Cloudflare just revealed on their blog that back in November a sophisticated hacker, likely a nation state, got access to some of their servers. This comes after a security firm identified a different vulnerability months earlier. This shows the true dangers of them overseeing all traffic and all cryptocurrency on all centralized exchanges. It’s critically important you understand this:
https://simplifiedprivacy.com/cloudflarehack/
Tor Browser Onion: http://privacypkybrxebcjicfhgwsb3coatqechwnc5xow4udxwa6jemylmyd.onion/cloudflarehack/
I question that GetMonero.org is on Cloudflare. We should strongly reconsider this as we’re downloading XMR wallet binaries from an organization not friendly to privacy. And the PGP public key to verify it is on the same Cloudflare website.
I do not have much say in this community as I’m new, but I ask you to bring it to the attention of those who do.
I strongly agree, but if you tell the admin they will ask for a replacement.
Do we have a suggested alternative to cloud flare to protect from DDoS attacks? Its a legitimate issue for many sites.
For form spam protection I usually recommend hcaptcha, but that won’t work for DoS
Edit: I have noticed that hetzner protects themselves with a pow-powered DOS protection service that actually works (unlike cloudflare) on hardened web browsers. But I’ve never seen them advertise it for resale, which is a shame.
I’d recommend Bunny, they accept anonymous Bitcoin, and maybe we can pitch to them to start with Monero if they’ll take us on as customers. Also if the person is willing to pay the EU VAT tax, then you get GDPR for customer data.
https://bunny.net/network/ddos-protection/