Fork/Edit away if you see any mistakes. I would suggest if we use code2flow on FAQs we download the images & upload them to discourse to avoid hammering their service / disappearing images if they disappear.
There was some chatting about maybe adding a default firewall rule for that, but it'd have to account for if people have SSL they actually want to serve out or not.
Part of the timeout is browser side settings not giving up and or javascript fetching retries. It may not be entirely clear from the flow diagram, I was thinking of tweaking that wording a little bit. I'll play around with IPTables rejects tonight and see if it resolves the issue and maybe just map it out in an updated flow chart.