That's your interpretation. Pretty simple statement to me. If it wasn't working, I'd stay away until it's fixed. That in no way fixes blame on anyone.
Looks like it's all moot now anyway.

 

In no way does that look like he's blaming FTE or anyone else. If he'd have said, "... FTE might have to go on the Do Not Call list until they get their crap together," or some other sentiment, then I'd agree. But, he merely stated that until the site is back to normal, he may have to stay away. Seems reasonable and blameless to my eye.

 

Count me in too. This Cloudflare just popped up 3 days ago, how it got in my computer is a mystery.
This was the first time it didn't show up going on the forum. I tried to get rid of it but couldn't on my Mac.
The only one to blame is Cloudflare!

 

Don't worry, Cloudflare didn't "get into your Mac".

Cloudflare is a website protection service used by the vast majority of large scale websites. It isn't located in our computers. As the name implies, it is located in the "cloud".

Websites can get "attacked" by hackers, and websites can also get "attacked" by "bots", or automated processes. Cloudflare is a service that detects and deters these types of attacks, often in a prophylactic way, before any damage can be done.

The consequence of Cloudflare's "Johnny on the Spot" fast reaction service (which is also automated) is that legitimate users must endure the inconvenience of extra vetting, prior to being admitted to the website, when Cloudflare is triggered by a red alert.

On late Friday afternoon, (or evening for east coasters), the Cloudflare service "sensed" an automated thread generating Distributed Denial Of Service attack. That attack may or may not have taken place without Cloudflare, but given that FTE pays for Cloudflare's automated protection, Cloudflare's algorithm sensed a potential DDOS "attack" might be taking place, and immediately kicked into a higher protection mode, to frustrate and thwart any attack from taking place.

Unfortunately, the additional layer of security that kicked in over the weekend also frustrated regular users, who were interrupted by the Cloudflare vetting process.

An analogy would be similar to the TSA screening process when boarding a flight. Some folks here may be old enough to have flown before there was any such thing as metal detectors in airports. And before the whole Patty Hearst deal in the 70's, the rules simply were that long guns had to be stowed in the overhead compartments. And there was an ashtray in every seat. I remember the grumbling when they made the new rule that moved smoking to the last 10 rows of the airplane. So let's put this Cloudflare into proper perspective.

No matter what other website Cloudflare protects, be that website good or evil, politically correct or corrupt, Cloudflare is simply a service. If a criminal used a Ford truck to rob a bank, does that make Ford Motor Company an accomplice to the crime?

Since Cloudflare triggered into a higher mode of protection at the end of the workweek, late Friday afternoon, the network technicians for FTE were not available to evaluate the reasons why Cloudflare kicked into high gear to protect us. Once those network administrators showed up for work on Monday morning, they were able to turn a **** to dial down Cloudflare's proactive protection from any possible attack mode, into the mode it is in right now, which is the mode it has been in on FTE for years... where we don't even notice it.

The alternative is to not have the TSA. Not have metal detectors. Allow any airline passenger to bring box cutters, pistols, knives, long guns, anything they want onto the air plane, and just hope that they mean well, and will not do us harm.

Our experience with hijackings has shown that this is an unrequited and unrealistic hope. So we endure the delays of TSA screening, in exchange for some sort of vetting process that may not eliminate, but vastly increases the difficulty for random rogues to do us harm.

Likewise, Cloudflare serves as the "TSA" for thousands of websites, usually large websites that can afford the service, and every once in a while, Cloudflare's automated sniffers sense activity that could be construed as a DDOS attack, and then Cloudflare does what IB paid it to do, which is protect FTE servers from attack, automatically, until the network technicians can have a look see and determine that all is OK.

FTE was not hacked. No one's personal information was compromised. What we witnessed over the weekend was how FTE's servers are protected, even when the network administrators are at home sleeping. Cloudflare is not an insidious invasion into our home computers. Cloudflare is in the cloud. It is the TSA in the air, checking our metaphorical bags (browsers) before letting us on the FTE plane.

Cloudflare's high alert work is done for now, and is standing down, but remains at ready to step in again, should it sense a potential threat that warrants the additional security.

Thank you for your understanding!

 

I'm glad it's fixed as I couldn't get on at all.

As for the other issue going on..... get out of the sandbox if you can't play nice

 

Thanks Y2KW57!! Imagine working for a company that has customers that use Cloudflare and getting alerts everytime one of these attacks occurs and you have to check each and everyone of them. Or deal with business owners who want to know why their IP was null routed because their site is being DDoS'd. That's what I go through every day that I work. And it's not just American businesses that feel this. My company is worldwide with data centers in many countries and we go through this daily. Thank you for explaining this for those not familiar with Cloudflare's service and methods. What they do, they do well. Sometimes they cause issues like we've seen here, but I would rather deal with that than have to deal with not being able to reach the site at all because it's been null-routed for 24-48 hours for a massive DDoS attack.

 

Thanks for a good explanation as to what was happening with Cloudflare,

 

It probably serves its purpose OK, but using the TSA is just a terrible analogy and a complete disrespect to Cloudfare! Unlike the TSA, Cloudfare is actually pretty effective at what it does. Whereas the TSA is an ineffective govt program, Cloudfare is a private company that does a pretty good job of blocking threats to a website. For example, you may have remembered the hearings about China stealing IP last summer and fall, with lots of companies claiming damages and even charging that China's government is complicit in the theft. One of the ways an actor gets access is by raiding websites with bot attacks. Here's my company's own website over this past weekend. Someone or something hit us hard and we had a 50x spike in traffic due to bot activity. Why? Not sure, but this is what Cloudfare is meant to eliminate -- these are actual data from google analytics of my site:

 

LOL!!!


Thank you for sharing what happened to your server over the same weekend. Seeing another entity unrelated to FTE undergo the same type of spike (and protection) will help assure folks that it isn't just their computer/device, and it isn't just FTE. It's the way of the world, and we all have to armor up occasionally to deal with it. Armor is awkward and uncomfortable to wear, and it isn't fool proof, otherwise we might still be ruled by Vikings (actually, we might still be, only they turned in their armor for silk suits).

I used to fly four days a week... which only left three days a week on the ground outside of an airport. LOTS of airport time. LOTS of opportunities to witness the TSA as they functioned, and to notice the differences in the TSA personnel from region to region, state to state, and even differences from airport to airport, which one would think would not be the case with a federal agency that is standardized by regulation. Nevertheless, people are people, no matter what kind of badge is pinned to their shirt.

Granted, I didn't have to wait forever in the long lines as I was "pre" cleared globally, so my attitude toward the "system" is less ingrained with a built up resentment of inconvenience, but still, as an observer notwithstanding, the system works more often than it doesn't. We remember the times when it doesn't work so well, while not even realizing how many times it does work without us ever knowing.

Which is where the applicability of the analogy resolves once again. There is an entire team of moderators, administrators, and staff, as well as software and contracted services, that all work in concert to make FTE run without disruption. Anyone who has visited a forum where the last 10 pages of posts are written in Chinese by a bot within the space of an hour, will come to appreciate having to pick out a boat or bicycle every now and again when networks across the internet are under attack.

 

Well... I changed browsers 3x due to this in the past few days, it kept saying I had malware but no anti malware programs could find anything, I guess at least I had something to do while the wife was working all weekend.

 

Y2KW57: thanks for the explanation.

 

You are quite welcome, and consider it as the response to your PM as well.