Feb 06, 2025 20:00:00

Cloudflare blocks minor browsers, Cloudflare promises to investigate but leaves it alone with no response

A user on the social news site Hacker News has reported that users of non-mainstream browsers, including

Pale Moon , are still being rejected by Cloudflare's browser validation. A Cloudflare representative explained in a post on Hacker News that the problem was caused by an 'unintentional bug,' but users of minor browsers have reported that there are no signs of improvement.

Tell HN: Cloudflare is blocking Pale Moon and other non-mainstream browsers | Hacker News
https://news.ycombinator.com/item?id=42953508

Cloudflare is a major technology company witha proven track record in hosting services and security services such as DDoS attack protection. However, Cloudflare's one-size-fits-all approach, which holds approximately 70% of the market share in the content delivery network (CDN) field, has led to frequent problems such as small businesses and individuals having their internet access severely restricted.

A story of what can go wrong when you are blocked by Cloudflare - GIGAZINE

On February 5, 2025, Hacker News user Hold-And-Modify posted that 'Cloudflare's browser integrity check, validation, and challenge feature, used by many websites, is denying access to users of non-mainstream browsers like Pale Moon.'

It all started with a post on the Pale Moon forum on January 31st about an 'infinite validation loop problem.' When Pale Moon users encounter this problem, Cloudflare's browser validation never finishes.

According to Hold-And-Modify, this issue occurs periodically, about once a year, and even if you report it to Cloudflare, there is no way to resolve it. One Pale Moon user who was fed up with the situation complained about being denied access on Cloudflare's forum, but the topic was flagged as spam and closed.

In addition to Pale Moon, other browsers that have been reported to be access denied include Falkon, SeaMonkey, IceCat, and Basilisk.

This isn't the first time this has become an issue on Hacker News, with a post about Cloudflare blocking Pale Moon and Waterfox Classic making waves in 2022.

A person claiming to be a product manager at Cloudflare appeared on the thread , explaining, 'This appears to be a bug inthe Managed Challenge . The feature distinguishes between browser and non-browser traffic and blocks non-browsers.'

The user, who goes by the handle 'adammartinetti,' apologized, saying, 'The Managed Challenge not working was not intentional, and we are not claiming that one browser is more legitimate than another. We apologize for causing serious issues for so many users, and for not being able to reach you on the community forums.'

We can't confirm whether this user is actually a Cloudflare employee, but we can see that Adam Martinetti, Cloudflare's senior product manager for bot management, has an account on the Cloudflare official blog and on LinkedIn .

About three years have passed since a person believed to be Cloudflare's Martinetti made a statement on Hacker News and promised to follow up if there was any new information about the bug, but Hold-And-Modify said, 'At this time, there has been no official response from Cloudflare. Internet access continues to be denied by the company's tools.'