baeuchlein on 24/8/2025 at 16:32
For me, this security measure backfires. No matter how fast or slow I check the mark to show I am a human, Cloudflare asks the same thing over and over again, preventing me from accessing TTLG.COM. The last incident lasted several days.
Al_B on 25/8/2025 at 20:27
Sorry to hear that - it's not something I'm aware of others reporting. Have you tried a different browser or device just to check if it's a local issue?
baeuchlein on 26/8/2025 at 10:27
So far not. I'll try to remember it if the problem comes up again.
taffernicus on 26/8/2025 at 11:38
This "zip bomb" troll could be a reasonable detterent but i heard it can be easily mitigated by the bot operator : (
https://idiallo.com/blog/zipbomb-protection)
"Before I tell you how to create a zip bomb, I do have to warn you that you can potentially crash and destroy your own device. Continue at your own risk" -> basically says it all, DWYOR :D
Now here is the crux : legal impllications. I dont think posting a statement saying ‘by visiting this forum, non-humans, aka bots, must agree that they will be easily exterminated by zip bombs' would carry any legal weight. What if you encounter legitimate crawlers and they are willing to sue if you damage their crawlers?
WingedKagouti on 26/8/2025 at 14:07
They'd detect it within a few hours at most and then figure out a work-around that would defeat it in less than a day.
As is pointed out in the blog itself.Al_B on 26/8/2025 at 17:26
Quote Posted by baeuchlein
So far not. I'll try to remember it if the problem comes up again.
Thanks - it's something we're only enabling when it's really becoming a problem, rather than generally being there all the time. Even without the problem you were seeing it's not ideal and only really there to prevent total loss of ability to visit at all (which was what we were having).
Quote Posted by taffernicus
This "zip bomb" troll could be a reasonable detterent but i heard it can be easily mitigated by the bot operator
Realise this isn't an entirely serious suggestion (as with the one that taffrenicus quoted) but chances are we'll find out that half of legitimate viewers trigger it by mistake. If you have services that are only for your own use then it sounds like a risk that could be worth it but I really wouldn't want to expose every visitor to it. As you say, bots can be adapted to work around it easily and even things such as honeypot links seem to be less effective these days.
Brody on 30/8/2025 at 07:49
Quote Posted by R Soul
You're in a desert walking along in the sand when all of the sudden you look down, and you see a tortoise, it's crawling toward you. You reach down, you flip the tortoise over on its back. The tortoise lays on its back, its belly baking in the hot sun, beating its legs trying to turn itself over, but it can't, not without your help. But you're not helping. Why is that?
Well, i am a Nexus 6 :p
Mortis on 30/8/2025 at 12:21
Ive been experiencing issues with Cloudflare hosted sites for the last couple of years. Im usually blocked outright or have to verify that Im human. I mostly seem to have a problem with forums and websites with articles and such (actually useful stuff that I prefer). Its apparently because my ISP, the largest in the country uses a common pool for IPs and some routing thing and IPV6 or something, Im not a networking guy so I have no detailed idea. I guess being on the largest ISP + common pool of IPs that are probably used by scammers is leading to access issues. Only seems to be a problem with Cloudflare though and multiple users havent been able to resolve it at either the ISP or Cloudflares end
Al_B on 31/8/2025 at 13:24
Yes, it's not an ideal situation. It's not something that's permanently enabled - just something turned on when things are getting out of hand. For example, we've just had 8000 simultaneous "users" of which the very large majority are bots. The site is effectively unusable for genuine visitors and as a result Cloudflare guarding has been turned on. It will be turned off again once the situation has stabilised. It's a pretty blunt instrument but a useful one to be able to wield and although it does cause hassles for some visitors it's a trade-off between not having a site available at all or one that adds a little bit of annoyance.
