Cloudflare Drop
284 points
7 hours ago
| 38 comments
| cloudflare.com
| HN
jonluca
5 hours ago
[-]
Wow the people in this thread are a huge bummer. This is much cooler and I doubt this is a real safety issue. You can already sign up for a free cloudflare account and deploy it for free, on your own, on a free workers.dev domain. The friction removal here isn't going to meaningfully change the security / amount of malicious content.
reply
combyn8tor
5 hours ago
[-]
Well according to the people in this thread it was previously impossible for bad actors to host a website, and CloudFlare has now given them this unique ability.
reply
judge2020
3 hours ago
[-]
I really hope/imagine this project specifically has a LLM of some kind doing real-time analysis on the uploaded files for malware from the get-go. How good that is could be is anyone's guess (and chances are there would be blind spots / evasion techniques).
reply
arcatech
2 hours ago
[-]
When you see a group of people being critical, you can either see it as a “bummer”, or you can see it as people critically thinking about a thing.

Is it really more useful to have everyone expressing how much they like something instead of identifying problems?

Is seeing people talking about the things they don’t like something that makes you unhappy? Why?

reply
ddtaylor
2 hours ago
[-]
I think the HN rule for "curmudgeonly" applies.

> Don't be curmudgeonly. Thoughtful criticism is fine, but please don't be rigidly or generically negative.

https://news.ycombinator.com/newsguidelines.html

I think HN should be a place where I am excited to see what others have to add. When I see a post I am excited to see what takes and spins others have on it. I do want real criticism and a lively debate about important things, but there has to be a balance.

I want to see other comments that seem like they genuinely want to help steer something or build people up. Sometimes I get the impression that's not happening on HN.

reply
stackghost
19 minutes ago
[-]
There needs to be another rule against being a techno-sycophant.
reply
brookst
3 minutes ago
[-]
To the curmudgeon, its techno-sycophancy to say the wheel is a pretty good thing.

It’s just another take on shill / sheeple / etc. it gets old.

reply
dryarzeg
2 hours ago
[-]
> Is seeing people talking about the things they don’t like something that makes you unhappy? Why?

Probably (I'm just assuming) because that person observes negative/cautious/"I don't like this because X and Y and also Z"/etc sentiment too much and feels like people are only quick to notice issues while forgetting about good sides.

It's only an assumption, though.

reply
superjose
5 hours ago
[-]
Agreed I think this is pretty solid especially since you get all the Cloudflare benefits like CDN from the get-go.
reply
esjeon
1 hour ago
[-]
Corporations acting as if naive is a bit of problem in reality. For one thing, CF is probably the largest entity serving pirated content internationally while hiding the identities of actual perpetrators for privacy.

Same here: CF is basically giving malicious actors an ability to ship contents/data publicly while laundering the legal responsibility of those actors.

Now tell me what is cool

reply
MallocVoidstar
27 minutes ago
[-]
> For one thing, CF is probably the largest entity serving pirated content internationally while hiding the identities of actual perpetrators for privacy.

That's awesome, glad to hear it

reply
stackghost
7 minutes ago
[-]
>Now tell me what is cool

Piracy is cool. Information wants to be free.

I hate the corporate bootlicking that is so prevalent here.

reply
x-complexity
1 hour ago
[-]
> Now tell me what is cool

Not immediately being a copyright bootlicker.

The fact that you went straight to "BuT pIrAtEs" already shows who you actually care: Corpos, not people.

reply
adithyassekhar
2 hours ago
[-]
I think they are all bots or threatened to see their little hobby now being accessible, classic gatekeeping.
reply
swingandamiss
5 hours ago
[-]
hn has turned into a reddit hate fest. It's getting hard to read non stop negativity and hate. I'm happy to see your positive comment.
reply
TheTaytay
1 hour ago
[-]
Agreed. This is the same crowd that is mad about free tiers going away on other dev-friendly hosting services…
reply
goshx
4 hours ago
[-]
You must be new here :)
reply
swingandamiss
4 hours ago
[-]
No, I just created a new alt account. I have a year 1 account as my main.
reply
j-bos
3 hours ago
[-]
that's new :)
reply
godelski
1 hour ago
[-]
Even you're relatively new. There definitely was a shift as AI took off

Also, they said "year 1" not "1 year old"

reply
r3trohack3r
1 hour ago
[-]
I think maybe GP means they have an account that was created in the first year of the site, not a 1 year old account
reply
phoghed
2 hours ago
[-]
Brother it’s always been like this. Just check n-gate.com (tragic loss btw, rip)
reply
ddtaylor
2 hours ago
[-]
Hi! I have been following n-gate.com a small bit over the years, because I found it very interesting and it was a rabbit hole I wanted to go down.

I actually setup "xor-gate" for a while, which was trying to be a similar thing co-authored by a friend, but it was too time consuming and we gave up.

Did the author pass? I'm not trying to be crass, but I don't know the details.

reply
jnaina
3 hours ago
[-]
wait till anyone remotely mentions apple or apple products. the neckbeards on their thinkpads will come in droves to shit on cupertino's best.
reply
andrethegiant
6 hours ago
[-]
Netlify made this 10 years ago... they even copied the name! https://app.netlify.com/drop
reply
tech234a
6 hours ago
[-]
And BitBalloon before that (which Netlify acquired) http://web.archive.org/web/20131028083240/https://www.bitbal...
reply
neom
1 hour ago
[-]
BitBalloon was the original project from Matt, the founder of Netlify!
reply
gfat
4 hours ago
[-]
Loved this app. What is old is new again.
reply
brightball
6 hours ago
[-]
There are numerous products like this out there. Isn’t that where Dropbox got its name in the first place?
reply
hoherd
4 hours ago
[-]
I thought it was a reference to the Mac OS X `~/Public/Drop Box` directory, which was a write-only place for people to send files to your user, which has been around since the first OS X beta came out in 2000.
reply
jamesfinlayson
3 hours ago
[-]
I vaguely remember being told to put assignments in a drop box (like a mail box on campus) in the mid 2000s at least, and I'm sure it wasn't a new concept then.
reply
hoherd
2 hours ago
[-]
Oh dang, you're right. Mac OS X was my first Mac OS, but it looks like the Drop Box concept existed long before OS X. Here's a reference from 1991 titled "AppleShare Drop Box: Access for System 6 and 7 Clients" https://www.savagetaylor.com/TIL/TIL09033.pdf
reply
scubbo
5 hours ago
[-]
I was always under the impression that that was referencing the notion from spycraft.
reply
latchkey
5 hours ago
[-]
Don't forget Digital Ocean Droplets.
reply
neom
1 hour ago
[-]
FWIW, We called them droplets because drop of water in the (Digital)Ocean.
reply
frankdenbow
4 hours ago
[-]
Or Drop.io which got bought by Meta
reply
giancarlostoro
3 hours ago
[-]
Its not exactly a very elaborate name.
reply
oasisbob
2 hours ago
[-]
Elaborate enough?

Funny story: I used to work for a startup which had a trademark on "Airdrop". When Apple announced that feature, it took everyone there by surprise. Ended up reaching out and selling it to them for a buck or two in favor of maintaining goodwill.

reply
inventor7777
2 hours ago
[-]
Ha, that's funny. When you say "a buck or two" do you really mean it was almost nothing or did Apple compensate you appropriately? I'm also surprised that Apple didn't catch that before if it was trademarked.
reply
inigyou
1 hour ago
[-]
Why did you value Apple's goodwill more than a couple million dollars?
reply
arm32
3 hours ago
[-]
My... Aviato?
reply
giancarlostoro
2 hours ago
[-]
Infatrode, wtf is Infatrode

(I might be butchering it, course it is an Office Space reference)

He was my absolute favorite character in that show.

reply
floydnoel
2 hours ago
[-]
I think it was Initrode. I used to watch it every day haha
reply
giancarlostoro
1 hour ago
[-]
They intentionally butchered it I think but it still cracked me up
reply
dmillar
6 hours ago
[-]
Low barrier services don't care who's first in this epoch.
reply
ares623
4 hours ago
[-]
But this time it's with ~blockchain~ AI!
reply
r_lee
4 hours ago
[-]
ouch... I get that it's a simple concept but darn it really does seem like ctrl c ctrl v lmao
reply
altbdoor
40 minutes ago
[-]
reply
Bender
7 hours ago
[-]
There must be some really good protection on this. If I enabled such a thing on any of my servers it would be full of warez, porn, malware, CSAM and who knows what else within minutes. Curious how they manage to keep it clean.
reply
inigyou
1 hour ago
[-]
The protection is that they're rich enough to handle requests from law enforcement without going to jail themselves. They'll certainly pass your IP address to law enforcement if asked.
reply
mattlondon
6 hours ago
[-]
Only live for an hour.

But that won't stop people doing bad stuff for an hour I guess. Vibe code up some on-demand thing that you ping...

reply
Y-bar
6 hours ago
[-]
One hour is great for spearphishing attacks, once the victim has been infected their IT department will have no trace of the source.
reply
hoppp
4 hours ago
[-]
They already allow hosting static websites so I think the same guardrails are implemented.
reply
Bender
4 hours ago
[-]
I've never used CF so I could be ignorant in this matter. I assumed perhaps incorrectly that people had to verify their email address and delegate their domain(s) to CF including setting the glue records in the TLD servers meaning there is possibly a financial trail somewhere probably in the DNS registrars and perhaps a mail provider, whereas this is just drag-and-drop with no money trail.

I have no idea what guardrails they have in place in the background that blocks malware, CSAM, warez and such on their free accounts.

reply
hoppp
3 hours ago
[-]
Just having an account with an email address is enough.

They assign a subdomain automatically for uploads, same as cloudflare workers.

I don't know what they do, but implementing guardrails for this is possible nowadays with AI, but maybe they use a "mechanical turk"

reply
DakotaR
6 hours ago
[-]
Yeah, I was going to start a file drop site like 0x until realizing what it'd be used for
reply
busymom0
1 hour ago
[-]
At least when it comes to bad types of porn, it's be similar to Imgur allowing anonymous uploads. They already do CSAM scanning on uploads to their R2 storage:

https://blog.cloudflare.com/a-simpler-path-to-a-safer-intern...

reply
Bender
1 hour ago
[-]
That makes sense. In that case I have to assume that Cloudflare will not permit encrypted archive files as one can hide the image fingerprints all together.
reply
jjcm
4 hours ago
[-]
Cloudflare is obviously more trustworthy/robust here, but if name of the url matters to you, my site non.io [1] allows for named uploads, ie https://html.non.io/solara [2]

Somewhat useful if you want a url that isn't a hash / is more self descriptive.

[1] Launch discussion: https://news.ycombinator.com/item?id=36296695

[2] This was a demo of the output of a design tool I'm working on, only the home/accommodations/about pages work.

reply
alberth
5 hours ago
[-]
Reminds me of web development in the 1990s.

I honestly miss those days of deployment simplicity.

reply
gesis
4 hours ago
[-]
FTPing files to `~/public_html` was the best... Miss those days.
reply
hoppp
4 hours ago
[-]
It still works...
reply
3form
3 hours ago
[-]
It's not the ability that's missing; it's those days.
reply
bigbuppo
2 hours ago
[-]
Yeah, these days if you aren't treating even the smallest of small projects that do something like "query database spit out report" as if they are major IT infrstructure projects, complete with designers, UX specialists, and accessbility experts that never talked to a disabled person to find out what they actually need, spin up 375 ec2 instances, use 19 different database systems, and send the logs to a third party, then you're literally the worst person possible, or so I've been told.

It's like, my dude last week this was an excel spreadsheet.

reply
_pdp_
6 hours ago
[-]
It is cool to see not sure why you would use it.

Also it seems to me that this is a good way to exfiltrate data, rubber stamped by cloudflare themselves.

reply
gruez
6 hours ago
[-]
Isn't there already thousands of ways for exfiltrating data that must be whitelisted by corporate firewalls? office365/gsuite, for instance. Not to mention the classics like dns.
reply
smalltorch
7 hours ago
[-]
Hmm, that's fun and useful. Here is snake game for 60 minutes.

https://drop-e7e6d363-601.important-seat.workers.dev

reply
Self-Perfection
3 hours ago
[-]
$ curl -I https://drop-e7e6d363-601.important-seat.workers.dev/ curl: (7) Failed to connect to drop-e7e6d363-601.important-seat.workers.dev port 443 after 47 ms: Couldn't connect to server

Tried from two hosts, different countries.

reply
tmp10423288442
2 hours ago
[-]
Yes, it's expired I think - it only lasts for 1 hour
reply
tengbretson
6 hours ago
[-]
Your code appears to have a bug where if the arrow keys trigger a change of direction twice in a single frame interval, it can mistakenly send the snake back on itself.
reply
copper-float
6 hours ago
[-]
What an honor. I got a high score of seven.
reply
janandonly
7 hours ago
[-]
Makes sense. It plays nicely with the vibe code kids who don’t know how to do GitHub or don’t know to ask their LLM about it.
reply
steve_adams_86
3 hours ago
[-]
Cool, it worked!

https://drop-1e1a536f-10d.honeysuckle-gull.workers.dev/

It's minesweeper, but the logic uses xstate/store. The link in the bottom is broken; it's supposed to go to `building-minesweeper-with-xstate-store.html`

I have no need for this but I love that my friends could vibe out a website, drop it here, claim it, and host it for pennies. This is great.

"Your site is reachable within ~32ms of 95% of the world’s Internet-connected population" isn't new but it's cool to see that achieved so trivially.

reply
hoppp
4 hours ago
[-]
I can see this interface is for vibe coders haha

I have been hosting static websites with cloudflare for years and finding how to do it on the UI is getting harder as they add more things and reoranize.

reply
jeffgreco
1 hour ago
[-]
What is this for?
reply
neom
1 hour ago
[-]
I have hosted my personal site on Netlify for many many years because it's just basic js/html/css, I picked Netlify because I can just updated the index.html in the "website" folder on my desktop and literally drag it to Netlify to update it, saves a lot of time/thinking if you need something simple online quickly to show someone etc. I presume this is a similar idea.
reply
dmd
2 hours ago
[-]
All I ever get is "Something went wrong An unexpected error occurred. Please try again or contact support."
reply
inigyou
1 hour ago
[-]
I think that means you're a bot.
reply
dmd
1 hour ago
[-]
beep boop
reply
rickcarlino
5 hours ago
[-]
Desktop operating systems should be able to run zipped web apps the way Electron apps run today. It ought to just be part of the OS.
reply
ubertaco
2 hours ago
[-]
Adobe Air, for the obscure nostalgia bomb
reply
rickcarlino
2 hours ago
[-]
I was going to mention Microsoft Active Desktop in the original comment, but I didn’t want HN to know how old I am.
reply
TZubiri
5 hours ago
[-]
And if there's a form or something with a backend? Just break?
reply
throwaway81523
6 hours ago
[-]
Wait, my first impression was that it points a local browser to your local browser. Now it looks like it uploads your folder to Cloudflare and temporarily serves it over the web. But is that different from what we used to do with FTP? Are there any databases or anything like basic PHP hosts supply? It's just static sites?

Is this a product or what? What's the purpose? Is there an API?

reply
joenot443
6 hours ago
[-]
A minute ago I had an HTML doc I wanted to share with a PM. It was a Claude prepared demo of a hypothetical feature. Lots of screenshots.

I ended up just embedding them directly in the HTML as base64 and sending him a 15mb file, but hypothetically this would have been a nice solution instead.

reply
qingcharles
6 hours ago
[-]
Absolutely agree. There's an insane "feature" of Claude Design which means you can only share the link to the design with other users on your account?! You can export the design, though, but then you need somewhere to quickly drop a bunch of HTML + assets. This would be perfect for that.
reply
deeprack4sure
58 minutes ago
[-]
Wow, that does sound like a serious hardship for someone who lets Claude write all their code for them.

Creating a folder for some files. Dude, maybe you should file for disability for repetetive stress disorder for "double clicking" or even single clicking twice.

This aggression will not STAND man!

We need computers to go back to pencil and paper but STILL be computers! But not operated by me? Wierd operated by a fake bot me? Wait! thats malware! Wha?

reply
efields
6 hours ago
[-]
Trying to solve this here: https://jlnk.us

Here's the instructions my agents have:

> Shareable Deliverables → jlnk.us (default) The jlnk MCP server is configured machine-wide for all team agents. It publishes disposable public links: create_link(content, ttl) returns an unguessable URL anyone can open without logging in; it self-destructs after its TTL (4h/24h/72h, default 4h, max 5 MB). Also list_my_links() and delete_link(id).

> When handing a human (Founder, CEO reviewer) something to look at — QC screenshots, prototypes, reports, before/after comparisons — default to a jlnk.us link instead of a repo file path or local path. Use 72h for Founder review, shorter when the review window is same-day.

> Content must be ONE self-contained HTML file: inline CSS/JS, embed screenshots as base64 data URIs (![image](data:image/png;base64,...)).

> Downscale images to stay under the 5 MB cap.

> Links are public to anyone holding the URL. NEVER publish secrets, API keys, credentials, or private client data.

> Links expire — they are a viewing convenience, not the system of record. Durable artifacts still go to the repo and issue attachments as usual.

reply
throwaway81523
4 hours ago
[-]
Sort of like a pastebin for directory structures then, hmm.
reply
pantelisk
6 hours ago
[-]
There are also solutions for sharing your homelab with others (basically tunneling from your machine->server (internet accessible) <-> client. Though, if your machine would go to sleep that whole chain would fall apart. A few good automatic solutions out there that solve the problem (no "just replace dropbox with ftp" type of argument).

However, I see the appeal of this. Kind of surprised it hasn't happened yet to be honest.

reply
inigyou
1 hour ago
[-]
SSH remote port forwarding. ssh -R 0.0.0.0:80:127.0.0.1:80

Requires the server's sshd config to have GatewayPorts yes, or the server will bind to 127.0.0.1 instead

reply
efields
6 hours ago
[-]
I built a tool _just the other day_ for this exact purpose. Now my agents proactively make disposable links for me: https://jlnk.us
reply
dmillar
5 hours ago
[-]
Replit is used a lot in this context. Their agent is good, but their circumvent-policies-to-get-something-in-front-of-execs-quickly is an amazing and mis-priced feature.
reply
throwaway81523
6 hours ago
[-]
You could just upload to a personal or other website? I sometimes do that. Is there any security or privacy (e.g. password protection) for this Cloudflare Drop site?
reply
vulture916
5 hours ago
[-]
Check out Tailscale - they have TUNS + share the source files with someone else in tailnet.
reply
sgt
6 hours ago
[-]
Tried uploading a ZIP and got:

"Something went wrong An unexpected error occurred. Please try again or contact support."

reply
TZubiri
5 hours ago
[-]
When contacting support:

"Please upload a screenshot of the error by dragging a zip of the png file."

reply
Cider9986
6 hours ago
[-]
>Something went wrong An unexpected error occurred. Please try again or contact support.

I have a few qualms with this app.

reply
altairprime
6 hours ago
[-]
Hah! This is exactly how I’m serving the vestigial remnant of my blogging in the early 2000s from a ZIP-backed Cloudflare Worker today. Should I rebuild my site with Drop+Claim or is it fine as-is? I kind of feel like ‘if what I have works, don’t change it’ is the best path.
reply
grepsedawk
4 hours ago
[-]
This is pretty cool, thanks for sharing. It really enables less tech savvy users. It would really enable frontpage/dreamworks-like flows for some people
reply
ChrisArchitect
7 hours ago
[-]
> No account needed. Deployment is active for 60 minutes, then expires unless you claim it.

(https://x.com/BraydenWilmoth/status/2074894829616509358)

reply
simonw
6 hours ago
[-]
Same deal as their Cloudflare Workers previews from a few weeks ago: https://blog.cloudflare.com/temporary-accounts/
reply
BoppreH
5 hours ago
[-]
Dropped a folder with a small HTML project, and after 20 seconds got "Something went wrong. An unexpected error occurred. Please try again or contact support.".

Note how the error has zero information.

Looking in the network tab, a POST request to /upload returned 403 and an HTML page starting with "Sorry, you have been blocked", and to "email the site owner to let them know you were blocked".

I'm very tired of this adversarial approach to software coupled with vague errors.

EDIT: it was the file './git/hooks/fsmonitor-watchman.sample' created by default on git init. Maybe because it's Perl. Worse-than-useless "please try again" and "you've been blocked" for committing the sin of uploading a folder that's a git repository. Sigh...

reply
ricardobeat
6 hours ago
[-]
I remember doing this in 2006. FTP. Good times.
reply
barnacs
5 hours ago
[-]
I remember making a Qt app for a friend that would upload dropped files via ftp and copy the link to the clipboard. Good old days!
reply
djfobbz
5 hours ago
[-]
Yet I can't drag and drop a plain old HTML file without putting it in a folder or a ZIP file first.
reply
spartanatreyu
3 hours ago
[-]
You can, the file just has to be named "index.html".
reply
ChrisArchitect
7 hours ago
[-]
Extension of the temporary accounts they needed to enable for Agents https://blog.cloudflare.com/temporary-accounts/
reply
deeprack4sure
1 hour ago
[-]
Look. Guys (?)

If cloudflare wants to be the next "Megaupload" what business is it of yours?

There is a guy named kim DOT com. That is actually fucking cool. Whether or not he himself is actually cool. Or in prison.

reply
ed_mercer
4 hours ago
[-]
Cool, just 20 years too late.
reply
nickgray
4 hours ago
[-]
This is cool and I like it.
reply
toomuchtodo
6 hours ago
[-]
Cloudflare folks: Please consider supporting WARC archives for deployment.
reply
hoppp
4 hours ago
[-]
Is that something you use often?
reply
toomuchtodo
4 hours ago
[-]
When I want to serve an archived website in read only mode, yes.

https://news.ycombinator.com/item?id=48808481

https://github.com/SpeedcubeDE/speedcube.de-forum-archive is an example use case.

Sort of, but not quite, like cherry-picking files out of an archive blob in S3.

(I’ll see if Claude and I can come up with a WARC archive->zip file converter too)

reply
system2
6 hours ago
[-]
It would be nice if we could see some information such as file size limitations, demos, link structure, management, etc. Am I expected to upload a random HTML file and see how it works?
reply
petee
5 hours ago
[-]
Yeah I'm very lost on what this is supposed to do -- "Summon your site" is quite vague. "see it live", like a demo? or is this actually published somewhere? Is it forever?

Desktop mode doesn't show any more information either

reply
Fergusonb
5 hours ago
[-]
Yep, I chucked it a file on my desktop: index.html present Max individual file size 25MB Total file count <2000 Total size less than 100MB
reply
xyst
1 hour ago
[-]
geocities/angelfire but for Gen Z and A
reply
heipei
6 hours ago
[-]
Cloudflare is really good at launching features that facility low-friction deployment of malicious content (such as phishing) on the Internet, piggybacking on their hosting reputation and the fact that you can't easily block their ASN or domains.
reply
simultsop
6 hours ago
[-]
I don't know your experience. Once I was toying around and doing a basic auth with registration and so. The weekend was over and couldn't get back to that couple of months. The worker was quarantined and marked as phishing automatically. So I believe they have something in place to prevent those you complain.
reply
jszymborski
5 hours ago
[-]
Your anecdote just illustrates that their system detects legit uses as abuses, not that they have a system that effectively detects abuses.
reply
cute_boi
5 hours ago
[-]
Cloudflare is also like a Chinese copycat machine. They mostly copy some successful project and sell it at cheap price.
reply
Waterluvian
6 hours ago
[-]
Be the change you want to see to make the world of your dreams.

And then sell its denizens malice protection services.

reply
bossyTeacher
4 hours ago
[-]
It could be fun to use a temporary Mediafire/Rapidshare/Megaupload service. Especially if you need to transfer something between an Android and an iPhone.
reply
anonymousiam
5 hours ago
[-]
Odds are that this new feature will not suffer the same outcome as Megaupload, because of Cloudflare's close relationship with the USG.
reply
nalekberov
5 hours ago
[-]
The internet will soon be flooded with even more scam landing pages.
reply
cute_boi
5 hours ago
[-]
And you should be using cloudflare to protect yourself...
reply
arm32
3 hours ago
[-]
This definitely won't get used to host unlimited phishing sites. /s
reply
sleepynoodle
6 hours ago
[-]
This is so cool.
reply
S0y
6 hours ago
[-]
Cloudflare has the astonishing ability to make me hate them more as a company every new feature they launch.
reply
vevoe
6 hours ago
[-]
why?
reply
S0y
5 hours ago
[-]
Every new feature they've launched recently can be used to make the web more dangerous for everyone except those who use Cloudflare.
reply
denismenace
5 hours ago
[-]
How would this make the web more dangerous? Its just static file hosting. Already wildly available!
reply
TZubiri
5 hours ago
[-]
The argument would be that they sell the kevlar and the guns

Kevlar:

https://developers.cloudflare.com/bots/ https://www.cloudflare.com/products/turnstile/

Guns:

https://support.cloudflarewarp.com/

To be fair, CF mainly develops defensive cybersecurity products, the extent to which their tools might be used maliciously is pretty on par with other regular tools.

But, it just has bad optics and potential COI/Racketeering when CF is at both sides of the counter.

To be explicit, in case it isn't obvious,Cloudflare emerged as a DDoS protection company, detecting attacks from distributed sources is part of the raison d'etre, and domains and IP addresses are a key part of that infrastructure.

By subletting their own IP addresses for navigation with warp, and their own domains for hosting of webcontent with subdomain hosting, they are providing pooled anonimity for their customers, which is precisely what makes it very hard for defenders on the other side to implement foundational security measures like IP bans, or IP block bans, or domain bans, or Whois/RDAP domain analysis.

reply
latchkey
5 hours ago
[-]
phishing
reply
collabs
6 hours ago
[-]
Congratulations on launching!

I tried uploading a git repository that I have previously successfully published on Github pages. This is a "no build" website I have built with the help of Claude. It should just work but I keep getting an error. Who can I reach out to give them steps to reproduce? The website repository is public and I feel like anyone at Cloudflare who wants to reproduce my problem can quite literally clone my repo and upload it to cloudflare drop.

Please drop your cloudflare email address and I will reach out to you with my repository information.

reply
turtlebits
6 hours ago
[-]
Or you could do some of your own troubleshooting? Uploading a git repo is different than uploading a zipped/folder, especially if your index.htm/l isn't at the root.
reply
collabs
3 hours ago
[-]
Thank you for the reply. Index dot html is already at the root of the folder and it deploys just fine on GitHub pages.
reply
aetherspawn
3 hours ago
[-]
Hey stranger, welcome to 2026. It’s somewhat different to what you’re used to in 2035. We do things differently here.
reply