Cloudflare took down our website after trying to force us to pay $120000 within 24h

draughtcyclist , 1 month ago

Realistically, this is why you pay for Akamai. You don't get these shenanigans.

How the fuck were they still on a $250 dollar a month plan when they pumped through $2000 a month worth of traffic? That's shady on the companiy's part and Cloudflare shouldn't have allowed it to happen in the first place.

Each party played their part here and did shitty things. Sounds like the tech equivalent of a crackhead arguing about selling stuff to the pawn shop employee.

ryven , 1 month ago

The $250/month plan supposedly includes unlimited traffic. If there's actually a limit where you're supposed to switch to a more expensive plan with no standardized price, maybe CF should say what the limit is?

draughtcyclist , 1 month ago

They absolutely should have outlined a traffic limit for the $250 a month plan. That's on Cloudflare for allowing it.

That said, if you make wildly excessive use of that loophole it probably shouldn't surprise you if they do something like this. They called it "trust and safety" because it allows them to do anything they want under the guide of security.

Really, they didn't define their service clearly and wanted to fire them as a customer unless they paid up for what they felt they were owed.

TheTetrapod , 1 month ago

If something is marketed as "unlimited", I don't think there is such a thing as "wildly excessive use". This isn't a competitive eater going to an all-you-can-eat buffet and being mad about getting kicked out. It's a business using a service in a way that's seemingly in-line with what they paid for.

JeffKerman1999 , 1 month ago

It's the same definition of "unlimited" that Telcos use: you pay for unlimited but it really is XXgb of data per month, after that they either disconnect you or throttle your traffic at a glacial pace...

lazynooblet , 1 month ago

And in both cases, that is bullshit. Just because it happens doesn't mean we should accept it.

Gullible , 1 month ago

A man walks into whorehouse at half past seven, inquires about prices, and learns that it’s 250 per night, per person for the room. “Everything they consent to is available to the customer” says the proprietor. Gladly he pays and climbs up the steps with his hand clasped tenderly, finally landing upon a plain pink cushion, whereupon he proceeds to fuck the absolute shit out of his companion for six full hours. The brothel quakes in rhythm with their dual shrieks of ecstasy for the full duration.

As he begins dressing himself across from the nearly comatose prostitute, the proprietor returns, requesting two hundred and ninety dollars for the extended stay and sixty for the damage to her employee. It was at that moment that the man realized that the madame was a 70 foot tall crustacean from the Paleozoic era. He yells “goddamn Loch Ness monster, I ain’t giving you no three fifty!”

AVincentInSpace , 1 month ago

...huh?

mightyfoolish , 1 month ago

South Park reference. Probably the funniest episode in the whole show outside of "Hare Club for Men".

Vlyn , 1 month ago

"Unlimited" doesn't exist in this universe. It's always "Unlimited under fair use".

If you pay for your water park ticket and they offer unlimited free drinking water fountains, you can't pay for your ticket, call up Nestlé and bring in the water trucks.

Besides the IP poisoning from the casino, ToS violations and so on, just using this much traffic would probably be enough cause for a cancellation (or a forced plan upgrade).

neuracnu , 1 month ago

I worked for Akamai for 7 years.

This is why, if your CDN infra is core to the operation of your business, you make your systems accommodate multi-CDN integration. Cutting one CDN off shouldn't be significantly difficult, and it comes in handy during contract negotiations. All the major players work this way.

Jakesvito , 1 month ago

I have been on a wining streak since I started following Veronica Tolan on Facebook, My portfolio has increased greatly in weeks. He is truly a stock/crypto genius. WhatsApp her directly; +44 7465283150

Agent641 , 1 month ago

Veronica's pronouns are he/her?

Jakesvito , 1 month ago

Thank you for the correction! I appreciate it and will make sure to use the correct pronouns for Veronica from now on. You're right, using 'he' or 'her' pronouns is important. Now, back to the investment idea... I believe reaching out to Veronica could be a great opportunity for growth and collaboration. Their expertise and insights could be invaluable in helping our investment thrive.

Jakesvito , 1 month ago

It's a she ( her)

secretlyaddictedtolinux , 1 month ago

this is disgusting and knowing this, i will never pay cloudflare for anything nor recommend them to anyone ever

the_crotch , 1 month ago

Repoint your DNS, send everything to legal, delete Facebook hit the gym

todd_bonzalez , 1 month ago

Regarding the HN shenanigans, their algorithm does some weird things.

If a new post gets too many upvotes and not enough comments, it gets demoted very quickly.

If any of the activity appears manufactured, it basically delists the post.

Very exploitable, but also prevents popular articles that don't stimulate conversation from sticking around on page 1 for too long, and makes botting upvotes do more harm than good.

suction , 1 month ago

HN is a libertarian hellhole full of divorced incel energy

VantaBrandon , 1 month ago

The tl;dr seems to be this was a money losing account for Cloudflare, and they couldn't squeeze them so they weaseled out with some TOS violation to prevent losing money on what was promised to be unlimited traffic, they have better lawyers so they're not worried.

Cloudflare 100% in the wrong here, they are closing accounts for TOS violations when they are just unprofitable, I would very strongly consider how tightly to couple with them knowing how cavalier they are about squashing small businesses.

If enough of these happen though, they'll get destroyed by a class action lawsuit, and they'd deserve every bit of it

KairuByte , 1 month ago

Okay, yes this is an issue. But small business? This was a multinational casino site… that doesn’t scream small business to me.

sudneo , 1 month ago

Online casinos can become international very simply, it doesn't necessarily mean it's a big company. You usually get a license and can operate in that country + a number of gray markets. Ofc there are also huge companies, but "international" doesn't mean much for an online business.

KairuByte , 1 month ago

Yes… but 4 million active users is quite high. I doubt anyone would consider that “small business”.

sudneo , 1 month ago

Yes, that's true. I guess that is for sure a better metric that being "international".

daq , 1 month ago

CF doesn't give a fuck about 80tb of traffic. These guys were in severe TOS violation that could affect all CF customers if CF IPs got blocked. Given 48 hours to bring their own IPs and switch to (expensive AF anywhere) enterprise account and finally shut down TWO WEEKS later after trying to weasel their way out of this instead of accepting they need to pay to play this stupid game.

We've been CF customers forever and enshitification is definitely affecting all of their services and mostly customer support, but in this instance I'm 100% on the side of CF.

sudneo , 1 month ago

I worked for an online casino in the past. What they do is a standard in the industry. The company I worked for was a small startup and onwed hundreds of domains, mostly just to protect the brand, 98% of which redirected to the main domain, with a few serving slightly different sites for different jurisdictions (e.g. Ontario regulations require that everything happens under a .ca domain). The "blocking evasion" doesn't require CF to do anything, besides forcing the customer to block traffic from certain countries (the ones where you are suspected to evade the block). At this point - if the casino is really operating in the black or gray markets - they can just set ingress to their site outside CF for those countries only if they really wanted. I worked also for a company who was doing this to allow traffic from Russia, changing every day mirrors (and they had an IT department of maybe 20, it was a joke), and Russia was the main market for them.

If what is told in the article is true - I.e. 95% of the traffic was through the main website - then it doesn't look like they were really doing this sort of evading deliberately, considering that in that 5% you have all your alternative TLDs plus the traffic from gray/black markets. Having hundreds of domains and some small percentage of traffic from black markets is something that just happens, it's different from continuously registering new domains for providing access where the previous ones got DNS blocked (this is domain block). It doesn't seem this is what they were doing based on the article, and if they were, then CF emails didn't mention it, which is insane.

Obviously we don't know the full story, so everything has to he taken with a grain of salt.

merc , 1 month ago

I’m 100% on the side of CF.

100%?

We scheduled a call with their “Business Development” department. Turns out the meeting was with their Sales team,

...

So we scheduled another call, now with their "Trust and Safety" team. But it turns out, we were actually talking to Sales again.

This is the part that's ridiculous to me. If CloudFlare thinks they're violating TOS that's fine. If they're willing to let them continue with their business as-is as long as they pay more? That's fine. But, scheduling calls with one group and it turns out it's actually CloudFlare's sales team on the phone, that's ridiculous.

daq , 1 month ago

Well, the way he describes it does sound messed up, but if the only solution CF is willing to accept is for them to bring their own IPs and that is only available with an enterprise plan, what kind of conversation were they expecting? And like I said in another thread, enshitification at CF affected their customer service the most. We went from being able to to speak directly to devs, to people who actually understood the problem, to first tier support that didn't understand shit to 0 tier support that barely understands English.

Klear , 1 month ago (edited 1 month ago)

These articles are always embellished, so I would take it with a grain of salt.

SquiffSquiff , 1 month ago

It seems that you've misunderstood what the issue is here from cloudflare's perspective. The customer was using cloudflare IP addresses, which is causing a knock-on effect for the rest of cloudflare's customers and putting cloudflare as a business themselves at risk. The alternative was for the customer to use their own IP addresses as cloudflare advised . I'm not sure what you think 'Business development' teams do but I certainly wouldn't be expecting engineering advice from them.

merc , 1 month ago

The customer was using cloudflare IP addresses, which is causing a knock-on effect for the rest of cloudflare’s customers and putting cloudflare as a business themselves at risk.

Right, so sales should not be involved in any way.

The alternative was for the customer to use their own IP addresses as cloudflare advised .

Again, sales should not have been involved in any way.

I’m not sure what you think ‘Business development’ teams do but I certainly wouldn’t be expecting engineering advice from them.

They are at least not identical to sales. They work with sales, but there's at least some engineering component of the job. In this case if you were told you were meeting with the business development team, you'd expect that there would be talk about an engineering solution to the problem. Not just paying cloudflare more money.

Zak , 1 month ago

I did a quick search through Cloudflare's TOS and did not find anything about gambling. What was the TOS violation here?

What I'm seeing is Cloudflare communicating very poorly about what actions the customer would need to take to keep their site operating, why, and what the timeline would be. "We've determined operating your casino website on Cloudflare IP addresses is an unacceptable risk to our other customers and we require that you upgrade to an Enterprise plan within two weeks or your service will be terminated" is clear, concise, and I believe entirely fair. What they did here makes me think they're an unreliable and unpredictable service provider.

daq , 1 month ago

Gambling is not TOS violation. Exposing CFs IPs to be blocked would affect ALL customers so CF is naturally aggressively protecting those Running any business that puts CFs IPs at risk is the TOS violation here.

I wish I was the fly on the wall during that meeting, but I have very little doubts casino understood the problem very well and were trying to weasel their way out of paying for an enterprise service (to anyone) and having to use their own IPs which are trivial to block. And if you continue buying more and rotating it will likely quickly get you on the black list with anyone still selling them.

I may be simplifying and maybe casino's CTO and the entire tech team are a bunch of naive newborns, but I really fucking doubt it.

Zak , 1 month ago

Again, I'm not seeing an unambiguous TOS violation here. They have some catch-all stuff about creating an undue burden and an even broader clause saying, essentially they can drop any customer without cause. I have no doubt Cloudflare is legally in the clear, but when I read about something like this, I think I wouldn't set anything important up with Cloudflare as a critical part of its infrastructure.

Of course, the author could be leaving out a bunch of context to make himself look good.

daq , 1 month ago

If the article was about a non profit or a legit small business with a web presence, I would agree with you. We're talking about massively risky business with spectacular profit margins.

I just don't believe that CF suddenly realized these guys are rolling in money and wanted their cut. The risk just wasn't worth it to CF confirmed by the fact that they did not negotiate at all and happily lost the casino as their client.

We're easily making enough to pay $120k/yr to CF, but they are not creating that much value for us and we're not introducing any risk to them so what we pay makes sense for both sides.

Zak , 1 month ago

Maybe I haven't been clear enough.

I have no objection to Cloudflare or any other service provider dropping a risky or unprofitable customer. That's normal and fair in business.

What I don't like is their apparent poor communication and failure to provide a clear (and reasonably distant) deadline so that the author's company could find a solution that avoided downtime. Were I on that company's board, I'd likely be pretty unhappy with the author for not having a contingency plan prepared in advance, but as a third-party observer my main takeaway is that if I rely on Cloudflare and they suddenly decide they don't like something I'm doing, I'm screwed.

daq , 1 month ago

Your conclusion is based on only one side of the story. And this story is coming from an unnamed business that's using social media to shit on a provider that dropped them.

But even assuming that's true, name any other large provider that would behave differently. AWS will terminate your services instantly and their support is even worse than CF. Apple is the same and then will take 2 weeks to reply. Google is a ghosting champion.

Just to be clear I'm talking about B2B relationships. Not end user communication.

Zak , 1 month ago

It's true I'm assuming the author is being honest about what Cloudflare sent them and not leaving out a message where they made the situation abundantly clear. That's definitely possible, and we probably won't find out because big companies don't usually give public responses to this sort of thing.

name any other large provider that would behave differently

I can't, and this makes me inclined to believe it's a mistake to rely on any of them without a failover plan. Of course that's effectively impossible for some situations, like mobile apps requiring app store access. That seems like a situation that calls for antitrust enforcement.

Bryanbat , 1 month ago

I gained so much money from my investment. All thanks to EXPERT ELOISE WILBERT ON INSTAGRAM.. who thought me how make huge profits from my deposit and I gain from 100$ to 600$.. Thank you EXPERT ELOISE WILBERT ON INSTAGRAM contact her now to also get such good luck 📝👍

rekabis , 1 month ago

Yet more evidence that CloudFlare is inherently damaging and hostile to the Internet.

fine_sandy_bottom , 1 month ago

It's fine to not like CloudFlare but this isn't really "evidence" of any kind. It's a one-sided rant on sub stack.

Aux , 1 month ago

Seriously? The article author admits they're doing illegal shit and break CF TOS and CF is inherently damaging? You ok, mate?

Eyeuhnluuung , 1 month ago

The irony here, is this is the kind of vague and obtuse fuckery online casinos and sportsbooks pull with their customers all the time.

Aux , 1 month ago

The irony here is that the article author confirms that they break TOS of CF and he still has a Pikachu face. Reddit discussion is pretty positive that CF is right in their decision and that new provider will shut them down at some time as well.

juliebean , 1 month ago

even if they were breaking tos (and i don't think it sounds quite so cut and dry), shouldn't the response be to notify them and allow them to fix it, or just terminate the account? demanding a ton of money to make the problem seems a skeevy way of handling it on cloudflare's part.

lepinkainen , 1 month ago

They had two weeks to fix, instead they stood their ground and argued.

They very well knew that they were costing a lot more than the $250 they were paying and couldn’t get a deal anywhere else

Gestrid , 1 month ago

Found the thread on HN. Here's what (I'm guessing) a mod had to say:

It set off the flamewar detector, got flagged by users, and got downweighted by a mod.

The 'customer support of last resort' genre is common and not usually a good fit for HN [1]. If people feel this story is unusually relevant and interesting, I'm not sure I agree—long experience has taught us that one-sided articles like this nearly always leave out critical information—but I also don't mind yielding in an occasional specific case, so I've rolled back the penalties on this thread.

The issue from our point of view is not about story X or company Y—it's a systemic one: the most popular genres of submission (especially the rage-inducing ones) get massively over-represented by default, so countervailing mechanisms are needed [2] if we're to have a space for the more intellectually curious stories that the site is meant for.

[1] https://hn.algolia.com/?dateRange=all&page=0&prefix=true&query=by%3Adang%20%22last%20resort%22%20support&sort=byDate&type=comment

[2] https://hn.algolia.com/?dateRange=all&page=0&prefix=true&query=by%3Adang%20countervail&sort=byDate&type=comment

starman OP , 1 month ago

Okay, that's understandable

flambonkscious , 1 month ago

Cracking insight - well done!

nutsack , 1 month ago

I love hacker news. The internet needs more things like this

QuantumSpecter , 1 month ago

Lemmy points counter at 666 as I read this post. Is this a sign?

Chriszz , 1 month ago

250$ a month for their service seems like cloudflare was straight up losing money on the deal. Although cloudflare seemed to have given them extra time than they said before terminating service, which they didn’t have to do. That being said, I think both sides suck here.

bane_killgrind , 1 month ago

Nah. CF initiated a contract renegotiation, and then suspended services right after being informed the customer was price leveling.

That's crappy.

They gave less than a single billing period notice for a price increase.

That's crappy.

They sent a price increase for 40x the current billings, with no corroborated cost or value.

See where I'm going here?

pete_the_cat , 1 month ago

I agree. It's shitty for Cloudflare to just straight up destroy this company's DNS, but also it seems like the company violated the ToS. They had about two weeks to migrate to something else, but instead they just continued debating with CF. Also, this company doesn't have a secondary DNS server in case CF ever went down? That's pretty stupid on their part. Redundant systems are key, I hope they learned that lesson haha

viking , 1 month ago

Isn't CF advertising themselves as the solution to needing multiple DNS' with their failsafes, switchovers and load balancing?

If I need to maintain multiple anyway, what's the benefit of CF to begin with? There are a million CDNs out there I could use instead, if I still have to maintain the network architecture.

KevonLooney , 1 month ago

Do you believe everything that companies tell you? If Google or Apple tell you "we're the solution to everything, you never need to buy anything else", do you listen to them?

viking , 1 month ago

No, but if I use a service to solve a specific problem only to see the need to have a failover in place regardless, I might as well not use the service.

pete_the_cat , 1 month ago

Regardless of what they tell you, if you care about uptime, you ensure this yourself. I feel this is 60% the company's fault and 40% Cloudflare's.

Chriszz , 1 month ago

Thanks for actually reading my comment unlike the other guy

Xtallll , 1 month ago

$250 a month unlimited business plan, is for a business with a Website, like a restaurant website that has a menu and takes reservations, maybe a small online store that handles a few dozen SKUs. When the website is the business they move you to an enterprise solution.

thatirishguyyy , 1 month ago

Multi CDN integration is a thing.
And fuck CF. Unlimited means unlimited. Stop trying to lie to your customers and change the rules.

If the IP's were an issue, then they wouldn't have offered to make the issue go away with $$$.

mholiv , 1 month ago

I mean more money would solve the IP issue.

Step 1: Get more money
Step 2: Buy additional dedicated IPs for the casino
Step 3: Profit from the profits of a casino.

RickRussell_CA , 1 month ago

But, the guy admits that what they were doing with the domains was expressly permitted in the "Enterprise" class service. If it was expressly prohibited in the "Business" class service, then they set themselves up for the shakedown.

timewarp , 1 month ago

[Thread, post or comment was deleted by the author]

Midnight1938 , 1 month ago

Where did you go?

timewarp , 1 month ago

[Thread, post or comment was deleted by the author]

Midnight1938 , 1 month ago

I thought you meant CF

ssj2marx , 1 month ago

casino

lmao get fucked

KillingTimeItself , 1 month ago

THE HOUSE ALWAYS WINS MY FRIEND

harmsy , 1 month ago

True, and this time "The House" wasn't the casino.

KillingTimeItself , 1 month ago

somebody has out gambled the gamblers. It's finally happened!

UnderpantsWeevil , 1 month ago

Sounds like a shake down, and it couldn't have happened to a more deserving group.

Still, real lesson in how Cloudflare does business.