I want to avoid them and block sites that use them. Is this possible? Is there a blacklist of sites that use it? I have so much trouble with them I don't appreciate being randomly blocked and my privacy invaded by them. I realize this is not a popular opinion. But that is why I use PiHole, because my views are not popular.
Details about my system:
A discrete x86 computer running debian, Unbound, and PiHole.
What I have changed since installing Pi-hole:
I use Unbound as my private DNS provider with the included blacklist.
Cloudflare offers lots of services. What do you want to block? Sites can use Cloudflare in a whole load of different ways under the hood.
If what you want involves accessing particular domains then Pi-hole can block those domains.
Thank you for your response. Basically I want to block any site that uses Cloudflare as a reverse proxy, or at least uses them to examine you, your cookies, your IP address, or any other info, for the purpose of deciding whether or not they will block you from a site. I do not like being subjected to their invasive scrutiny which I have found to be extremely random and unfair. I don't think it is possible, but I just want to reject any site which uses them for those purposes. I know it's a pipedream, but if it's possible and someone has made a list of sites that do this "investigation" of you to determine if you are permitted to enter, I wish to decline and be left alone!
I hope that makes sense, even though I know it's not likely. I am just tired of that company policing the internet for the normies and ruining it for people that have been here since the 90s.
Those Cloudflare challenges can be annoying and seem random but they're trying to strike a balance between annoying genuine visitors and blocking bad actors or bots. They're one of a number of different types of challenges and in response to various factors.
As far as I'm aware they're not trying to harvest data, they're just trying to determine if you're a real person with a real web browser environment, and then setting a token to confirm you're good.
This page has more details. It looks like there's a move away from human-interactive challenges where possible and to automated detection. There's a blog post about it. The user experience is largely down to the site admin's choices, not Cloudflare.
That was a happy time, but now services like Cloudflare's are vital to manage protection at the scale needed.
I guess the simplest way to reject such sites is to block them in Pi-hole if you receive a Cloudflare challenge. You could limit it to interactive challenges only, or notify the site owner to see if they would change to the managed challenge (and send them the blog link above).
Sometimes the interactive challenge is annoying, but I never heard about a compiled list of sites using it. If you want block every site using Cloudflare challenges, you will probably need to create your own list.
As chrislph explained, this kind of challenge is not investigating you, it's just making sure the request was made by a human visitor, not a bot.
I think the easiest way would be to block their IP ranges (IP Ranges). Either blocking them via firewall or configuring your DNS to rewrite the response if it contains any of the addresses (e.g. marking them as private-address)
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.