Using a service like Cloudflare, business owners are sold on the (very pricy) assurance their websites are safe from hacks or being taken offline by bad or malicious actors targeting properties by different means of direct or indirect attack.
Cloudflare, and similar services, do this by acting as shield walls through which bad traffic cannot pass, or at the very least finds it extremely difficult or costly, which turns them towards ‘easier’ targets.
Or so everyone thought.
In kiwifarms v. online gender activist Cloudflare demonstrated (for a third time, Ed.) that ANY guaranty upon which their services are sold – that of defending their customers properties from attack – is completely and utterly worthless.
As business owners we don’t need to know the specifics of kiwifarms v. gender activist spat* except to know Cloudflare acted upon what was a socially engineered HACK
Note: *a political activist and their vocal supporters, upset at an offensive website using Cloudflare’s protections, coerced the company directly using a harassing social engineered attack vector.
In attacking individuals the activists bypassed millions of dollars of protective technological infrastructure that prevents online attacks to hack PEOPLE and have Cloudflare themselves take the alleged offensive website offline.
For businesses using Cloudflares services this is beyond reprehensible and makes their services worthless; why protect a website from being taken offline by online assault when it can be hacked though social engineering – this is literally why honest services say they will never ask for passwords or other identifiable information because they can be used to ‘socially engineer’ a different hack attack vector, people themselves.
Note: when using a service like Cloudflare website owners hand over the keys to their properties such that Cloudflare can remove websites without the actual owner having much say in the matter or recourse to easily and quickly get back online using different services. Protection comes at the expense of liberty.
The upshot of this is this; business owners, especially small businesses, should be looking to take their defensive needs to other companies not open to socially engineering hacking.