Google's captcha (the one where you select the squares) is just such a painful experience, I actually get excited when I see Cloudflare's captcha. I'd estimate my Cmd+W rate when I see a gCaptcha is at least 25%.
I wonder what I do differently. I never see a Cloudflare page - completely forgot that was a thing. It’s been years since I’ve seen one.
Because end users don’t have any ability to avoid sites that use Cloudflare, and it’s free advertising every time a developer sees it. Sure, you might hate Cloudflare on everyone else’s sites, but it’s nice to have it on your side!
Are most web users inconvenienced at all? People on Hacker News aren't typical, which probably results in installing more privacy-preserving technologies that trigger captchas.
It’s ironic how Cloudflare, meant to improve security and performance, ends up causing frustration for so many users when it blocks access to sites.
It just looks like an artificial delay being sold as "performance" (well, it is a delay, how can it be performance? I understand the security aspect, but it is really annoying.
Cloudflare feels like yet another tech company living too long and becoming the villain.
Early Cloudflare days I moved all the infrastructure I was responsible for over to them for being so developer friendly. Now they are both developer unfriendly (eg. horror stories around pricing and plan swaps) and consumer unfriendly with way more frequent intersitals than I remember from ~5 years ago.
I think every time I log in to GitLab I get a Cloudflare check. Doesn’t matter if I’m on a residential connection, starbucks, airport or VPN.
> I think every time I log in to GitLab I get a Cloudflare check.
This is almost certainly GitLab’s doing (though you can ultimately blame irresponsible AI scrapers). Site owners can control how often you see CF captchas.
It is a lot less annoying than cookie banners.
I find it very annoying.
There are more reasons to hate it. It has a deserved bad reputation of extortion of certain users for no good reason when it believes those users to be too dependent to move away. It is known to do this extortion by suddenly asking them for a lot more money.
Another valid reason to hate it is because it MITMs a good chunk of web data, with a strong potential to leak it all to the government without a warrant.
As someone running a web app, I can see the appeal. I get tens of thousands of "attacks" per day from bots scanning for WordPress/PHP files and that's not even counting the "legitimate" bot traffic crawling your site for content or AI training data.
Now, tens of thousands of requests probably won't do much if you have basic security, caching, and optimization in place. But if your app is a mess, sometimes it's easier to just slap a Cloudflare gate on it and call it a day.
Users don't care about Cloudflare and I think you need to go outside.
Either you're in a bubble or you're an AI or both.
I’ve been getting rather annoyed by it personally. I’ve been running a VPN lately for some things and it’s constantly making me check a box before loading sites. Sometimes twice. Once it fell into a loop and I just gave up.
I does get in my way less when not going though a VPN.
Most users do not do this and therefore will never see this screen.
“Never” isn’t true, but they may not see it enough to reach a pain threshold.
There are plenty of "normies" on social media complaining about it, it's not just a developer bubble.