[HN Gopher] Small SaaS banned by Cloudflare after 4 years of bei...
___________________________________________________________________
Small SaaS banned by Cloudflare after 4 years of being paying
customer
Hi, small SaaS founder here (tardis.dev) - I've been heavy
Cloudflare Workers user (currently 4 billions requests & 1PB of
data per month) for about 4 years already and today at 00:00 UTC
without any warning my account was restricted, both website and
APIs are down or very very slow to respond/time out, customers are
angry obviously. I confirmed with support that "hmm, I see that
your zone seems like being restricted due to 2.8 Limitation on
Serving Non-HTML Content, see that there's high JSON data
transfer". - which is bit strange as I'm using workers which have
different terms - https://news.ycombinator.com/item?id=20791660
(confirmed by their CTO)...anyways I get it, perhaps I pay too
little and should be on enterprise plan already, but when I got
approached by Cloudflare sales team I explicitly asked if I can
still be on pay as you go/self server model and reply was:
"Enterprise wise, that's up to you and you could likely get away
with utilising self-serve as you go, but if you did choose to go
enterprise (without R2) I might be able to have something approved
in the xx/month range." I would fully understand that I am
required to upgrade, but why not sending me an email before
shutting down my business completely? I even asked about such
scenario on zoom meeting I had with their Sales and they said it
will never happen - few weeks forward and here we are...anyways
going back to replying to my customers emails regarding service
outage.
Author : tardis_thad
Score : 630 points
Date : 2023-02-03 09:47 UTC (13 hours ago)
| mathattack wrote:
| My experience with the Cloudflare sales team is they were
| woefully disconnected from any ability to make good on their
| promises, and that it didn't matter to them at all. It was a
| strange narcissism -bit wasn't that they were deliberately lying,
| it was as if the notion of truth and lies didn't matter. That if
| they kept blabbering assumed that they'd get the sale.
|
| In general you can't trust salespeople and need to get everything
| in writing. Cloudflare is a prime example of why.
|
| And I'd add in my case because we were keeping track of their
| promises, we caught them before the sales process completed. It
| cost them seven figures a year. But maybe it doesn't matter -
| their sales approach still has them worth $20 billion.
| genewitch wrote:
| 20 billion in exchange for control of 10% of global traffic and
| 30% of US traffic seems awful low.
| mathattack wrote:
| Imagine their size and market cap if people could trust their
| Sales organization.
| lolcrow wrote:
| Maybe they booted you because your business model is to use
| Cloudflare to repeatedly and aggressively scrape data from
| cryptocurrency exchanges and then resell it for hundreds of
| dollars a month.
|
| Sounds like an abuse of their terms of service to me.
| ImHereToVote wrote:
| Is that illegal or something?
| gambiting wrote:
| It doesn't have to be illegal to be against the terms of
| service. Cloudflare can decide how they wish their service to
| be used.
| weberer wrote:
| Is there a clause in the terms of service against it then?
| tardis_thad wrote:
| Cloudflare is not used at all for data collection (it's not
| scraping, it's using official exchanges APIs), only for the
| APIs that serve historical data.
| sirsinsalot wrote:
| Aren't all users or CloudFlare doing [ACTIVITY] to resell
| something for profit?
|
| What planet are you on?
| rexreed wrote:
| From an earlier comment I made regarding Stripe shutting
| merchants down, and those merchants resorting to posting on HN
| and getting someone on HN to advocate for them to resolve their
| problem [0]:
|
| "The main issue is not that [COMPANY] is working hard to protect
| itself and its customers, but that customers feel very powerless
| in these situations. When it takes a massive effort to get
| attention, especially if you're small and powerless, you feel
| that you have no control, and that your issues will go
| unanswered. What can the average, powerless customer who doesn't
| have the weight of social media, HN, @dang, or others on their
| side do when their hard-earned money or business is being held,
| locked, or otherwise prevented, and when the cause is not
| fraudulent, or if the customer is unaware of that activity? The
| problem is that accounts are just shut down, moneys are held, and
| there's no quick or clear communication, with customer support
| simply saying it's not in their control. It's this feeling of
| powerlessness that's the issue, regardless of whether or not
| [COMPANY] is in its rights or doing what it feels is in its and
| its customers best interests.
|
| What can you do to help empower the powerless customers when
| their livelihoods are at stake? Can you provide some way to not
| instantly assume fraud or malicious intent on behalf of the
| customer and provide some quick and direct way for the customer
| to feel empowered?"
|
| Having to resort to HN to get major problems resolved that are
| major customer service and potential legal / liability issues
| causes me a lot of stress when I realize that I have don't have
| nearly the same sort of power or influence as some of the others
| here do on HN. I worry that my complaints would simply go
| ignored.
|
| @jgrahamc would love you to comment on what we can do to avoid
| people having to resort to HN for a solution to these problems,
| which favors the well-connected and squeaky wheels and disfavors
| everyone else.
|
| [0] https://news.ycombinator.com/item?id=34274456
| KennyBlanken wrote:
| > What can you do to help empower the powerless customers when
| their livelihoods are at stake? Can you provide some way to not
| instantly assume fraud or malicious intent on behalf of the
| customer and provide some quick and direct way for the customer
| to feel empowered?"
|
| Legislation and regulation.
|
| Mill owners used to send little kids into running machines and
| they'd get shredded. Now we have child labor laws where under a
| certain age someone isn't allowed to operate most powered
| equipment.
|
| Mill owners used to not pay people for their wages. Now we have
| laws with civil and criminal repercussions if you don't pay
| someone timely and in full.
|
| The phone and electric companies have to follow a bunch of
| regulations around shutting off your service, because of the
| consequences.
|
| Companies should not be able to say "and if we fail, lol
| whatevs, fuck off." If you are providing a service, and someone
| depends on it to run for their business, then you should be
| responsible if you fail to provide service. Cost of doing
| business.
| krimpenrik wrote:
| Also want to be kept updated on this issue since it touches some
| clients of mine
| cultofmetatron wrote:
| Literally just sent an email to my devops guys to move off
| cloudflare asap. This cavalier lack of respect is a diservice and
| insult to all the people who rely on my product for their
| livelihood.
| kkielhofner wrote:
| You're changing your arch because you saw a one-sided
| completely unverified post on HN?
|
| At this point @jgrahamc has the worst of it - people show up
| here time after time hoping they can make enough of a stink to
| get him involved.
| jgrahamc wrote:
| When they could just email me (jgc@cloudflare.com)
| tebbers wrote:
| Dear John, I absolutely love and admire Cloudflare's
| services as a customer (and recent investor), but please
| please get stuff like this sorted as it will absolute ruin
| Cloudflare's reputation in the long run. I beg you!
| jgrahamc wrote:
| Believe me that this is what I'm doing. I'm really
| disappointed this customer got into this state and I'm
| working internally to figure out why it did.
| pier25 wrote:
| I'm working an audio hosting SaaS and relying on Workers
| to stream and cache audio.
|
| What can I do to prevent this from happening to me and my
| users?
|
| This would be disastrous for my company.
| tebbers wrote:
| Thank you.
| pciexpgpu wrote:
| Worrying part is the account could get banned. Could you
| reply here if that's true? Would that take down
| dns/registrar etc functionality? Google does this and
| people would move to cloudflare thinking you wouldn't do
| this account ban but nowhere is it stated.
| groffee wrote:
| This happens all the time though. Your business and
| processes are fundamentally broken.
|
| And all you do is pop up on HN anytime someone complains,
| that's enough of a red flag to avoid your business
| completely and actively keep all my clients away from
| you.
| sparticle8 wrote:
| Had similar issue in recent past, and was able to get it
| solved via the Discord channel. From what I understood is
| that it requires a manual over-ride on R2/ Workers because
| the thing that checks for the 2.8 TOS violation is not able
| to see the difference between Workers/ R2 and the standard
| CDN service.
|
| If you go to the R2 Discord channel you see this happening
| every other week.
|
| What is also kinda annoying is customers can't create
| support tickets because it requires a plan. Which imo is
| bad given these customers pay for R2 and often have a ton
| of data on it (which is why the 2.8 gets hit...).
|
| Hopefully you can get this fixed permanently (for all
| customers at once, and not case-by-case).
| mdip wrote:
| The fact that you just post your e-mail address and invite
| your (likely many) customers here to reach out to you would
| probably surprise me from another company.
|
| I've been doing this long enough that just about every
| major vendor I've worked with has had (and taken) the
| opportunity to disappoint me with some unreasonable
| decision/change and even an occasional (unwarranted)
| account suspension. I think I've convinced every customer
| I've worked with to purchase a Cloudflare subscription.
| I've worked with support once and I've worked with someone
| handling the beta testing for Warp (a Romanian gentleman --
| he called me and shipped me a T-Shirt).
|
| The two people I talked with didn't have to tell me they
| enjoyed their job. You could hear it in their voice. The
| guy I talked to about Warp was as far from a salesperson as
| someone could be, yet he couldn't help explain some of the
| details about how interesting of a product Warp is.
|
| I can't count how many times I've pointed people at the
| Cloudflare blog to learn about "how all of the stuff
| between your code and the user's browser 'works'". I
| remember reading a post several years ago thinking "they're
| basically explaining how they achieved a major competitive
| advantage well enough for a competitor to duplicate." I
| didn't think that it was a _bad_ idea to do so --
| realistically, it didn 't represent a loss of IP -- I'm
| just surprised so much energy/time would be spent writing
| highly technical posts that sometimes "give away secret
| recipes" in a sense. It's wonderful from where I sit.
|
| I expect the HN crowd will recognize that people who have a
| _problem /issue/incident_ with a company/product are a
| "flobbity-jillion" times more likely to write a post (and
| have it hit the front page) than a guy like me who's had
| 30-ish opportunities to integrate your products into things
| I've written and have been delighted every time.
| slig wrote:
| I have a question that I couldn't find on the help docs: I
| got several domains on the early bird Pro price. Do you
| plan to discontinue the Early Bird pricing this year with
| the pricing increase?
| genewitch wrote:
| Money is not free, the cost of money has gone up
| considerably in the past 6 months. I haven't seen any
| indications that money will be cheaper anytime soon.
|
| All "VC funded" "free tier" and the like will be put on
| the back-burner. If you know anyone with a small
| datacenter and a decent peering agreement (3 lines of at
| least gbit) now would be the time to kick money their
| way, and tell everyone else to.
|
| It was tough times for small companies these past several
| years. Imagine trying to compete with netflix when their
| price was "all you (and everyone you know) can eat MP4s
| for $8". I actually cancelled my netflix subscription as
| _we weren 't using it anymore_ and the price was creeping
| up faster than siriusXM subscriptions.
|
| I know this is edgelord to post on a VC forum, but I
| haven't seen any indication i am wrong yet. Big news is
| 80,000-120,000 tech workers being laid off by the big 10,
| but what about all of the layoffs at smaller companies
| that are VC funded? What's that number look like?
| tcldr wrote:
| Funny. That's what OP said:
|
| > I would fully understand that I am required to upgrade,
| but why not sending me an email before shutting down my
| business completely?
| iamacyborg wrote:
| The fact that stuff needs to be raised at all is the
| problem.
|
| Clearly something has gone wrong if customers get treated
| this way.
| mdip wrote:
| Before piling on too much more, here ...
|
| ... Cloudflare has a _lot_ of customers[0]. They have to
| balance the cost of providing (a lot of) human support
| against the cost they can reasonably charge for their
| products. It 's a balancing act, and one that has worked
| out well for me, personally. It sounds like this issue is
| happening related to R2, which is quite new.
|
| You're not likely to see a post hit the front page with
| the title "I've integrated Cloudflare's products with 30
| or so customers and never had an issue" (or even be
| written). But experience an issue this large and you're
| going to _do everything_ -- make calls, post things to
| social media, reach out on HN where you know the CTO is
| an active participant -- and a lot of those are going to
| get attention from the small percentage of customers who
| felt wronged by CF but hadn 't spoken up.
|
| It's a crappy situation because it gives the impression
| that things are a mess when -- I'm willing to bet -- it's
| something along the lines of a problem in a quota checker
| and a failure of internal process to escalate the problem
| appropriately. That happens at _every_ big company in
| various places _all the time._
|
| Really, the only major difference here is that unlike
| _every_ other big company, their CTO actively watches
| Hacker News. When a problem pops up, _he_ willingly
| chooses to be Customer Service and from the sounds of it,
| that escalation to address "problems like this" is now
| happening. There's _going_ to be gaps like this at every
| company. When I worked at "BigCo", if something like
| this hit the front page of HN, you could expect a mess of
| people to have their phones ring. Work would be done to
| respond to the customer (variations on
| "acknowledge/minimize/suppress" communications -- on
| official company hosts). Staff would be forbidden from
| interacting in the ongoing discussion. The CTO might have
| had to have explained to him how to get to the web site
| containing the complaint.
|
| [0] I don't work for them; I'm just a happy customer so
| everything here is my view from the outside.
| iamacyborg wrote:
| I wouldn't say it indicates there's a mess, just that
| there's clearly some sort of broken process somewhere.
|
| 1. The customer is deplatformed without any notice
|
| 2. Customer support is failing to act on a false positive
| in a prompt manner and the customer has no recourse but
| to kick up a stink publicly
|
| Both of those are fixable problems and I agree that it's
| generally a positive to see a company's CTO act in so
| public a manner. That doesn't mean they shouldn't try to
| improve things from an internal process perspective
| though.
| mustacheemperor wrote:
| There's a number of users in this thread who describe being
| "ghosted" by your sales team, including for tens of
| thousands of dollars per year subscriptions. It seems like
| the email responsiveness you're personally offering does
| not match with what some people experience from Cloudflare
| in general, so I'm not surprised people wouldn't think to
| email you and expect a response.
| tardis_thad wrote:
| sorry, I did HN post in desperate move so my service can be
| online again - did not try to blame anything on @jgrahamc -
| other than that incident I'm very happy with Cloudflare
| Workers, it's an awesome tech.
| cultofmetatron wrote:
| we use cloudflare for their dns so not a complete change of
| arch. (this kind of lockin is precisely why I've stayed away
| from faas)
|
| more importantly, its important to send a message. We depend
| on these services for our livelihood. if I'm paying for a
| service, the least I'm owed is the ability to get in touch
| with a person to rectify the situation as soon as possible.
| Companies who want other companies relaying on their service
| need to provide that if they want to be taken seriously.
|
| EDIT: also, not to knock jgrahamc. appreciate that you're
| looking into this but one person on an email is not a
| scalable customer service solution for B2B. at the very
| minimum, there should be some sort of platform for filing the
| tickets, getting a timeframe on resolution as well as options
| to pay for faster turnaround.
| kkielhofner wrote:
| If you're using Cloudflare for DNS/registrar they have
| pass-through pricing. It's a loss for them - you're not
| paying for anything.
| cultofmetatron wrote:
| Thats even more reason to switch to Route 53. I didn't
| choose cloudflare at the beginning but its clear its a
| bit of a liability here.
|
| To put it in perspective, we had to send out apology
| emails to very irate customers when our system went down
| for 10 minutes in December.
|
| edit: Route 53 not S3*
| BasedInfra wrote:
| You use Cloudflare for DNS but are moving over to S3 to
| replace Cloudflare?
|
| Do you not mean Route 53, AWS's DNS product?
| shireboy wrote:
| Totally agree they should have provided a warning. Any Saas
| (and really would apply to social media, web mail, etc)
| should clearly warn before taking drastic action if
| possible. But I don't see how you'd have dns without vendor
| lockin. It's not like moving dns to godaddy would be
| better. Route53 is nice, but aws is also a vendor lots of
| people are locked to
|
| Similar for ddos protection- you almost have to use
| somebody.
| iso1631 wrote:
| If your arch has a single point of a failure its probably
| wise to remove it
| cybrox wrote:
| Are there any good alternatives that you (or him) already
| looked into?
| ignoramous wrote:
| Not OP, but we run two environments each of our service on
| Cloudflare Workers, Deno Deploy, and Fly.io (a small service
| albeit, 200 to 300 requests per second). In the event one is
| down, we switch to the other (via DNS).
| sparrish wrote:
| This, my system architect friends, is the proper response.
|
| Do NOT put all your eggs in 1 basket. Build redundancies
| and failovers so no 1 vendor can shutdown your business.
| cultofmetatron wrote:
| we had already been discussing amazon s3 since we are on aws.
| As clunky as aws can be, you can get in touch with a human if
| you need to.
| vertis wrote:
| This is the height of knee-jerk reactions, worse still it's
| largely pointless. Unless you're big enough to negotiate a
| specific contract with a cloud provider you're always going to
| be at the mercy of their catch-all policy.
|
| The only way to actually be protected in this case is to run a
| multi-cloud strategy. Even then it's only going to protect you
| so far if you piss off the powers-that-be / community (see the
| hosting trouble Parler had as an example, not that I'm fond of
| Parler or anything).
| [deleted]
| dicknuckle wrote:
| If the redundancy is already in place to not fully rely on
| cloudflare's product (whatever it is, DNS, R2, etc) the it's
| not a kneejerk reaction.
|
| It's an "I don't want to wake up to all our stuff running
| only on the backup provider because cloudflare shut us down
| for seemingly no reason with no warning".
|
| It's avoiding unnecessary alerts and triage for the ops team
| by snipping an apparent liability from the stack. I've
| already done the same after seeing a few of these kinds of
| interactions with cloudflare in the R2 discord.
|
| When I see a blog post detailing why this has been happening
| so often, and what they've done to fix it, I'll happily pull
| that infra code out of the mothballs.
| webstrand wrote:
| I've been interested in using Cloudflare Workers as the backend
| for an application. I don't care about caching or anything like
| that, but, can I serve exclusively non-html content from my
| Cloudflare Workers? Or is that a violation of their ToS?
|
| I would have never honestly considered serving _html_ from a
| Worker. I hope we can get an extremely clear statement from
| Cloudflare on what their policy is.
| kentonv wrote:
| You can serve non-HTML content from Workers. This is explicitly
| called out in the supplemental terms for the Developer Platform
| here:
|
| https://www.cloudflare.com/supplemental-terms/
|
| (I'm the lead engineer on Workers. I don't know what happened
| to OP, though; I'm not personally looped into that
| conversation.)
| Dylan16807 wrote:
| Another comment says "From what I understood is that it
| requires a manual over-ride on R2/ Workers because the thing
| that checks for the 2.8 TOS violation is not able to see the
| difference between Workers/ R2 and the standard CDN service.
| If you go to the R2 Discord channel you see this happening
| every other week"
|
| Is that at all plausible?
| dboreham wrote:
| Sales said something would never happen...
| badcppdev wrote:
| That's almost the same as Sales promising that the feature will
| be available in the next few weeks..
| onphonenow wrote:
| Haha - this. Or next quarter etc
| ethereal-haze wrote:
| Word of warning: don't use cloudflare
|
| Or really any service that has it written that they can end your
| business without notice~
| ignoramous wrote:
| > _...anyways I get it, perhaps I pay too little and should be on
| enterprise plan already_
|
| If you're on Workers Unbound, you're probably paying closer to
| ~$800/mo for 4b requests; or if you're on Workers Bundled, then
| ~2000/mo. What were you quoted for the Enterprise plan? I thought
| those start at $1500/mo?
| yamtaddle wrote:
| > I thought those start at $1500/mo?
|
| I wasn't able to get them to size something down under
| high-$4,000/m, when I looked at this a couple years ago. They
| acted like I was being annoying just for thinking there might
| exist any option between $200 and $5,000.
|
| We ended up somewhere else that was much cheaper for the actual
| service we needed. Every other company in this space I talked
| to was happy to come up with a plan that fit our needs and
| didn't include stuff we didn't need, plus their (negotiated,
| not public) outbound transfer rates were in every case cheaper
| than what CloudFlare's sales team offered us. They'd even offer
| high-touch onboarding help in that sub-$5k/m range (I didn't
| ask, they just offered)
|
| I think our spending's actually over $5k/m many months, now,
| but it'd be even higher at CF since the best rate on transfer
| they offered us wasn't great. I gather the actual customer demo
| they want is big, complex enterprises that need tunnels between
| multiple physical networks, oddball proxying set-ups, and stuff
| like that. That's not us, so they weren't a good fit--but
| what's weird is their self-serve plans _look like_ they 're
| trying to court use cases closer to ours, while they have no
| decent options for smoothly sizing up past that.
| runako wrote:
| Glad to hear this got resolved. Heads-up that your name may be
| infringing on a US trademark held by the BBC.
| supermatt wrote:
| Trademarks are for specific categories of goods/services. The
| trademark is for: - Audiovisual media -
| Books - Clothing - Toys - Entertainment
| events
| runako wrote:
| The USPTO record for this trademark includes several more
| categories:
|
| https://tmsearch.uspto.gov/bin/showfield?f=doc&state=4803:lq.
| ..
|
| In particular, if I ran this business, I would be concerned
| that I was infringing on this part of the trademark:
|
| "( computer software for use in downloading audio, video,
| still and moving images and data in compressed and
| uncompressed form from a computer or communication network;
| )) [ computer software for use in database management;
| downloadable electronic publications, namely, magazines,
| books, newsletters, pamphlets, printed guides, catalogues,
| manuals and programs featuring entertainment, instruction,
| education, sport and news; ] "
|
| That said, IANAL and specifically IANAIPL so as I said just a
| heads-up.
| [deleted]
| supermatt wrote:
| Its for the media. i.e. it would need to be a downloadable
| piece of software that you run. SaaS is a different
| category entirely.
|
| Also, regardless of trademark registration, its legally
| only trademark infringement if it is likely to cause
| confusion, deception, or mistake about the source of the
| goods and/or services.
|
| I doubt anyone is going to confuse a fictional time-ship
| (or related paraphernalia) with a SaaS providing crypto
| pricing (or whatever it is they do), or believe that they
| are made by the same organization.
|
| But I suppose people do litigate this stuff (or threaten
| to...), regardless of the spirit and letter of the law.
| runako wrote:
| As you sound like an IP lawyer, I will defer. But would
| still suggest the OP get a written opinion for his
| specific case from his own IP lawyer.
| supermatt wrote:
| Not an IP lawyer, not giving advice. Just aware of what a
| trademark is and isn't.
| mmahut wrote:
| Was your account disabled including the DNS?
| TigerTeamX wrote:
| Sad it happened. This highlights why it is important to reduce
| your exposure to external services. Right now I just deploy on
| bare metals servers and are ready to move them if need to. As
| they say, there's no cloud - just someone's else' computer
| gtirloni wrote:
| Do you manage your own global CDN network?
| Longlius wrote:
| Cloudflare has gotten incredibly bad lately. If you don't want to
| offer your services to someone that's fine but you should at
| least do the bare minimum and reach out before completely
| terminating a vital piece of infrastructure they rely on.
| asmor wrote:
| I've recently dropped and then readded (a few months later) a
| zone to Cloudflare for a domain only I ever owned. And they
| refused to add it for "policy" reasons, so I had to wait a week
| or so until Cloudflare just unlocked it without providing any
| rationale.
|
| It's not a company I trust to not randomly screw me over out of
| the blue anymore.
| Aeolun wrote:
| I went to look at your website to see what the service was
| about... but of course it's down :(
| katsura wrote:
| You can look at it here:
|
| http://web.archive.org/web/20230112195712/https://tardis.dev...
| TigerTeamX wrote:
| thanks
| somecompanyguy wrote:
| good to know. will make sure to never give cloudflare a dime.
| rafaelturk wrote:
| Cloudflare pricing is crazy rabbit hole. What are the triggers
| the need to migrate to Cloudflare enterprise? moreover is
| possible to just be pay-per use?
| plesiv wrote:
| OP, you have garnered a lot of sympathy by the HN community which
| I believe in part contributed to your problem being resolved. I
| think it would be fair to provide more info about what the issue
| was in the end. It's not OK to be like "HN I had a bad experience
| with Company X" and then be like "k, thx @jgrahamc, bye" when
| your complaint gets resolved due to the attention it received.
|
| There are so many questions this leaves unanswered:
|
| - Was this a one-off error in Cloudflare's processes? (These
| things happen on a big enough scale.)
|
| - Were you violating a specific clause of Cloudflare's T&C? How
| clear was the clause? What did you do to fix this?
|
| - Was the issue that Cloudflare estimated that you're not paying
| enough given the bandwidth you're consuming? Did you end up
| signing up for the Enterprise plan?
|
| Transparency would benefit both Cloudflare (in not making people
| unnecessarily apprehensive about becoming/remaining a customer)
| and you (in demonstrating that you're handling this issue in a
| professional and responsible manner).
| NicoJuicy wrote:
| Cloudflare is really transparant about things ( eg. outages).
|
| Reality is that Cloudflare serves 60% of the internet and this
| issue popped up. They are checking it internally what happened,
| as I understand from jgrahamc.
| nolok wrote:
| I don't think you realize it, but your answer while being
| wrong on many levels isn't even saying what you think it is
| saying. Reading your message, what one understands is
| "Cloudflare has so much on their hand you would be stupid to
| give them your business and think they would have time to
| deal with it", aka run away.
| dezb wrote:
| oh it is 100% entirely OK to share that you got screwed by a
| company .. this crap happens all the time.. companies like this
| get away with ZERO shits give about customer support all the
| time.. it is insane..
| lolinder wrote:
| Not that this is true in this case, but a large number of HN
| support thread creators are _very_ cagey about the nature of
| their business. I suspect a lot of the time they _know_ they
| broke the ToS and are hoping that HN will get the pitchforks
| out to help them get their way regardless.
|
| Again, that doesn't seem to apply here, but I've stopped
| assuming that the existence of an HN support thread by itself
| shows malfeasance or incompetence on the part of the company.
| nightpool wrote:
| Why "doesn't it seem to apply" that a blockchain
| scraping/data aggregation firm would be cagey about the
| nature of their business? I can't think of shakier grounds
| for a business to rest on, in two different dimensions
| (https://news.ycombinator.com/item?id=34639879). (Reliance
| on customers not being sophisticated enough to set up API
| integrations themselves, reliance on blockchain as a
| failing segment of the market). Obviously it's not
| necessarily against Cloudflare's TOS to be a precarious
| business, but generally when a business' foundation is
| sketchy than it's more likely that more of the interactions
| they have with others are going to be sketchy.
| mynameisvlad wrote:
| Is Zapier untrustworthy? ITTT? Microsoft with Flow?
|
| It's absurd to think that somehow, just because someone
| works on tools that help people do things without code,
| that they're somehow untrustworthy because of targeting
| "customers not sophisticated enough". That's insulting to
| both the service and their customers.
| ndneighbor wrote:
| Unfortunately the norm in our industry, can't have "Cloud"
| margins without sacrificing something.
| nullcaution wrote:
| > It's not OK to be like "HN I had a bad experience...
|
| That is rather aggressive?? Maybe thry live in another time
| zone and are asleep, or have other obligations like school
| pickup. Given them at least 24 hours to respond. sheesh...
| [deleted]
| runnerup wrote:
| Would be nice if any parties which end up "using" HN to solve
| their customer service issues were somehow obligated to provide
| the community with a candid postmortem.
|
| That would be the right way to give back for customers using us
| as an amplifier and for corporations relying on us to be a
| shibboleth (a prefilter so providers know that this is a true
| issue unsolvable through existing support channels they have
| established for customers).
|
| Sharing these learnings with other potential founders would
| also be in line with the raison d'etre of HN. It would provide
| other founders with lessons they can takeaway and apply to
| their future startups to maybe do a few of these things right
| the first time around.
|
| For both sides, HN is "picking up slack" in the system and it
| would be right to support the community with candid
| postmortems.
| tardis_thad wrote:
| I'd be happy to provide more info but I have none. First I
| communicated with support which told me that my account was
| restricted most likely due to 2.8 clause violation (non html
| content) and suggested to contact with sales which I
| immediately did.
|
| Sales over the phone (was fastest) told me that it's good I
| contacted as otherwise in 24hours my account would be fully
| banned(whatever it means) and that they will prepare me an
| offer in 15 minutes, but it was taking longer (no response
| after an hour or so) and in the meanwhile I wrote Twitter and
| HN post which CTO of Cloudflare noticed and then after a while
| I've got another phone call from sales that I should update my
| ticket to ask unbanning my account as it was approved now by
| CTO which I did and that solved the issue at least for now -
| and that's it - no further info what the issue was, still
| waiting on Enterprise plan quote for me.
| nightpool wrote:
| "most likely due to" 2.8 clause violation? So Support wasn't
| able to say conclusively why your account was restricted?
| ajdude wrote:
| Unfortunately this is the norm when ML algorithms are at
| the wheel. Nobody can conclusively tell why an AI
| restricted an account; they can only guess.
|
| I don't know if this is the case for CF but it seems to be
| for other businesses.
| CamperBob2 wrote:
| _Unfortunately this is the norm when ML algorithms are at
| the wheel. Nobody can conclusively tell why an AI
| restricted an account; they can only guess._
|
| This is why these types of complaints need to be cc:'ed
| to your congressional representatives in the US or EU
| representatives elsewhere. No one else can do anything
| about the root problem of companies that take customers'
| money and deny any form of accountability.
|
| For every customer who gets lucky on Twitter or HN, there
| are probably a dozen who end up with no recourse at all.
| atmosx wrote:
| So the takeaway is "use cloudflare and pray to the ML
| Gods that things won't go south?". Doesn't sound
| reassuring. Funnily, in all fields were AI and ML has
| been involved the QoS has degraded. Like these
| technologies used to be a marketing trick (we use AI)
| these days poor QoS is reason to find corps that do not.
| capableweb wrote:
| > Unfortunately this is the norm when ML algorithms are
| at the wheel. Nobody can conclusively tell why an AI
| restricted an account; they can only guess.
|
| I don't think it's usually that they don't know what's
| going on, but that they don't want to tell you, because
| they think that's giving away too many details.
|
| I've been flagged in many systems as I move around in the
| world quite a bit, so sometimes I use a credit card
| acquired in one country in another, and a couple of days
| later using it on the other side of the planet, which
| triggers their anti-fraud systems. Then I write to them
| and they reply something like "Unfortunately you cannot
| continue to use our services as your account been flagged
| as potential fraudulent use. We cannot give you any
| details because then it'll be easier for fraudulent
| actors to work around it, so I'm sorry we cannot tell you
| anything else. Bye."
| bluedino wrote:
| Rep probably rolled their eyes, said "that's why 99% of the
| accounts get turned off", and sighed.
| pffft8888 wrote:
| Wow. I was just about to code a key part of our startup's
| platform using workers and durable objects. I had zero idea
| that workers are intended for html output and that if they
| were used for JSON-RPC they would ban us if we are too
| successful. Crazy. The whole point of the service is free
| egress. What a joke. Pass. Will look into Fastly.
| last_responder wrote:
| Im on the fence about whether this is accurate. There was
| an addendum posted somewhere in this thread that clarifies
| that non-html is just fine.
|
| In reality Im in the same exact position you are and maybe
| I just want to believe this is something other than that. I
| dont see why they would care about the content. There has
| to be something else to this story.
|
| I didn't deploy yet and this has me scared enough to get me
| thinking about an alternative. Time to spin up a new linode
| instance I guess.
| godzillabrennus wrote:
| Hilarious you got sales to call you back. I had to ping their
| CTO after multiple attempts to have sales work with me
| failed. He finally got them to give me a demo of their zero
| trust solution. No one ever followed up with me again though.
| It's like they don't want to sell an enterprise (tens of
| thousands of dollars a year) subscription...
|
| The only sales guy who called me back before the CTO got
| involved was Kingsley Okoroh out of their UK office. I'm in
| the states. He even had no idea why no one in the states
| would call me. Anyway, Kingsley tried hard to help, Kingsley
| should be their head of sales since no one else cares.
| yamtaddle wrote:
| I've had only limited interaction with their sales people,
| but find it interesting they weren't on-the-ball trying to
| sell an account that valuable, either--we were more toward
| the bottom end of their enterprise range, so I'd just
| assumed we were too small-potatoes for them, but those were
| by far the least-hungry sales people I've ever interacted
| with. It was like I was bothering them. LOL. Also some of
| them seemed to know very little about their offerings,
| market segments, et c., which was weird.
|
| [EDIT] Oh, tens of K $ per _year_ , not month. Yeah, that'd
| have been us, too. Mid tens of K $ per year.
| dismantlethesun wrote:
| I agree. I contacted Cloudflare sales for a small order
| of just a 100k or so per year, and they totally ghosted
| me after my first round of questions. No quote, no
| contact, nada.
|
| I gave up and went to Fastly.
|
| You may say my order was too tiny but even Akamai gave a
| response; they just didn't have any turn key product that
| suited my needs.
| yamtaddle wrote:
| Yeah, CloudFlare was unique among the companies in this
| space that we contacted. The others' sales folks all gave
| way more shits, even at fairly big companies where I'm
| certain we wouldn't be a notably-large account. They were
| also by far the least-interested in tailoring their plan.
| "Oh you don't want to pay for this giant pile of stuff
| you don't need? Hm. Well. Too bad." Seemed like they
| wanted all-or-nothing, for enterprise plans, which leaves
| a big gap in their offerings between the top self-serve
| and the bottom end of enterprise--seems like a pretty
| major gap in their funnel, letting all those accounts
| just _leave_ if they exceed self-serve but can 't justify
| the very-expensive minimum enterprise plan, but I guess
| it's working for them?
| nolok wrote:
| Wait they're less reponsive than Akamai ? I ran away from
| Akamai because of their sales people and how they
| apparently embedded their dark soul straight into the
| user interface they give you to use, and by use I mean
| summon an akamai billing person from the depths because
| you're not allowed to do anything without them.
|
| I know they're doing good but Cloudflare must be even
| more successful than I thought if they can afford that
| level of ineptitude at sales level
| tachim wrote:
| exact same experience here.
| bastardoperator wrote:
| Why would I chase 10 of thousands of dollars a year when I
| can chase hundred of thousands or millions of dollars? You
| didn't talk to an actual salesperson, you spoke to a BDR. A
| BDR quantifies leads and determines if your spend is worth
| the time. If you didn't get a call back it's because the
| BDR identified you as small time. I'm not trying to be
| rude, just pointing out how many sales teams tend to work.
| UncleEntity wrote:
| > Why would I chase 10 of thousands of dollars a year
| when I can chase hundred of thousands or millions of
| dollars?
|
| They have someone on the hook with customers hounding
| them to get their system back online and it isn't worth
| spending a few minutes to quote a guaranteed sale?
|
| Something about a bird in the hand comes to mind...
| hapidjus wrote:
| BDR?
| CallMeJim wrote:
| Business Development Representative.
| tobyjsullivan wrote:
| Impressively, the expansion conveys about as much
| information as the acronym.
|
| "Gatekeeper" is a more accurate translation.
| notahacker wrote:
| In most companies it's more accurately translated as
| "lead generator" or "sender of spam emails and LinkedIn
| messages"
| luckylion wrote:
| Why wouldn't you do both? And if your sales department is
| maxed out by chasing the big contracts so much so that
| they don't have time to onboard someone spending 50k a
| year, get more sales people.
| lowercased wrote:
| Unsure how it's "chasing" when people call you. I'm more
| than a 'warm lead' at that point. I'm calling you wanting
| to buy your product. And yeah, I know not everyone who
| calls wants to buy immediately - some are just tire
| kickers or getting a quote. But... again... it's not
| 'chasing'. It's not even 'selling' so much as 'order
| taking', imo.
| notahacker wrote:
| yeah, any decently set up sales team for any company
| selling to the whole market ought to have some sort of
| sales team member that's happy dealing with higher
| volumes of transactional sales, even if the main focus of
| most of the team is million dollar accounts, unless their
| self service programme scales to massive numbers or they
| don't deal with smaller companies at all.
|
| Someone ringing up to say "I need a quote for this level
| of usage as I think I'm into your enterprise tier" might
| be asking for a smaller quote than the Big Fish the BDR
| has sent a cold email to who's eventually been convinced
| to take a meeting, but they're more likely to convert and
| unlikely to take lots of meetings or a particularly
| skilled salesperson to do it...
| bastardoperator wrote:
| I don't disagree, but I've also never seen a enterprise
| sales organization that caters to businesses that don't
| already have millions of dollars in spend sitting in the
| war chest. We'd all jump at 50k because we're reasonable
| humans that understand thats a lot of money. However,
| when you're on the hook for booking millions of dollars
| in business in what amounts to 60 working days (90 day
| quarters), you might think about it differently is my
| limited understanding.
| irq-1 wrote:
| > I should update my ticket to ask unbanning my account
|
| That is a very broken process! Ask the user to change the
| ticket, so they can do something that they already know is
| approved? Sales department sounds like a disaster.
| dylan604 wrote:
| doesnt make support out any better though. if i can later
| just update the ticket myself with "cause the CTO says so"
| seems sus to say the least
| moneywoes wrote:
| Wow very interesting product, what's your GTM strategy
| danuker wrote:
| Cloudflare: MitMaaS
|
| https://framagit.org/dCF/deCloudflare/-/blob/master/readme/e...
| genewitch wrote:
| that site needs an editor. Like a human editor, so that
| everything is consistent looking.
|
| And whatever happened to ngate?
| grosswait wrote:
| Good things to keep in mind
| jamespo wrote:
| All of that is well known surely, it's still the site owners
| choice, including whether to block tor traffic which is often
| the source of these issues.
| wrldos wrote:
| Wow that's a whole lot of ire, rivalling some other large tech
| firms. Definitely worth investigating. I consider Cloudflare to
| be an annoyance generally but I hadn't put it in context to
| what they ultimately have control over.
| RektBoy wrote:
| Can someone explain to me why anyone would pay for this SaaS, and
| instead just use an api from all markets?
| 2kan wrote:
| APIs from Exchanges return the current state of the market, and
| this SaaS captures and stores this market data. Imagine you
| want to enter a new market or instrument/symbol for which you
| never recorded market data yourself. You can buy historical
| data from this SaaS to train your models and backtest your
| strategy.
| pier25 wrote:
| This is very worrying.
|
| I use Workers to cache and stream audio. I was under the
| impression Workers were under a different TOS since the business
| model is totally different and paid per req.
| [deleted]
| jgrahamc wrote:
| I've asked internally to understand this.
| nickcw wrote:
| Can you clarify the terms an conditions about Cloudflare R2
| please?
|
| On the R2 page https://www.cloudflare.com/products/r2/ we see:
|
| > No more egress charges. You shouldn't have to pay to access
| your data. Pay no egress charges for data accessed from R2. Our
| affordable and consistent pricing means no more surprise bills.
|
| Whereas I think the non-HTML traffic terms still apply to R2.
| Or do they?
| vlovich123 wrote:
| The supplemental terms about the developer platform apply to
| R2 (https://www.cloudflare.com/supplemental-
| terms/#cloudflare-de...). Same goes for Workers itself (the
| Cache api within Workers is also covered under these vs the
| non-HTML content restriction applies to the normal CDN path).
| rafaelturk wrote:
| I really curious about how this unfolds, I was planning to
| migrate from `AWS Lambda` to `Cloudflare Workers` as a paying
| customer. I'm basicaly an API with lots of JSON.
|
| Why Cloudflare cancel paying Workers customers? Makes no sense
| to me.
| throwaway6845 wrote:
| I would really like you to clarify your intentions on serving
| non-HTML content.
|
| I say this slightly nervously as a Cloudflare customer who
| serves some amount of binary data. One message is "it's ok if
| you're on a paid plan". Another is "it's not ok at any time".
| My suspicion is that "it's ok unless we notice you".
|
| If you could come up with consistent understandable messaging
| that would help a lot. I don't mind paying (stay competitive
| against AWS and Hetzner and that's all I need) but the
| uncertainty is not good.
| tlonny wrote:
| Posts like this make me so angry. Its unacceptable that _paying
| customers_ need to rely on the lottery of going viral of
| HN/Twitter to shame companies into providing legitimate
| customer support!
|
| A moment of silence for the 100s of people who've made posts
| similar to this but not made it to the front page, and thus had
| their grievances ignored...
| jgrahamc wrote:
| I replied when this has no upvotes and was nowhere near the
| front page.
| wewxjfq wrote:
| Scraping sites can be useful, huh?
| oefrha wrote:
| HN has an official API, no scraping needed.
| Veen wrote:
| That response misses the point by a wide margin.
| Etheryte wrote:
| Not a big surprise given they think HN threads are an
| acceptable form of customer support for paying customers.
| jgrahamc wrote:
| [deleted]
| Veen wrote:
| Friendly advice, stop digging and step away from this
| thread/talk to your PR team. You're not helping yourself
| or Cloudflare by responding in this way.
| jgrahamc wrote:
| You're right. I'm taking all this too personally.
| ignoramous wrote:
| No matter how you took it, I want to say that there are
| others here who appreciate your presence.
| resonious wrote:
| It's pretty amazing to me that _even after seeing a
| response from a real human being_ , people continue to
| dog pile.
|
| To those continuing to foam at the mouth: what would be
| the ideal outcome? Cloudflare closing up shop entirely
| after this? The whole "this shouldn't have happened in
| the first place" mentality is completely unproductive.
| KptMarchewa wrote:
| >To those continuing to foam at the mouth: what would be
| the ideal outcome?
|
| Cloudflare changing their TOS from
|
| >Cloudflare may, with or without notice to you and
| without liability of any kind, temporarily limit your
| storage and/or the number of requests you can make or
| receive using the Developer Platform for any reason (in
| its sole reasonable discretion), including without
| limitation
|
| to something that does not allow them to do so on a whim,
| or with requiring upfront notice.
| undefinedzero wrote:
| Wow this is the worst take about customer service I have
| ever seen by a company. You cause huge issues for
| business with the touch of a button, and when they
| require help and don't think the cause was acceptable
| behavior, they're whining? Just wow.
| Traubenfuchs wrote:
| Those are the people in control of like half the internet
| traffic in the world.
|
| Let that sink in.
| genewitch wrote:
| 10% globally and 30% of US traffic. Probably. Google has
| more aggregate users and traffic, and they're also world
| renowned for not having any customer service short of
| "blowing up on twitter" or getting lucky here on HN.
| jgrahamc wrote:
| I've removed the word "whining" but to be clear I was
| _not_ talking about the person who posted on HN that they
| had a problem. I immediately jumped on their problem when
| I saw it and I 've ended up spending almost all morning
| on it. I took the long threads personally and should not
| have done.
| FeepingCreature wrote:
| As the joke goes, "A failure in the outage reporting
| service can take surprisingly long to notice."
|
| When your customer service is failing to handle a case,
| how exactly are you gonna catch on without using out-of-
| band signaling?
| Aeolun wrote:
| It's an acceptable form of support as long as it's
| reliable.
| adamhp wrote:
| Damned if you do, damned if you don't.
| tardis_thad wrote:
| and I really appreciate it, not trying to blame anyone, I
| created HN post as desperate attempt to have my service
| online again, hope you understand.
| jgrahamc wrote:
| Dude, I'm not mad at you for reporting it. I'm working
| internally to figure out why your site was throttled and
| take appropriate action.
| simultsop wrote:
| he's constantly thankful for ur help despite 12 hours
| downtime
| Picblick wrote:
| I'm always unsure how to read this. One one hand it is nice
| that there is someone in the company willing to do work which
| is in the interest of the customer (of sorts). But on the
| other hand it shows the company is willing to let quality,
| support, customer care, service and everything else decline
| but when it comes to public image is prepared to do
| everything within their power, even (yuck) their job in order
| for damage control. Now that I'm writing this I know exactly
| how to read comments like "now that it's in the public eye,
| we'll do something - maybe".
| Wowfunhappy wrote:
| It doesn't make the problem go away by itself, but I would
| rather have jgrahamc helping people than not.
| jgrahamc wrote:
| [deleted]
| FeepingCreature wrote:
| I think people see a lot of posts like "I tried to get
| help with my problem but received no response" and don't
| think about the selection bias involved. (Of course, if
| someone gets helped by customer service with no issues,
| that doesn't tend to come to Hacker News' attention.)
|
| But from their perspective it does feel like these sorts
| of posts are the only way to get attention on a problem.
| jgrahamc wrote:
| [deleted]
| FeepingCreature wrote:
| Right, I agree it sucks for you, I'm just trying to
| explain why I think it happens.
|
| (People don't think about incentives either.)
| mcv wrote:
| People like jgrahamc are the people who care and are
| embarrassed their company provides such unreliable
| service. I just wish the people in charge of these
| companies felt the same responsibility and embarrassment.
| Malp wrote:
| jgrahamc is the CTO of Cloudflare.
| mcv wrote:
| I did not know that. That certainly changes things.
|
| I don't know how many people work at Cloudflare, but I'd
| imagine it's more efficient to have a working customer
| support system than to have the CTO personally handle
| every problem.
| Malp wrote:
| I agree about the efficiency and wouldn't expect anyone
| to know that on a thread, off of a handle alone. However,
| I see it in a more positive light- based on John's other
| comments in the thread, he's made the time to stay active
| in communities like this one even as the CTO and followed
| up with folks internally to understand how an oversight
| like this could've happened.
| archon810 wrote:
| Will you come back and tell us what happened here?
| tardis_thad wrote:
| thanks, much appreciated!
| matvp wrote:
| While I agree HN shouldn't be used as a way to get direct
| customer support, I don't think it's fair to grab and point our
| pitchforks to @jgrahamc over a one sided story. There's not
| nearly enough information from both sides to create fair
| judgement (these things happen, unfortunately, at larger scale
| with automated processes). What matters is the afterthought and
| actions taken of what's going to prevent a similar situation in
| the future (which I'd love to read from both OP and @jgrahamc if
| possible). HN is my go to stop for well formulated opinions
| written by people way smarter than me and I think we dropped the
| ball here, HN can do better. That said, happy that your issue got
| resolved OP and goodluck with your project!
| octacat wrote:
| Oh my, 2.8 is "great". Time to reread the service terms. And it
| is in the times of API-s (and 20 years since ajax). Otherwise,
| this means that we can use workers for some stuff but need to use
| another provider for other stuff. Complexity overload, would
| rather use one provider, unless there are some great savings to
| move stuff to workers (that could cover the development
| complexity).
| Dowwie wrote:
| 4 Billion requests per month involving 1 Petabyte of traffic
| doesn't seem like a "small SAAS", at least packet-wise. If its
| small revenue-wise, addressing that is a business concern as
| important as having your platform throttled for using the cheapo
| economy edition tier of whatever you've signed up for with
| Cloudflare. Did Cloudflare issue any formal communication with
| you warning about usage and how it violates contractual terms, or
| did they "ban" you out of nowhere?
| tiew9Vii wrote:
| Sounds like OP has spoken with cloudflare previously about
| their usage/cloudflare services, likely looking to upgrade by
| the sounds of it but sales maybe gave the impression OP was ok
| on current level of service.
|
| > I would fully understand that I am required to upgrade, but
| why not sending me an email before shutting down my business
| completely? I even asked about such scenario on zoom meeting I
| had with their Sales and they said it will never happen
| yamtaddle wrote:
| > Sounds like OP has spoken with cloudflare previously about
| their usage/cloudflare services, likely looking to upgrade by
| the sounds of it but sales maybe gave the impression OP was
| ok on current level of service.
|
| They've done this to me, too--I read the TOS and tech docs
| and plan details and ignored them, because according to their
| own stuff, they were wrong, and "first-tier sales guy said
| it" isn't a helpful recourse if you get told to leave (so,
| migration costs) or pay $$$$ because you're violating their
| _documented_ permitted usage.
|
| Hilariously, they also seemed really confused when I brought
| up a gaming use-case _that they had an entire sales landing
| page for_.
|
| (Nb I actually like, use, and would recommend CloudFlare for
| _some_ workloads and use-cases)
| twawaaay wrote:
| I worked for a large bank, my internal backend would receive
| couple orders more requests from other internal apps and users
| and probably similar traffic.
|
| It is very easy (relatively) to build a SaaS platform that
| serves this amount of traffic and this can be done by even a
| one determined individual or a small startup team.
|
| I don't think it is useful to measure the size of the company
| in the amount of requests they are serving. Revenue/number of
| employees are much better measurements saying more about the
| type of things that are/can be happening. They may have
| relatively low margins per request and need to get to 4B to get
| by to pay for couple salaries?
| rightbyte wrote:
| Are you doing RAM-aaS or something?
|
| Must be alot of redundant data back and forth.
| slackwaredragon wrote:
| I've worked with several EMR (Electronic Medical Record)
| systems that communicate an absolute metric shit-ton of
| redundant data for no reason other than just because and
| bad programming habits. Banking and Healthcare thrive in
| redundant redundancy.
| twawaaay wrote:
| I said nothing about the application and you already know
| everything about it.
|
| Seems like I spent quarter of century in this business for
| naught.
| rightbyte wrote:
| There is a huge waste of power on the internet with data
| going back and forth for no good reason.
|
| Obviously I have no clue about your work.
| thejosh wrote:
| So them just banning the customers service with no explanation
| until they raise a stink here is okay?
| Dowwie wrote:
| It's not clear that was the issue at hand, and is why I
| literally just asked about communication
| tardis_thad wrote:
| No formal communication at all as mentioned before if
| Enterprise plan is a must for my account I'll sign up on it,
| just was told before it was not required - I'm not using or
| need any enterprise level features.
| byteofbits wrote:
| The comments here have mainly focused on the issue of instant
| suspension - which is obviously deeply concerning - but I also
| feel like there is a huge issue at Cloudflare regarding their
| Enterprise pricing model.
|
| Cloudflare's sales team and Enterprise pricing model are one of
| the least effective sales organisations I have encountered in
| this space. Given the technical nature of their product, it's
| extremely hard to explain even basic uses of the tool and things
| like Workers are near impossible to discuss with them. I was
| really unsurprised to see that OP had a failed Enterprise
| negotiation with them as I have had the exact same conversation
| at three different companies now and can imagine perfectly what
| you were told.
|
| The current offerings of Enterprise and Enterprise Lite simply do
| not map to the reality of how people use the tool and scale
| businesses on top of it. I think in part due to Cloudflare's
| history essentially selling bandwidth and caching, the model is
| fixated on high binary traffic workloads and simply cannot
| comprehend the SaaS service model that runs on it and tools like
| Workers.
|
| This is mostly a rant and hopefully a small +1 signal that this
| area needs major improvement - but I would also love to hear if
| anyone else has had interactions with Cloudflare Enterprise and
| how they found that process?
|
| (Disclaimer: I'm a massive fan of Cloudflare, a user of their
| products and hold their stock)
| bob1029 wrote:
| > Cloudflare's sales team and Enterprise pricing model are one
| of the least effective sales organisations I have encountered
| in this space.
|
| I have seen this everywhere. Any large software company seems
| to operate with 2 completely different heads when it comes to
| technical sales support.
|
| The "best" experience I've had was with GitHub Enterprise
| sales, but mostly because they just gave me access to the
| docs/binaries without much frustration. If I had a bunch of
| questions about the technology vs cost vs how we _actually_
| want use their product, it would have been a substantial
| nightmare.
| count wrote:
| I've had the exact opposite experience with GitHub enterprise
| sales. It took _3 months_ to get them to add a new user block
| to our existing sub. Sometimes I think it 's amazing they're
| able to even generate revenue as poor as that experience was.
| It's a shame we like the product (mostly) so much...
| tardis_thad wrote:
| I'm also a massive fan of Cloudflare in general, love their
| Workers and related products, just that one aspect of account
| suspension without warning could be improved a little bit :)
| asmor wrote:
| I've been in a sales call with a German CF representative, and
| it just seemed to be a third party being excited about the
| features using the demo account half for their hobby and half
| for demonstrations with almost every feature set up and
| demoable. They even hosted their own toy AS on Cloudflare Magic
| Transit.
|
| It was pretty novel and refreshing.
| byteofbits wrote:
| This is really interesting - all my interactions have been
| with people in the London office and were not like this.
|
| Perhaps it varies by region?
| [deleted]
| andrewstuart wrote:
| "The large print giveth, the small print taketh away" has never
| been more true than with Cloudflare.
|
| None of Cloudflare's marketing or technical documentation makes
| any explicit reference to "permitted usages" for Cloudflare
| services such as R2 and Workers.
|
| This page for example means one thing without any reference to
| permitted usages and would mean something entirely different if
| the permitted usages were promoted with the same level of
| visibility as the benefits.
|
| https://www.cloudflare.com/products/r2/
|
| Nothing here tells me I cannot write my own video serving code
| with Workers:
|
| https://workers.cloudflare.com/
|
| You might even believe "whatever you need" from this paragraph
| from the above link:
|
| "Static assets with dynamic power. Say goodbye to build steps
| which pre-generate thousands of assets in advance. Harness the
| unrivaled raw power of the edge to generate images, SVGs, PDFs,
| whatever you need, on the fly, and deliver them to users as
| quickly as a static asset."
|
| This developer documentation would takes on an entirely new
| meaning if a link to "acceptable uses" was prominent at the top
| of each page (not fine print).
|
| https://developers.cloudflare.com/r2/get-started/
|
| https://developers.cloudflare.com/r2/data-access/workers-api...
|
| https://developers.cloudflare.com/r2/examples/demo-worker/
|
| Have built an entire application around assuming there were no
| such limitations I now need to rebuild elsewhere.
|
| Humph.
|
| I now no longer even understand what "no egress fees" means - in
| a way that's worse than the big cloud providers where at least
| you know they are charging you 9 cents per gigabyte.
| vb-8448 wrote:
| Very similar to this other one
| https://news.ycombinator.com/item?id=34235237
|
| I just repost the same comment I put in the above thread
|
| > The thing that scary me most is that his business get shut down
| without any notice period (at least the author not mentioning any
| previous communications from Cloudflare team about the issue).
|
| > This is really a shitty thing from Cloudflare, you cannot shut
| down an already running business without any notice/grace period.
| mynameisvlad wrote:
| I disagree. The other one was a clear case of someone knowingly
| breaking the TOS (same non-HTML content but in that case they
| were hosting a service which almost exclusively returns non-
| HTML content). The OP even admitted in the comments that they
| knew very well they were breaking the TOS but wanted some
| notice.
|
| I don't really feel any sympathy for that poster. They
| knowingly broke the rules, they had to have known that CF could
| come and shut them down at any time, and they still went ahead
| and threw the pity party knowing that they are pretty much
| entirely in the wrong. It's very much a "play dumb games, win
| dumb prizes".
|
| Would it be nice for CF to give a heads up? Sure. But I don't
| think it's required, and especially not in an egregious case
| like that one.
| vb-8448 wrote:
| In my opinion, it doesn't matter.
|
| They "tolerated" a non-compliant use of their service for so
| long time (maybe because in the past their only goal was to
| increase adoption?!?) and suddenly they decided to change
| strategy?! No problem, it's their choice, but adding an x
| days grace period should be the standard. It's really easy to
| do.
|
| > Would it be nice for CF to give a heads up?
|
| Well yes, it will be really welcome. Mostly for all other
| their user(1/3 of internet or something like this) that maybe
| doesn't even know there are not full-compliant to TOS and
| risk their business to be terminated suddenly.
| mynameisvlad wrote:
| > Mostly for all other their user(1/3 of internet or
| something like this) that maybe doesn't even know there are
| not full-compliant to TOS and risk their business to be
| terminated suddenly.
|
| Warnings are nice, but it's ultimately the user's
| responsibility to read and understand the TOS, what they
| can and can't do. Ignorance is no defense. Just because you
| didn't know murder is illegal does not mean you can go kill
| random people and claim "oopsie, I didn't know, I wish you
| had warned me ahead of time".
|
| > suddenly they decided to change strategy
|
| They never changed strategy. It has always been explicitly
| against the TOS and explicitly mentioned as something you
| can't do in their documentation. Just because someone is
| below the threshold for Cloudflare's automated detection
| does not mean CF is allowing their use. Their use is still
| against the terms they agreed to, it's just not detected
| yet. If you are doing things you _know_ are against the
| TOS, like that other poster, then you should _very well_
| know that your time is limited and your access can be
| yanked at any point in time.
| stale2002 wrote:
| > Warnings are nice, but it's ultimately the user's
| responsibility
|
| It is actually ultimately the responsibility of the
| company, cloudflare, to clearly communicate their rules
| and ToS to the users. Because they are the multi-billion
| dollar business, and making things clear is their
| responsibility.
|
| Throwing your hands up, and blaming confusion on the user
| is a way to rightfully cause users to hate you, and
| rightfully cause you a large amount of monetary damage as
| people decide that your company is not worth the risk.
|
| Or even more, a user is within their right to cause large
| amount of monetary damages to the company, via viral
| social media outrages, such as this one. PR damage is
| real, and is a totally valid tactic, that a large company
| deserves, if they are making mistakes like this.
|
| And it seemed like the damage caused by this post was
| very real. Cloudflare executives are posting in this
| thread.
|
| So, actually, I would say that it is not just nice, but
| obligated to provide warnings, elsewise you get a
| situation like this, which is causing real damage to the
| company.
| mynameisvlad wrote:
| How, exactly, is the TOS and pages mentioning this
| limitation _not_ clear?
|
| I mean, it was clear enough for the other OP to know they
| went against it. They didn't need to be told, they
| already knew their usage was against the TOS and just
| didn't like that Cloudflare decided to enforce the rule
| they very well knew they were already breaking. They even
| said it themselves.
|
| I already even said that is why I don't agree the issues
| are in any way the same, but you opted to ignore that and
| continue down your diatribe of "it's always the company's
| fault".
|
| > Throwing your hands up, and blaming confusion on the
| user is a way to rightfully cause users to hate you, and
| rightfully cause you a large amount of monetary damage as
| people decide that your company is not worth the risk.
|
| TIL that users are just allowed to do whatever they want
| with no repercussions because it's too difficult to read
| the agreement they signed. The one that tells them what
| they're explicitly not allowed to do. But no,
| _definitely_ the company's fault that a customer was
| taking advantage of them and their services. _Totally_.
|
| > Cloudflare executives are posting in this thread.
|
| So? People post here all the time. "HackerNews support"
| is a trope at this point and says nothing but that
| executives want to do damage control. It says nothing
| about the TOS being clear on the issue.
| tardis_thad wrote:
| See https://news.ycombinator.com/item?id=34642984 I wasn't
| breaking the ToS at least not 2.8 (non html content) - my
| point was that I can understand I'm heavy user of the Workers
| and built-in pricing may not be economically feasible for CF
| to serve me hence push to Enterprise plan - I get it, just
| wish it was communicated to me clearly and beforehand my site
| went down.
| mynameisvlad wrote:
| Specifically was talking about the GP comment's link to the
| other post, where they very explicitly and knowingly went
| against the non-HTML clause. They were running some sort of
| image SaaS product where the vast majority of their (non-
| Worker) usage was images.
|
| I think that case is different than this one _because_ it
| was very obvious that it was against the rules, to the
| point where even the OP of that post came in to say that
| yes, they knowingly violated the TOS but would have
| appreciated a heads up.
|
| The comment I was referring to:
| https://news.ycombinator.com/item?id=34235749
|
| Sorry for the confusion, I tried to separate using "this
| post" and "that post" but I'm sure I slipped up somewhere
| there.
| smashah wrote:
| Are there no laws around account removal/shutdown? In the future
| I will be actively asking service providers their procedures on
| account shutdown.
| [deleted]
| IanCal wrote:
| What even is the restriction on returning JSON? One of the
| examples is explicitly how to return JSON
|
| https://developers.cloudflare.com/workers/examples/return-js...
|
| From the terms
|
| > 2.8 Limitation on Serving Non-HTML Content
|
| > The Services are offered primarily as a platform to cache and
| serve web pages and websites. Unless explicitly included as part
| of a Paid Service purchased by you, you agree to use the Services
| solely for the purpose of (i) serving web pages as viewed through
| a web browser or other functionally equivalent applications,
| including rendering Hypertext Markup Language (HTML) *or other
| functional equivalents, and (ii) serving web APIs subject to the
| restrictions set forth in this Section 2.8*. Use of the Services
| for serving video or a disproportionate percentage of pictures,
| audio files, or other non-HTML content is prohibited, unless
| purchased separately as part of a Paid Service *or expressly
| allowed under our Supplemental Terms for a specific Service*. If
| we determine you have breached this Section 2.8, we may
| immediately suspend or restrict your use of the Services, or
| limit End User access to certain of your resources through the
| Services.
|
| Supplemental terms
|
| > The Cloudflare Developer Platform consists of the following
| Services: (i) *Cloudflare Workers*, a Service that permits
| developers to deploy and run encapsulated versions of their
| proprietary software source code (each a "Workers Script") on
| Cloudflare's edge servers; (ii) Cloudflare Pages, a JAMstack
| platform for frontend developers to collaborate and deploy
| websites; (iii) Cloudflare Queues, a managed message queuing
| service; and (iv) Workers KV, Durable Objects, and R2, storage
| offerings *used to serve HTML and non-HTML content.*
|
| I can't quite figure out how to parse this such that workers
| would be deemed unusable to just run an API.
|
| I'd absolutely have gone ahead with using it for an API.
| tardis_thad wrote:
| Seems like my account was restricted due to
| https://www.cloudflare.com/en-gb/supplemental-terms/#cloudfl...
|
| 2.Cloudflare may, with or without notice to you and without
| liability of any kind, temporarily limit your storage and/or
| the number of requests you can make or receive using the
| Developer Platform for any reason (in its sole reasonable
| discretion), including without limitation, if processing such
| requests would put an undue burden on the Cloudflare network,
| adversely impact the Service, or otherwise threaten the
| integrity of Cloudflare's networks.
|
| To be fair I'm using lots of requests and bandwidth so could be
| reason, just if only I got an email about that before shutting
| everything down.
| 12907835202 wrote:
| Not getting a warning scares me. I moved hosting large GB+
| files from DO Spaces to R2 for the free egress and have
| served 1 petabyte in January alone saving thousands of
| dollars.
| nnx wrote:
| Out of curiosity, are you connecting to third party
| websockets from your workers?
| tardis_thad wrote:
| no, I'm not using WebSockets at all in Workers.
| evrydayhustling wrote:
| I think what you're showing here is the safety net that
| protects them if they make some missteps trying to execute
| what's covered by other policies. But it seems like the heart
| of your cancellation is the interpretation of 2.8, i.e. them
| deciding (probably in an automated way) that the stuff you
| were serving via API (significant volumes of trading data,
| I'd gather) does not qualify as web content.
|
| It's definitely an unfriendly combo to have (a) a really
| ambiguous policy like 2.8 and (b) enforcing via a no-warning
| cutoff -- even if the two policies have good justifications
| individually. But I wouldn't jump to the conclusion that part
| (b) is part of the sales strategy. (Part (a) obviously _is_
| meant to incentivize a paid account for applications like
| yours.)
| IanCal wrote:
| Unless you saw a huge spike I feel like not letting you know
| before is totally unacceptable.
|
| Also, while that's in the terms that's a generic get out
| clause I know they need but doesn't at all help you figure
| out what services are ok.
| tardis_thad wrote:
| No huge spikes at all, so not sure what triggered it.
| bbarnett wrote:
| _Unless you saw a huge spike I feel like not letting you
| know before is totally unacceptable_
|
| I agree... sort of? I mean, this is Cloudflare, right? It
| isn't as if a huge, legit traffic spike should tax their
| infra.
|
| IMO, there should be zero shutdown for any long term
| client, for any reason, at all, ever, without an form of
| contact.
|
| So weird to have stable uptimes, then support saying "we
| sorta think you were blocked because..."
|
| So, even account info, with a valid "block" reason, isn't
| available to their own staff. EG, even their own staff
| aren't notified?!?
|
| This is sales 101. Mega-simple stuff.
|
| "Hi! You are doing bad thing X, and it needs to change, but
| we can fix that right now! Let me help you..."
| manv1 wrote:
| Just imagine how many people that this happens to who don't know
| enough to post online on a forum that lots of people read.
|
| For the CloudFlare people here, this is an upsell opportunity
| that's being missed. The whole point of the cheap plan is to hook
| people so they move up. But if you cut them off you can't move
| them up, duh. You need to rework the sales pipeline for this
| scenario, obviously.
| hereforphone wrote:
| [flagged]
| tardis_thad wrote:
| No, not at all. Seems like by account was restricted due to
| https://www.cloudflare.com/en-gb/supplemental-terms/#cloudfl...
|
| 2.Cloudflare may, with or without notice to you and without
| liability of any kind, temporarily limit your storage and/or
| the number of requests you can make or receive using the
| Developer Platform for any reason (in its sole reasonable
| discretion), including without limitation, if processing such
| requests would put an undue burden on the Cloudflare network,
| adversely impact the Service, or otherwise threaten the
| integrity of Cloudflare's networks.
| majestic5762 wrote:
| I stopped paying for cloudflare after their support team was
| unable to debug why one of my rewrite conditions wasn't working.
| I provided them full details like for kindergarden, but they
| replied after days saying it's working on their end, lol. I
| deeply respect the cloudflare tech and the dev team, but support
| sucks and i don't trust cloudflare anymore. I won't pay even a
| single cent, even if they would have stellar support from now on.
| After reading all these cloudflare stories lately, and knowing
| how they treated me, i don't care about them anymore. Someone
| should write a "you probably dont need cloudflare" article. I'm
| disgusted by these kind of companies that grow large and they
| stop caring for the people who were there with them from day 1.
| genewitch wrote:
| just make your own CDN by installing an old raspberry pi on the
| network of every house you visit. Simple!
| mrjin wrote:
| [flagged]
| smallpipe wrote:
| Lol good luck building anything
| spoiler wrote:
| These shallow quippable sentiments needs to stop on HN.
|
| If you're a small team, cloud costs are probably less than
| having to pay X engineers to maintain a highly available
| infrastructure to meet product SLAs. Saying this is an easy
| task probably just shows inexperience.
|
| If you're a big enterprise, you also pay for SLAs that
| guarantee availability of those computers. Or pay in house
| engineers to maintain racks.
|
| Sometimes you can rent your own data centre rack (or a
| dedicated server through a hosting providers, which is a small
| step up) to host your stuff if you're a small business too, of
| course. But it's harder and usually more expensive when
| starting out.
|
| Like most things in our industry: it depends. For example
| business needs, but not all business operate in the same way.
| ignoramous wrote:
| Btw, the Internet itself is someone else's cables...
| drdec wrote:
| It seems like the issue here was the amount of network
| resources being used. You can't have any kind of SaaS without
| using someone else's network.
| dspillett wrote:
| _> when I got approached by Cloudflare sales team I explicitly
| asked if I can still be on pay as you go /self server model and
| reply was:_
|
| Never entirely trust what is said to you to secure/continue a
| sale, unless you have it written in a contract.
|
| _> ... "Enterprise wise, that's up to you and you could likely
| get away with utilising self-serve as you go_
|
| ... _especially_ if what sales say to you is couched in vague
| works like "likely to get away with".
| JimDabell wrote:
| > Never entirely trust what is said to you to secure/continue a
| sale, unless you have it written in a contract.
|
| This time last week, Cloudflare shut off our access to one of
| their services we were using because we went over quota. Well,
| we had actually negotiated overage charges and did actually
| have this in our contract. They turned the service off anyway
| instead of applying the overage charges we had agreed.
|
| This is one of _many_ things that Cloudflare has totally
| screwed up. Their services and devex look great from the
| outside, but when we started to use it for real, we found that
| it's all beta quality at best and completely disorganised at an
| operational level.
| ddorian43 wrote:
| What was the cost of the overages charges?
| Aeolun wrote:
| That sounds more or less the same as everything AWS produces.
| chronogram wrote:
| Did you resolve it? If so, did you have to use their HN
| customer support or did they have a phone number?
| tardis_thad wrote:
| Lesson learned!
| readonthegoapp wrote:
| i feel like this is a repeating theme, and i've seen it at a
| company i was at.
|
| in my view, the root of the problem is that companies don't have
| usage limits in place.
|
| they often have 'sort of' usage limits in place -- that is, they
| don't actually have metrics for their customers' usage, and that
| leads to these situations.
|
| and these situations are insane resource hogs -- teams of people
| spending days to try to figure out whether some customer should
| be bumped up to the next level.
|
| it doesn't happen, then the customer gets cut off.
|
| pretty messed up for Cloudflare to try and destroy a company like
| that for no reason.
|
| we get these wishy-washy usage/support/sales situations with a
| lot of ambigous back and forth, and BIGCOMPANY trying to kill
| _littlecompany_, etc.
|
| set usage limits, when they're surpassed, move the customer to
| the higher tier, done.
|
| plenty more you can do around the edges, like grace periods, etc.
| etc., but i feel like this is amateur hour and cruel indifference
| - in this case, from Cloudflare -- and not the first time we've
| seen indifference from them, and other BIGTECH companies.
| sschueller wrote:
| I am blocking all of cloud flair. Too much junk traffic either
| directly which doesn't make much sense or forged IPs.
|
| If you are a medium sized business I would recommend finding
| alternatives to cloud flair if you need DDOS protection
| especially if you are running your own equipment. Many ISPs have
| good solutions that work well without you having to break open
| your SSL to use the service.
| Crosseye_Jack wrote:
| Problem with blocking Cloudflare traffic as a whole is that you
| will be blocking Private Relay users too.
| sschueller wrote:
| How does apple guarantee that the private relay traffic via
| cloud flare doesn't include malicious attacks like DDOS from
| infected machines?
|
| I see more and more malicious traffic from cloud flair and
| cloud flare does not respond to abuse reports.
| ignoramous wrote:
| _Private Relay_ has a slice of Cloudflare address space
| carved out just for it: https://mask-api.icloud.com/egress-
| ip-ranges.csv via
| https://developer.apple.com/support/prepare-your-network-
| for...
| luckylion wrote:
| > Many ISPs have good solutions that work well without you
| having to break open your SSL to use the service.
|
| What are they going to do if a botnet with tens of thousands of
| IPs are hitting your server? Nullroute it to take the load off
| their network? Somehow figure out what traffic is legitimate
| and what isn't and just drop a bunch of stuff?
| genewitch wrote:
| before cloudflare companies such as verisign would take over
| _all_ your routing (i think just for the IP range(s)
| affected) to mitigate DDoS. Although if you 're a company
| that has a /20 of ipv4 and whoever is DDoSing you is doing it
| for an actual reason (as opposed to bored teens or whatever),
| they'll figure out you own a huge number of IPs and start
| nuking them all. Verisign could also handle that. There were
| others, comodo maybe? Then cloudflare appeared, it was _way_
| cheaper for smaller traffic sites, then they had so much
| bandwidth in so many places they offered CDNs; and those were
| cheaper than Akamai and whoever the other player was.
|
| I think they got lucky, market placement when they entered
| was entrenched by large companies that _did not_ care about
| small customers at all.
|
| and yet.
| sschueller wrote:
| Larger ISPs have systems like the ones Netscout[1] and others
| offer on their edge connections which can classify such
| traffic and deal with it. If your systems are co-located in a
| DC or you have your own DC you have access to these ISPs.
|
| [1] https://www.netscout.com/product/netscout-aed
| phaedrix wrote:
| Cloudflare support is complete garbage.
|
| We upgraded to Enterprise, and had some issues because CF's
| documentation was not clear (literally a blog post), and their
| support took many days to even respond and then their response
| made it clear they hadn't even read the ticket.
|
| I'd move everything into AWS in a second if moving DNS wasn't
| such a pain.
|
| Also am forced to use the global api token because constantly get
| rate limited using permission-scoped api tokens -- this is from a
| simple Terraform plan (first thing in the morning) and after them
| increasing my rate limit to the max.
| davix55 wrote:
| I'm very interested in this. I also have clients with very large
| usage volumes on CF
| vishalchandra wrote:
| Cloudflare has non-transparent pricing, unlike AWS, which will
| charge you for every thing with detailed usage tracking.
|
| When ever there is non-transparent pricing, it's scary to try and
| use an infrastructure related service.
|
| The sales teams can't go around saying that you are not a
| profitable customer, and they can't argue with the marketing team
| to be more honest about pricing on the pricing page.
|
| So, end result, let's bump of these small free loaders. Large
| enterprise deals is what gets us the bonus anyways.
|
| I like fly.io pricing in that sense. And I am sure there might be
| others offering a more transparent pricing, otherwise like me
| still stuck on AWS.
| rstephenson2 wrote:
| It seems like the $200/mo plan and below are subsidized by
| their marketing budget, and the various ToS terms are there to
| give them discretion over whether those users are worth it or
| not: either low-cost users who are using too many resources, or
| users who they think they can charge more.
|
| I investigated Cloudflare and the $200/mo plan seemed to good
| to be true so I contacted sales who verified that yes, it was
| too good to be true and my usage of the $200/mo plan would
| violate their ToS. They initially quoted $5k/mo over the phone,
| and then came back with a formal quote with a number much
| higher than that.
|
| My take is that Cloudflare's product is so good that they can
| get away with any kind of sales practices they want. It's like
| shooting fish in a barrel: just analyze customers on the
| $200/mo tier and find the ones that look like they could spend
| way more. It's not even wrong in concept: sales upselling is
| SOP, and the low-cost tiers provide a lot of value to people
| who couldn't otherwise afford what they're offering. But the
| combination of the two sure leaves a bad taste in my mouth.
|
| AWS doesn't have transparent pricing either, but in a different
| way. Yes, you can use more and more bandwidth and know exactly
| what you'll get charged, but once you get to Cloudflare
| Enterprise levels of bandwidth the AWS sticker prices would be
| astronomical and everyone negotiates non-transparent lower
| rates.
| yamtaddle wrote:
| My perspective looking at them and other options for a
| bandwidth-heavy, largely non-HTML load a couple years ago:
|
| 1) All but the top self-serve plan ($200 at the time) wasn't
| worth anything for a business past the "finding a market"
| stage. No SLA at all under that level (at least, at the time)
|
| 2) The $200 plan, though, is actually a hell of a bargain. You
| get a lot for it. _If_ your load is almost all HTML /CSS/JS and
| some light-ish worker use. And (allegedly, see #5) your
| bandwidth use isn't _crazy_ high.
|
| 3) They basically don't care about serving any need between the
| top self-serve plan and a ~$5,000-to-start Enterprise plan. If
| you don't fit in the top self-serve but are under that level...
|
| 4) Surprisingly, given their reputation at the lower levels of
| service, in the Enterprise tier, they weren't competitive on
| bandwidth. If the main thing you need to do is sling bits, you
| can do that quite a bit cheaper elsewhere. Overall, they seem
| to want customers who need _lots_ of their services, not just
| any one component. If you don 't need their various corporate
| VPN type products and a bunch of other stuff, they're a bad
| fit.
|
| 5) We were told by a competitor that OP's experience is common
| and is often perceived by customers (their perception, mind
| you) as a bait and switch (see also: that huge gap between
| self-service and enterprise, in which they offer no options).
| Now, the competitor has some self-interest there, but even the
| non-sales guys on the call instantly kinda smirked and shook
| their heads when I mentioned CloudFlare.
|
| 6) We were told incorrect things by CloudFlare's sales folks.
| If we'd followed their advice, we might be OP.
| worldofmatthew wrote:
| fly.io is pretty expensive compared to wholesale bandwidth
| rates. Especially for Europe.
| iancarroll wrote:
| Their bandwidth pricing is competing with AWS, not wholesale
| bandwidth rates.
| onphonenow wrote:
| This is the big issue. There is always tension in these "free"
| setups.
|
| I get more worried when the giveaways / marketing is VC funded
| - they often end at some point or pressure inside to dial back
| etc.
|
| "We have free egress to Oceania!" - no, you don't. You are
| subsidizing that.
|
| Given what aws charges and how they charge for almost
| everything- no reason to be any pressure to move me to another
| plan. AWS free tiers are relatively minuscule
| ddtaylor wrote:
| Welcome to Google I mean Twitter I mean Facebook I mean
| cloudflare support.
| rvz wrote:
| Last but not least, Stripe support.
| lloydatkinson wrote:
| I haven't even used Stripe yet but I'm wary of ever relying
| on it from all the horror stories. It's almost become common
| sense to use two payment provides, and just rotate between
| them. More work but when one goes wrong, it's only half your
| income gone not all of it.
| nubinetwork wrote:
| To be fair, most of the stripe whiners I see on here are
| trying to do shady shit... like that guy last week who didn't
| think we'd connect the dots from his last shady stripe
| scheme.
| philliphaydon wrote:
| Got a link? Curious what he was doing!
| tpxl wrote:
| "Shady shit", aka nothing illegal. If it was illegal,
| there'd be police, not account closure.
| supriyo-biswas wrote:
| Companies dealing with money often have AML obligations
| which means shutting down the shady shit before police or
| regulators get involved.
| nubinetwork wrote:
| Actually, my mistake... it was almost 3 weeks ago.
|
| https://news.ycombinator.com/item?id=34383720
|
| https://web.archive.org/web/20230114202232/https://news.y
| com...
| fragmede wrote:
| Ah damn, all it says is "I was advised to remove this
| post" and what was there before is not in archive.is
| sokoloff wrote:
| It's somewhere in there:
| https://news.ycombinator.com/item?id=34384172
| nubinetwork wrote:
| The OP got saved in the wayback, I edited my earlier post
| with the link.
| rafaelturk wrote:
| I really curious about how this unfolds, I was planning to
| migrate from AWS Lambda to Cloudflare Workers. And we have LOTs
| of Json, and APIs. Why would they cancel paying Workers
| customers?
| batter wrote:
| If you're looking eagerly to replace human support with
| searches of someone from CF on HN to help... why not.
| pmezard wrote:
| Since "there is no such thing as bad publicity":
|
| - Is that a good way to get cheap "influencers"?
|
| - Are there companies helping you measuring the potential
| "outreach" of your customers in case you piss them off?
| sgarg26 wrote:
| i'm about to move a significant amount of traffic to cloudflare.
| holding off until i see how this is handled. Can you please
| update this to reflect the total time of service outage and time
| to resolve. As a busy tech company, this is an unneeded problem.
| We pay cloudflare to be fast. Not make our sites slow and
| unresponsive.
| tardis_thad wrote:
| Outage started around 00:00UTC today.
|
| I was able to contact via support chat to confirm it's indeed
| Cloudflare related issue as wasn't sure as it's not displayed
| in any form on Cloudflare dashboard that indeed account is
| restricted. That was around 8AM UTC.
|
| Since then I also contacted with sales team (got the details
| already as they approached me in last few weeks as mentioned
| before) in order to upgrade to Enterprise plan as it seems like
| the only solution, but did not get the quote yet and account is
| still restricted.
| miroljub wrote:
| Seems like blackmail from the Cloudflare side. Waiting for a
| quote while having an outage doesn't give any negotiation
| possibility.
|
| However, good luck. And hope your enterprise contract with
| Cloudflare will be limited only to amount of time you need to
| migrate from their platform.
| herodoturtle wrote:
| > Since then I also contacted with sales team ... in order to
| upgrade to Enterprise plan as it seems like the only solution
|
| Talk about coercion.
|
| Considering that you weren't, technically speaking, violating
| any terms of service, this response from them leaves a very
| bitter taste in my mouth.
|
| Good luck, and thank you for sharing this with us all.
| password4321 wrote:
| The correlation between between being contacted by
| Cloudflare sales and the throttling should serve as a
| warning for other customers.
| tardis_thad wrote:
| Around 12:00UTC today ban has been lifted for my account
| thanks to @jgrahamc - thanks!
| BeefWellington wrote:
| So you got a 12 hour outage over... Some random automated
| system kicking you off their platform for serving non-
| HTML in requests, which they _demonstrate doing in their
| documentation_?
|
| Truly amazing.
| sparrish wrote:
| Your biggest mistake is building a service that depends on a
| single vendor. Where's your redundancy? Where's your
| failover?
|
| Creating a HN post is not a proper failover strategy.
|
| All vendors do crap like this. They often have automated
| systems that sometimes make mistakes. It's your
| responsibility to build a system that takes these failure
| points as a reality and build working redundancies and
| failovers to keep your service online while you sort them
| out.
| is_true wrote:
| By now most SLAs are already breached
| ddorian43 wrote:
| How are you using the workers? Is the JSON cached? Where do you
| get the JSON?
| tardis_thad wrote:
| I'm using Workers as basically API gateway/smart load balancer
| to backend services that handle actual load (resource intensive
| data filtering). Most of the responses are not cached on
| Cloudflare level. Thing is that I was using Workers for about 4
| years already with not issue at at all, I'm aware that I use
| lots of requests and bandwidth but I just wish I was contacted
| about mandatory upgrade before effectively turning my service
| down.
| ddorian43 wrote:
| How much are you paying for the workers/month?
|
| Why didn't you use the load-balancer service?
| ignoramous wrote:
| > _Why didn 't you use the load-balancer service?_
|
| Speaking from experience, if you only need rudimentary L7
| load balancing, then Cloudflare Workers is as good as it
| gets.
|
| > _How much are you paying for the workers /month?_
|
| Per my estimate, probably between $600 to $2000 for
| Workers: https://news.ycombinator.com/item?id=34639930
| luckylion wrote:
| > Speaking from experience, if you only need rudimentary
| L7 load balancing, then Cloudflare Workers is as good as
| it gets.
|
| What would you do in Workers that you couldn't do with
| Load Balancing? LB handles origin health, can do traffic
| steering, session affinity etc included. With Workers,
| you'd need to take care of all that.
|
| I see a point if the Workers do some lifting / caching /
| transforming etc before passing on the requests, but as a
| simple load balancer, the actual Load Balancing service
| seems a better fit.
| [deleted]
| tiew9Vii wrote:
| That's interesting.
|
| I'm using cloudflare pages with workers doing the same as you
| on a much smaller scale. The workers reverse proxy a rest api
| under the same host so I don't need to worry about CORS, take
| the country HTTP header provided by Cloudflare then route the
| request to backend servers in the nearest AWS region and also
| cache any responses with cache control headers utilising
| Cloudflare's Edge caching. It works great and gives a fast
| user experience regardless of where you are in the world.
|
| I was going to implement rate limiting backed by durable
| objects to protect my backends.
|
| It seems exactly the usecase and ideal usage of workers! Now
| seeing this, it has me rethinking using/investing in
| cloudflare if they can decide if they like how you use
| workers or not and kick you off. It shouldn't matter what
| output the worker generates as long as it conforms to
| https://developers.cloudflare.com/workers/platform/limits/
| [deleted]
| tardis_thad wrote:
| Around 12:00 UTC today ban has been lifted for my account thanks
| to @jgrahamc - thanks!
| MrGilbert wrote:
| So HN to the rescue again. It's unfortunate (although the
| outcome is great for you!) that you have to go through the
| social media amplifier first.
| causi wrote:
| Personally I maintain my opinion that problems getting fixed
| by HN are a bigger red flag than problems not getting fixed
| at all. The HN reader Upper Management Person either thinks
| putting out fires before they become higher profile failures
| is a cheaper way of avoiding bad press than instituting
| actual good policies with regards to not fucking over their
| customers, or they want to implement those policies but are
| not competent to do so.
|
| "Send me your details and I'll fix it" = incompetent or
| asshole
|
| "Don't send me your details, I've fixed the problem for you
| and everyone else with the same issue" = green flag
| jefftk wrote:
| It's very common that you need someone's details to fix
| their situation right away, and avoiding similar situations
| in the future will take relatively slow engineering and
| policy changes. Additionally, details about a particular
| person's case can be helpful in understanding how exactly
| your process went wrong. Asking for details is not a red
| flag to me at all.
| negidius wrote:
| They may need the user's details to look into it and
| determine if it's an actual issue. When they have done
| that, it makes sense to fix it for that user at the same
| time. They should definitely come back and tell us that
| they have fixed it and why it happened as soon as possible
| afterwards, but I would understand if it takes a few weeks
| given normal levels of corporate bureaucracy.
|
| That said, it's bad that this happened in the first place,
| and it makes me a little anxious about using Cloudflare's
| services.
| maxgashkov wrote:
| > "Don't send me your details, I've fixed the problem for
| you and everyone else with the same issue" = green flag
|
| While I agree with the sentiment, fixing it in this way for
| any org of the CF-like scale will take days or weeks
| (because of peer reviews, compliance etc.). Fixing it fast
| by adding exception in some control panel is probably fine.
|
| What's alarming is that the escalation process didn't
| really change for all the time I'm using Cloudflare as a
| customer (8 yrs now?) and watching jgrahamc's involvement.
| The fact he has a bat signal trained on the HN is a major
| red flag.
| hnthrowaway0315 wrote:
| Well OP chose to use Cloudfare and stay on it. It's his
| choice.
| znpy wrote:
| On the other hand, any company should consider as soon as
| financially possible to get paid support and a TAM (technical
| account manager) from their main infrastructure/service
| provider... most things can be managed and escalated through
| such people.
| tinus_hn wrote:
| Perhaps there should be a site with metrics on which services
| only provide social media outrage mediated support.
| cinntaile wrote:
| It would be interesting to see what caused the ban and what
| will be done by Cloudflare to prevent this from happening in
| the future. It is good that your issue got solved but I hope
| others that don't know about HN can also benefit from a more
| structural fix.
| eganist wrote:
| Hey tardis_thad, can you please do a detailed post mortem on
| this?
| tardis_thad wrote:
| I don't know anything more just yet, just that my account was
| unbanned.
| zapt02 wrote:
| > Small SaaS > 4 billions requests & 1PB of data per month
|
| Pick one!
| Alifatisk wrote:
| > 4 Billion requests
|
| > 1 PB of data
|
| That's not small for me but might be small to OP relatively
| speaking.
| tardis_thad wrote:
| Small in a sense it's only me running it and relatively low
| customers number (~400). So in that sense small applies?
| Roark66 wrote:
| Looking at this with interest as I've multiple projects on
| cloudflare now and in development.
| sanat wrote:
| Likewise
| easel wrote:
| And another
| sparrish wrote:
| The lesson here isn't that you can or cannot trust Cloudflare.
|
| You can't trust any vendor. Build your system with redundancies
| and failovers so no 1 vendor can take your system offline.
| mblast311 wrote:
| Well this isn't good. I'm leading an effort to move some of our
| services and about a hundred domains over to Cloudflare.
|
| Given all of this I think we're going to have to push pause and
| see how this shakes out.
| iinnPP wrote:
| I recently signed up to CloudFlare for their Yubi key deal that
| was still being advertised on their website. A week later I
| received an email saying only customers subscribed by a certain
| time could claim the offer.
|
| I asked them to delete my data or provide the Yubi offer and they
| did neither. So they sit in an email folder known as bad
| companies. Because my data has value and they lied to obtain it
| for their own gain (aka fraud).
|
| In Canada we have private prosecution/rules about falsely
| acquired data. Every bad story on HN puts me closer to opening
| that folder up and ensuring my data costs at least 100k.
|
| Enough is enough.
| ecoNoIGGERmy wrote:
| [dead]
| danuker wrote:
| Report them to Consumer Affairs.
|
| https://ised-isde.canada.ca/site/office-consumer-affairs/en/...
| gnu8 wrote:
| There isn't a practical way to fractionate their revenue or
| determine what proportion of their profit is derived from your
| data. This can be proved by the fact that there is no way to
| make any money with only the data you gave to them separated
| from the rest of their customers and potential customers.
| Therefore you are entitled to all of their revenue. Please
| clean out their shareholders and destroy their business. They
| deserve this for not cooperating with you. It would be very low
| cost or low effort to correct their mistake and they are
| choosing not to because it is easier.
| dd36 wrote:
| Sure there is a way. In fact, there are many ways. CAC/
| conversion ratio would give you the value of a quality lead.
___________________________________________________________________
(page generated 2023-02-03 23:01 UTC)