New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
cloudflare ddos protection prevents lowendtalk-rss from working.
Hi all,
Lowendtalk uses the cloudflare ddos protection. It's a javascript routine that verifies that the browser is really a browser and not some bot trying to do bad thing.
The thing is that this also prevents my RSS reader from reading the LowEndTalk-RSS feed.
I'm using "The Old Reader"
Anybody having a similar issue? Anybody have a solution? Thanks.
Comments
If it is broke.. you can be sure it will stay broke, this site has had fewer updates and improvements than SolusVM in the last 3 years.
I was afraid of that.
It's broken for a while and nobody cares, one would think they wanted LEB readership to increase, but apparently not. I stopped visiting LEB at all anymore since my primary reasons for visiting were all from getting a new post on RSS.
Strange, there must be more to it than always running a JS check. I wonder if it's triggered by the UserAgent the visitor claims to be. Can you try a different or indirect aggregator.
Direct RSS feed in Opera mail (not the browser) still works for me, and a plain wget fetch of the feed also has no problems and runs no JS.
Same for https://lowendbox.com/feed/
Cloudflare works by executing some arbitrary JS (something not supported by most aggregators for a reason) and setting cookies (__cfduid & cf_clearance)
I personally wouldn't be surprised if Opera mail works, because - well, it's engine is based on Opera.
But its nothing stuff like wget or curl can handle.
On the other hand Cloudflare is known to distinguish between the users geoip so you might just be lucky.
Regardless, let me quote the author of my favorite newsreader here:
Cheers
It's just a hilariously simple-to-deobfuscate bit of JS, with a server-side delay and a cookie for keeping track of who's authenticated. It's not hard to break at all, so really all it does is keep out legitimate automated clients (like is the case here).
There's a reason I constantly complain about CloudFlare.
Good read, pretty much in line with my own experience.