Iyes
CI don't know if I would instantly block, but you could challenge those requests, so legit users still have a chance of getting through
Cwhat legit human is using bittorrent to surf the web?
CDoesn’t look like HTTPS is loading
IYes but I can't load it through the domain
Cbittorrent? You linked an ASN, one seemingly dedicated to a website who does scraping and other proxy services & vps/dedicated servers, which could be used by legit users
Con that link, they are saying that the ASN related properties (I'm guessing) are part of a DHT node network used for bittorrent
Cbut perhaps that is meaningless in this scenario
Coh I see ipinfo is labelling the asn as a bittorent user
Cit means some devices using IPs announced from that ASN are running Bittorent, not the entire ASN is for it. You can find more of their services on their website link
CSpriousSprious Team
Sprious continuously seeks growth in business, community and life for our employees & clients by crafting unique, life-enriching companies.
Cwhich is the domain of the email used for contact of that ASN
UIf you dont like it block the ASN with a rule 
Ci'm considering...but asking community if there is downside to this I am not seeing
Cyea but they have a page https://sprious.com/blazingseo/ saying one of their brands sells VPS and Dedicated Servers, and Proxys.
I mean, if you're deadset on blocking, go for it, it's your rules. I would just challenge traffic from it for now so innocent people have a chance, while truly automated scripting/etc is still blocked/challenged
I mean, if you're deadset on blocking, go for it, it's your rules. I would just challenge traffic from it for now so innocent people have a chance, while truly automated scripting/etc is still blocked/challenged
Cthat leads to another question, what traffic of the "innocents" could be coming from VPS and Dedicated Servers, and Proxys?
CPeople using VPNs / Proxies
CSome people do it for privacy, some do it while travelling, etc, there are legit use cases
Ci suppose...
Cthe "challenges" cloudflare provide seem to be easily thwardable via bots
CIt depends on the type of website you are running. If's more aimed at business users or something which is often targeted by attacks, you might be better off just blocking. If you have a more general audience, better to make it slightly more annoying to a potential customer then block them entirely
Ci built a series of small business websites with lite e-com and artist portfolio websites, but i see bots pinging and testing all the time for non existant script files which create unncessary server load on these wordpress sites
Creporting these to the hosting services seems to have no effect or they just dont care...its a broken system
IPls help mee
EEven then though, perhaps it is better that these bots have to be smart and to potentially run an entire browser just to get past the challenge, rather than being able to fire junk requests with 0 effort?
EAt a guess I would say that Cloudflare is trying to access your website over HTTPS due to your SSL/TLS encryption mode when the site does not listen on a HTTPS port
CThe WAF Managed Ruleset has rules that block a lot of those random requests, like .env and such. You could also manually block requests to those as well, a bit more of a generic approach
Ctrue. what i have done so far is kinda created a "honeypot" where if triggered by some common nonsense file that they ping, or keywords in the contact forms emails being sent, it automatically blocks their ip address for all the domains in my account
IHow to fix
Cwhat would be better is if that ip with their BS request could be sent directly to the hosting company for them to immediately investigate and report that illegal activity and trace it back to their payment source
EMy account is still full of blocked IPs from when I used to do that years ago... lol
Cwhy this isn't required...and not law...is why we have the dead internet
Cif only there was a company big enough..with access to all this data...that could push for this...
Cperhaps cloudflare could call it "Project honeypot"
EWell step 1 go to https://dash.cloudflare.com/?to=/:account/:zone/ssl-tls and check what your encryption mode is
FHi all, I just keep getting
Error: Failed to contact the WARP API. this after I upgrade my warp client on Debian 12, and if I rollback to the old version, everythings fine, anyone know why?FI'm pretty sure my device can connect to WARP API.
FFound this, somebody has same issue with me.
FIs that a bug or something?
CYeah you need to fix SSL on your host server as Cloudflare will only access over https
ICan you tell me how to fix it
Bshould i take off proxy to lower load time and latency (hosted on Vercel)
DUptime was freaking out for a while for one of my services running on tunnels. Were there any issues earlier? Only other thing I thought of was the Docker container crashing, but it's been up 24H straight
DSeems it was either the host or tunnel, its uptime is only 5H which seems about when the alerts stopped
HIt’s random