So, uh, it appears that in Chrome (but maybe not other browsers?) Cloudflare is telling visitors to Techdirt that it's a phishing site. This seems like a problem.
Comments
Log in with your Bluesky account to leave a comment
yup because everyone’s browsers obey a central list run by google (but ultimately controlled by the US government) that can black out any given webpage in minutes in all major browsers everywhere on earth. “safe browsing” they call it.
this isn't a google safe browsing block it's an interstitial page displayed by cloudflare that they manually put on sites that use their DNS that have been reported for phishing (hence the cloudflare watermark in the lower right)
When I followed the "Cloudflare" link at the bottom, it said something about "this site protected by Cloudflare, but something went wrong...." and something about it being fixed soon.
I'd go through and reset passwords on everything, just in case. Maybe a good time to get a second phone line and make that the 2fa device for services that don't allow a yubikey.
Call me a conspiracy nut, but being blocked by one of the largest governmental security providers that services every agency may indicate that you may have written something offensive.
If I type "www.techdirt.com" or to through a search engine, it goes through just fine. I get the phishing warning on all mobile browsers for "techdirt.com"
You should have a look at my pinned post. Google has been giving me issues any time I try to look at election results. When I use Firefox, I don't have any issues.
I have to say, I'm baffled as to why Cloudflare has been universally accepted as an industry standard.
It is supposed to add a layer of security, but it seems to be an expensive way of adding bloat to the users experience without actually doing anything.
I'm not seeing that on my end. Instead, I'm seeing a rather infuriating message at the top that Techdirt staff have taken it upon themselves to not work the holiday weekend. The audacity.
oof yea, just checked in Chrome on mobile & got that page. Also getting it in Edge and Firefox on mobile. Cromite (open source fork of Chromium for Android) was ok though
I had someone email me, and I've reproduced it (only in Chrome) on two machines. I logged into my Cloudflare account, and two menus down found a notice for it (not at all clear or obvious). I have requested they review the site as classified in error.
Weirdly, it works fine for me in Chrome, Brave, and Safari but displays the phishing warning in Firefox. I also run multiple privacy plugins and your site doesn't trip them.
For regional purposes, I'm around Pittsburgh in the event it's a network thing.
Wait but this isn't a browser feature, this is Cloudflare itself that you (presumably) put in front of your website to "protect" it. Probably paid for it even. Amazing.
At least you can probably just go and turn it off for a while.
Last week, someone tried to impersonate me and tell Palo Alto Networks it should reclassify Techdirt as a phishing site. And Palo Alto Networks emailed me to say it had rejected "my" request. Guessing the same person did the same with Cloudflare, and they... believed it? WTF?
But not in desktop browsers on the same network. This is macOS Firefox; no warning. I tried several browsers on macOS Sequoia and Windows 11 on the same local network; all go directly to your site with no warning.
Had we considered that Mr. Carr might just be a super thin skinned bitch?
Looking at the company he keeps seems to suggest he is in the thin skin club.
I've got this from some Finnish national sites etc., becomes pretty useless feature if you can't trust it and have to bypass it anyway for legit sites.
Comments
But in the details pane they seem to be objecting to the code level of the page. (I hope this link works)
https://radar.cloudflare.com/scan/a70a1e73-515c-4216-9b5d-f3fc14cba0f7/security
https://www.techdirt.com/2024/11/27/brendan-carr-makes-it-clear-that-hes-eager-to-be-americas-top-censor/
It is supposed to add a layer of security, but it seems to be an expensive way of adding bloat to the users experience without actually doing anything.
For regional purposes, I'm around Pittsburgh in the event it's a network thing.
At least you can probably just go and turn it off for a while.
Took about a day to get things fixed and we had to disable protection in the interim. Real stupid shit
NOT IT!
Looking at the company he keeps seems to suggest he is in the thin skin club.