Hacker News

Favorites Setup
Comment by VladVladikoff | original | Monetization Gateway: Charge for any resource behind Cloudflare via x402
[−]VladVladikoff · 2026-07-01 Wed 16:17 UTC · link
I am not a fan of the growing trend that Cloudflare is the gatekeeper of the internet. Personally I will never support this company, or firewall any of my websites behind it.
[−]nzeid · 2026-07-01 Wed 17:07 UTC · link
I'm old-man-yelling-at-the-clouds here. Everyone just uses Cloudflare, which is not a bad thing by itself. But do they _have_ to? Is managing your own edge really that terrifying?
[−]skinfaxi · 2026-07-01 Wed 17:12 UTC · link
> Is managing your own edge really that terrifying?

It's about convenience, not fear. Cloudflare is free for most companies until you need more advanced features.

[−]hungryhobbit · 2026-07-01 Wed 17:34 UTC · link
So a fear of being inconvenienced then?

I'll show myself out ...

[−]someonebaggy · 2026-07-02 Thu 07:59 UTC · link
What's more convenient about Cloudflare in front of your server than just your server? I think people use Cloudflare because of the fear of DDoS.
[−]AviationAtom · 2026-07-01 Wed 17:16 UTC · link
I think DDoS attacks are really what propelled them to the heights it has. The attacks seem to get bigger and bigger by the year. You need a really big pipe to filter them out on before passing on traffic to servers with a much smaller pipe.
[−]windexh8er · 2026-07-01 Wed 19:09 UTC · link
Yes, DDoS was definitely their entry point. I remember recommending them to a friend about a year or so after they had launched with the free tier. He was managing a small school district that was dealing with DDoS issues intermittently. What he needed was just outside of free at the time and I believe Cloudflare was still small enough where he had a call with Mr. Prince.

I was a strong proponent of Cloudflare for years, but looking back should have known better. I felt like others in the space would have tracked along how they went to market but that didn't play out as I would have suspected. I still use Cloudflare for DNS on domains that I use sparingly (mostly just for mail records), but no longer recommend anyone let Cloudflare terminate TLS unless they need it.

It's pretty amazing what you can get for a server host (bare metal) these days at the price point. I don't run any of those behind Cloudflare and haven't had any issues as of yet.

[−]ygouzerh · 2026-07-01 Wed 17:17 UTC · link
For non-corporate entities, it is!

Having an almost a plug and play solution who does CDN + DDoS Protection + WAF/Rate Limiter + Bot Protection, for a few bucks, is very useful for startups and SMEs.

And compared to cloud different offerings, their quick setup and lower cost is hard to beat.

[−]Catloafdev · 2026-07-01 Wed 17:58 UTC · link
DDoS protection and the number of features they offer are kind of unmatched.

I often see threads complaining about Cloudflare, never see suggestions for better alternatives.

[−]tristor · 2026-07-01 Wed 18:29 UTC · link
It would be economically impossible for me to run a small personal website without Cloudflare thanks to the sheer quantity of badly behaved automated traffic on the Internet in 2026.
[−]someonebaggy · 2026-07-02 Thu 07:59 UTC · link
What happened when you tried?
[−]flawn · 2026-07-01 Wed 22:27 UTC · link
Dumb question here - how can I manage effectively edges across the whole world without the huge maintenance overhead? Which tools would be recommended for that? I e.g. have a VPS at Hetzner with Coolify but users from the US have high latency. I wouldn't know how to not use CloudFlare?
[−]smalltorch · 2026-07-01 Wed 17:17 UTC · link
Step one: Make a gate everyone uses

Step two: Sell keys to the gate

Muah ha ha

But in all seriousness I wonder who needs this... api's are suppose to make it easy to bridge two application... and you didn't need AI to utilize an api before so I wonder what's pushing this sort of thing to extract value down to individual calls?

[−]gonight · 2026-07-01 Wed 18:30 UTC · link
I recently had to build a system to drop inbound traffic originating from cloudflare ASNs to prevent bad actors using WARP proxies, no legitimate cloudflare traffic usecases for anything inbound. Getting increasingly sick of cloudflare.
[−]Bender · 2026-07-01 Wed 21:14 UTC · link
I do something similar seems to get the job done.

    for BadActor in $(curl -A Mozilla "https://api.cloudflare.com/local-ip-ranges.csv"|grep -Ev "::|/32"|awk -F "," '{print $1}'|sort | uniq); do ip route add blackhole "${BadActor}" 2>/dev/null;done
Something similar can be done with AWS EC2

    https://ip-ranges.amazonaws.com/ip-ranges.json
[−]VladVladikoff · 2026-07-02 Thu 02:40 UTC · link
Fun command chain thanks
[−]penguin_booze · 2026-07-01 Wed 19:06 UTC · link
See also the deranged post from the CEO, gloating about firing employees: https://archive.is/gSrfU.
[−]Jimmc414 · 2026-07-01 Wed 19:27 UTC · link
I'm in awe at how tone deaf and naive the CEO comes across in this article. It reads like a comically ominous punchline from Gavin Belson.
[−]frizlab · 2026-07-01 Wed 19:20 UTC · link
Isn’t x402 an open standard anybody can implement?