deCloudflare/readme/so.action.md

24 KiB
Raw Blame History

Maxaad sameyn kartaa si aad isaga caabbiso Cloudflare?

🖼 🖼

Matthew Prince (@eastdakota)

"Id suggest this was armchair analysis by kids its hard to take seriously." t

"That was simply unfounded paranoia, pretty big difference." t

"We also work with Interpol and other non-US entities" t

"Watching hacker skids on Github squabble about trying to bypass Cloudflare's new anti-bot systems continues to be my daily amusement. 🍿" t


i guji

Macaamiil websaydh ah

  • Haddii websaydhka aad jeceshahay uu adeegsanayo Cloudflare, u sheeg inaysan isticmaalin Cloudflare.
    • Ku guulaysiga baraha bulshada sida Facebook, Reddit, Twitter ama Mastodon wax farqi ah ma lahan. Waxqabadka ayaa ka xoog badan hashtags.
    • Isku day inaad la xiriirto milkiilaha websaydhka haddii aad rabto inaad naftaada ka dhigto mid waxtar leh.

Cloudflare ayaa yiri:

Waxaan kugula talineynaa inaad la xiriirto maamulayaasha adeegyada ama boggaga gaarka ah ee aad dhibaatada kala kulanto oo aad la wadaagto khibradaada.

Haddii aadan weydiisan, milkiilaha degelku weligiis ma ogaan doono dhibaatadan.

Tusaale guul leh.
Dhibaato ayaad qabtaa? Codkaaga hada kor uqaad. Tusaalaha hoose.

Kaliya waxaad caawineysaa faafreebka shirkadaha iyo kormeerka ballaaran.
https://codeberg.org/crimeflare/cloudflare-tor/src/branch/master/README.md
Boggaaga internetka wuxuu ku dhexyaalaa-qarsoodiga-ku-xadgudubka-darbiga-gaarka ah ee CloudFlare.
https://codeberg.org/crimeflare/cloudflare-tor/
  • Waqti qaado si aad u aqriso siyaasada asturnaanta bogga.
    • haddii degelku ka dambeeyo Cloudflare ama degelku adeegsanayo adeegyo ku xiran Cloudflare.

Waa inay sharraxdo waxa uu yahay "Cloudflare", oo ay weydiisato rukhsad ay kula wadaagaan xogtaada Cloudflare. Ka gaabinta in sidaas la sameeyo waxay keeni doontaa jebinta kalsoonida iyo websaydhka laga hadlayo waa in laga fogaadaa.

Tusaalaha siyaasada asturnaanta ee la aqbali karo ayaa halkan ku taal ("Subprocessors" > "Entity Name")

Waan aqriyay siyaasadaada asturnaanta mana heli karo erayga Cloudflare.
Waan diidey inaan kula wadaago xogta haddii aad sii wadatid inaad xogteyda ku quudiso Cloudflare.
https://codeberg.org/crimeflare/cloudflare-tor/

Tani waa tusaale siyaasad gaar ah oo aan lahayn erayga Cloudflare. Liberland Jobs privacy policy:

Cloudflare waxay leeyihiin siyaasadooda u gaarka ah. Cloudflare wuxuu jecel yahay dadka da 'yarta ah.

Waa kuwan tusaale wanaagsan oo loogu talagalay foomka is-qoritaanka websaydhka. AFAIK, websaydh eber ah ayaa sidan sameeya. Miyaad ku kalsoon tahay iyaga?

Adoo gujinaya "Saxiix XYZ", waxaad ogolaatay shuruudahayaga adeegga iyo bayaanka asturnaanta.
Waxaad sidoo kale ogolaatay inaad la wadaagto xogtaada Cloudflare sidoo kale waxaad ogolaatay bayaanka asturnaanta Cloudflare.
Haddii Cloudflare ay daadato macluumaadkaaga ama aysan kuu oggolaan doonin inaad ku xirnaato adeegeyaasheena, annaga khaladkeena ma aha. [*]

[ Saxiix ] [ Waan diidanahay ]

[*] PEOPLE.md


i guji

Kudarro

  • Haddii biraawsarkaagu yahay Firefox, Tor Browser, ama Ungoogled Chromium isticmaal mid ka mid ah ku darrada hoose.
    • Haddii aad rabto inaad ku darto waxyaabo kale oo cusub oo cusub weydii marka hore.
Magaca Horumar Taageero Joojin Karaa Ogeysiin karaa Chrome
Bloku Cloudflaron MITM-Atakon #Addon ? Haa Haa Haa
Ĉu ligoj estas vundeblaj al MITM-atako? #Addon ? Maya Haa Haa
Ĉu ĉi tiuj ligoj blokos Tor-uzanton? #Addon ? Maya Haa Haa
Block Cloudflare MITM Attack
DELETED BY TOR PROJECT
nullius ? , Link Haa Haa Maya
TPRB Sw ? Haa Haa Maya
Detect Cloudflare Frank Otto ? Maya Haa Maya
True Sight claustromaniac ? Maya Haa Maya
Which Cloudflare datacenter am I visiting? 依云 ? Maya Haa Maya

i guji

Milkiilaha websaydhka / Soosaaraha Webka

🖼 🖼

  • Isticmaalka Cloudflare si aad wakiil uga dhigto "adeeggaaga API", "serverka cusbooneysiinta softiweerka" ama "RSS feed" ayaa waxyeellayn doonta macmiilkaaga. Qof macaamil ah ayaa ku soo wacay oo ku yiri "mar dambe ma isticmaali karo API-gaaga", wax fikrad ahna kama lihid waxa socda. Cloudflare ayaa si aamusnaan ah u xannibaya macmiilkaaga. Ma kula tahay inay caadi tahay?
    • Waxaa jira macmiil aqristaha akhristaha RSS iyo adeegga khadka tooska ah ee akhristaha RSS. Maxaad u faafineysaa quudinta RSS haddii aadan dadka u oggolaanayn inay isdiiwaangeliyaan?

Liiska IP: "Cloudflare ee xilligan IP-ga"

A: Kaliya iyaga xannib

server {
...
deny 173.245.48.0/20;
deny 103.21.244.0/22;
deny 103.22.200.0/22;
deny 103.31.4.0/22;
deny 141.101.64.0/18;
deny 108.162.192.0/18;
deny 190.93.240.0/20;
deny 188.114.96.0/20;
deny 197.234.240.0/22;
deny 198.41.128.0/17;
deny 162.158.0.0/15;
deny 104.16.0.0/12;
deny 172.64.0.0/13;
deny 131.0.72.0/22;
deny 2400:cb00::/32;
deny 2606:4700::/32;
deny 2803:f800::/32;
deny 2405:b500::/32;
deny 2405:8100::/32;
deny 2a06:98c0::/29;
deny 2c0f:f248::/32;
...
}

B: U dariiji bogga digniinta

http {
...
geo $iscf {
default 0;
173.245.48.0/20 1;
103.21.244.0/22 1;
103.22.200.0/22 1;
103.31.4.0/22 1;
141.101.64.0/18 1;
108.162.192.0/18 1;
190.93.240.0/20 1;
188.114.96.0/20 1;
197.234.240.0/22 1;
198.41.128.0/17 1;
162.158.0.0/15 1;
104.16.0.0/12 1;
172.64.0.0/13 1;
131.0.72.0/22 1;
2400:cb00::/32 1;
2606:4700::/32 1;
2803:f800::/32 1;
2405:b500::/32 1;
2405:8100::/32 1;
2a06:98c0::/29 1;
2c0f:f248::/32 1;
}
...
}

server {
...
if ($iscf) {rewrite ^ https://example.com/cfwsorry.php;}
...
}

<?php
header('HTTP/1.1 406 Not Acceptable');
echo <<<CLOUDFLARED
Thank you for visiting ourwebsite.com!<br />
We are sorry, but we can't serve you because your connection is being intercepted by Cloudflare.<br />
Please read https://codeberg.org/crimeflare/cloudflare-tor for more information.<br />
CLOUDFLARED;
die();
  • Samee Adeegga Basasha ee 'Tor Onion' ama 'I2P' haddii aad aaminsan tahay xorriyadda oo aad soo dhaweyso isticmaaleyaasha aan la aqoon.

  • Weydiiso talo lataliyayaasha kale ee shabakadda Clearnet / Tor oo samee saaxiibo aan lagaranayn!


i guji

Isticmaalaha softiweerka

  • Discord ayaa adeegsanaya CloudFlare. Beddelka? Waxaan ku talinaynaa Briar (Android), Ricochet (PC), Tox + Tor (Android/PC)

    • Briar waxaa ku jira Tor daemon sidaa darteed maahan inaad rakibato Orbot.
    • Soosaarayaasha Qwtch, Asturnaanta Furan, ayaa tirtiray mashruuca stop_cloudflare adeeggooda git ogeysiis la'aan.
  • Haddii aad isticmaasho Debian GNU / Linux, ama wax soo saar ah, iska qor: bug #831835. Haddiise aad awoodid, ka caawi sidii loo xaqiijin lahaa balastarka, oo aad ka caawin lahayd ilaaliyaha inuu la yimaado gabagabada saxda ah haddii la aqbalayo iyo in kale.

  • Had iyo jeer kugula taliya daalacashadaas.

Magaca Horumar Taageero Faallo
Ungoogled-Chromium Eloston ? PC (Win, Mac, Linux) !Tor
Bromite Bromite ? Android !Tor
Tor Browser Tor Project ? PC (Win, Mac, Linux) Tor
Tor Browser Android Tor Project ? Android Tor
Onion Browser Mike Tigas ? Apple iOS Tor
GNU/Icecat GNU ? PC (Linux)
IceCatMobile GNU ? Android
Iridium Browser Iridium ? PC (Win, Mac, Linux, OpenBSD)

Sirta kale ee software-ka ayaa ah mid aan dhammaystirnayn. Tani macnaheedu maaha in biraawsarka Tor uu yahay "mid hagaagsan". Ma jiro 100% amaan ah ama 100% gaar ah internetka iyo tikniyoolajiyadda.

Aynu ka hadalno waxyaabaha kale ee gaarka ah ee software-ka.

Sidaa darteed waxaan kugula talineynaa miiska kor ku xusan oo keliya. Wax kale maahan.


i guji

Isticmaalaha Mozilla Firefox

  • "Firefox Nightly" waxay u diri doontaa macluumaad heer khaldan ah server-yada Mozilla iyada oo aan la isticmaalin habka ka bixitaanka.

  • Waa suurtagal in la mamnuuco Firefox si loogu xiro serverka Mozilla.

    • Hagaha siyaasada-moodeellada
    • Maskaxda ku hay in khiyaanadan ay joojin karto ka shaqeynta qaybta dambe maxaa yeelay Mozilla waxay jeceshahay inay naftooda caddeyso.
    • Isticmaal firewall iyo filterka DNS si aad u joojiso gebi ahaanba.

"/distribution/policies.json"

"WebsiteFilter": {
  "Block": [
  "*://*.mozilla.com/*",
  "*://*.mozilla.net/*",
  "*://*.mozilla.org/*",
  "*://webcompat.com/*",
  "*://*.firefox.com/*",
  "*://*.thunderbird.net/*",
  "*://*.cloudflare.com/*"
  ]
},
  • Ka warbixi cayayaanka mozilla tracker, adoo u sheegaya inaysan isticmaalin Cloudflare. Waxaa jiray warbixin cillad ku saabsan bugzilla. Dad badan ayaa la soo dhigay dareenkooda, si kastaba ha ahaatee cayayaanka ayaa qariyey maamulka sanadka 2018.

  • Waad ka joojin kartaa DoH Firefox.

Sidee?

  1. Soo dejiso Tor oo ku dheji kombuyuutarkaaga.
  2. Kudar khadkan faylka "torrc". DNSPort 127.0.0.1:53
  3. Dib u bilaabi Tor.
  4. U dhig server-kaaga DNS-ka kombuyuutarka "127.0.0.1".

i guji

Ficil


Faallooyin

Had iyo jeer rajo ayaa ku jirta iska caabinta.

Wax iska caabintu waa bacrin.

Xitaa qaar ka mid ah natiijooyinka mugdiga ah ayaa imanaya, ficil ahaan iska caabinta ayaa nagu tababbaraysa inaan sii wadno xasiloonida xaaladda dystopic ee natiijooyinka.

Iska caabi!
Maalin maalmaha ka mid ah, waad fahmi doontaa sababta aan tan u qornay.
Ma jiro wax mustaqbal ah oo ku saabsan tan. Mar hore ayaynu khasaarnay.

Hadda, maxaad maanta qabatay?