It's definitely a problem for us, although it's fewer nameservers than I expected :)
No idea how I missed custom nameservers on business plan.. Hope it's something they added this year, otherwise I feel quite embarrassed.. It's too pricey for personal use (since the plans are associated with websites and not accounts) but the company will probably upgrade a few of the websites, thanks!
> We're building out our storage products -- we started with Workers KV, our distributed Key-Value store, and will to continue expanding our offering to support more use cases.
I have no affiliation, but would love to see a partnership with Dgraph.. Feels like a perfect match for both parties.
Do you have plans to provide a Workers KV interface that would allow us to search for keys, as well as view, modify and create new KV entries?
Also, it's currently only possible to avoid leaking that multiple websites belong to the same entity by creating multiple Cloudflare accounts due to the nameservers. This means that if we want to use Cloudflare workers for our 5 unique nameservers, then we would have to do a lot of unnecessary duplication. So on a somewhat unrelated note, do you have any plans to add support for adding additional nameservers to a Cloudflare account (this is currently holding us back from using Workers over Lambda, and it's something we would gladly pay for).
For automation I would recommend ratelimiting endpoints. I personally tend to use 5 requests per IP/second along with 100 requests/minute as default and then override specific endpoints to e.g. 1 request per IP/hour.
For user input I recommend keeping the first comment submitted by a new account/IP hidden until you/moderators have approved it, after which new comments from that user no longer needs to be approved before they become visible to other users.
Claiming it's trivial to detect feels like a weak attempt to try to discourage people from using the extension because it's anything but, and that it's something ad networks fear will become mainstream like regular adblockers.
The click baits/traps would, in terms of cookies, be countered by the Cookie AutoDelete extension and whenever you browsed in private mode. As for blacklisting IPs, that seems very risky since an IP is often shared among many users (and it's always a risk people use same device, e.g. a MacBook), and it would continue to result in an increasing amount of legitimate users being wrongfully blacklisted as the extension's user base grew. Moreover, assuming these techniques are actually used, then it's safe to assume that at least a few ads would be clicked before they detected they were malicious clicks. And this would be the case whenever a user used a new IP with no cookie present. I'm definitely not convinced it's something ad networks can reasonably detect, especially considering it's important that the ads are served as fast as possible.
It's a shame an otherwise interesting article is plastered with the author repeatedly trying to promote and self-congratulate himself, and take credit for something which has undoubtedly been reported by hundreds, if not thousands, of people. Anyhow, I sincerely hope Google gets slapped with a huge fine, and that one day individual-user-targeted-ads will become illegal.
No idea how I missed custom nameservers on business plan.. Hope it's something they added this year, otherwise I feel quite embarrassed.. It's too pricey for personal use (since the plans are associated with websites and not accounts) but the company will probably upgrade a few of the websites, thanks!