Methods of avoiding Cloudflare blocks when posting code
by astrogeek from LinuxQuestions.org on (#6DB9P)
Numerous members have complained about the inability to paste code snippets here at LQ. This is an especially important issue for participants of the Programming forum, for obvious reasons.
The problem is not caused by LQ itself, unless you wish to blame LQ for using Cloudflare (which I admit has crossed my mind). But the truth is that for a public facing website such as LQ to be available at all in the current abusive social and internet environments it must either have knowledgable staff dedicated to management of the problem or subscribe to external services to manage the problem. LQ has chosen to use Cloudflare.
Cloudflare applies multiple criteria to different parts of the problem, but here we focus on only 1: Pattern matched blocks. Incomming requests are scanned for patterns frequently found in intrusion and exploit attempts, and blocks those requests.
For example, this simple code snippet...
Code:<?php
echo "Hello World!";
?>... currently results in the following bolded but mostly useless message when I attempt to post it in a thread here at LQ.
Quote:
Contacting the site owner only increases workload for them and they will simply not often be able to offer much in the way of help - it isn't in their control either!
Surely there is a more sensible way to resolve this annoyance!
A little trial and error will show that it is the string of characters <?php which produces the blocking match in this case, so the question then becomes how to prevent the match without obscuring the code for other members?
There are multiple ways of doing this, but the one I use most, and one that is easy for even me to remember is to break up that string with BB code markup which produces no effect in the web page when viewed, such as empty italics:
Code:<?[i][/i]php
echo "Hello World!";
?>It also helps reduce frustrations and arguably improves the quality of the final post, to write the post in a text editior first. This way you will not risk wasted effort should your attempt to post end up with a block from which you cannot recover for any reason. And as is always advised, reduce your code snippets to just that necessary to support your question or reply, which makes it easier for you to identify blocking portions of the example.
When you are blocked, take a deep breath, refrain from kicking the cat, hit the browser's Back button, and try to identify the cause by successively removing sections of code to narrow the possibilities (often there may be more than one)! When you find it, try the above method of breaking up the matched pattern to slip past the censors!
Although I have posted only one example, I have seen many in various programming languages, filesystem paths and even in comment text. The matching rules almost certainly change continuously to match whatever Cloudflare defines as the current threat level, so what works today may not work tomorrow.
I have started this thread mostly as a repository for examples of blocking code snippets and methods of avoiding the blocks. Discussion of the larger problem will surely take place as well, but let's try to focus on identifying common causes of blocks and their solutions as much as possible.
So when you encounter a block please return here and post the offending pattern, and the fix you use to get around it here at LQ. If you find one you cannot easily work around, describe it as clearrly as you can we will try to make it work!
The problem is not caused by LQ itself, unless you wish to blame LQ for using Cloudflare (which I admit has crossed my mind). But the truth is that for a public facing website such as LQ to be available at all in the current abusive social and internet environments it must either have knowledgable staff dedicated to management of the problem or subscribe to external services to manage the problem. LQ has chosen to use Cloudflare.
Cloudflare applies multiple criteria to different parts of the problem, but here we focus on only 1: Pattern matched blocks. Incomming requests are scanned for patterns frequently found in intrusion and exploit attempts, and blocks those requests.
For example, this simple code snippet...
Code:<?php
echo "Hello World!";
?>... currently results in the following bolded but mostly useless message when I attempt to post it in a thread here at LQ.
Quote:
| Sorry, you have been blocked You are unable to access Linuxquestions.org Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. What can I do to resolve this? You can email the site owner to let them know you were blocked. Please include what you were doing when this page came up and the Cloudflare Ray ID found at the bottom of this page. |
Surely there is a more sensible way to resolve this annoyance!
A little trial and error will show that it is the string of characters <?php which produces the blocking match in this case, so the question then becomes how to prevent the match without obscuring the code for other members?
There are multiple ways of doing this, but the one I use most, and one that is easy for even me to remember is to break up that string with BB code markup which produces no effect in the web page when viewed, such as empty italics:
Code:<?[i][/i]php
echo "Hello World!";
?>It also helps reduce frustrations and arguably improves the quality of the final post, to write the post in a text editior first. This way you will not risk wasted effort should your attempt to post end up with a block from which you cannot recover for any reason. And as is always advised, reduce your code snippets to just that necessary to support your question or reply, which makes it easier for you to identify blocking portions of the example.
When you are blocked, take a deep breath, refrain from kicking the cat, hit the browser's Back button, and try to identify the cause by successively removing sections of code to narrow the possibilities (often there may be more than one)! When you find it, try the above method of breaking up the matched pattern to slip past the censors!
Although I have posted only one example, I have seen many in various programming languages, filesystem paths and even in comment text. The matching rules almost certainly change continuously to match whatever Cloudflare defines as the current threat level, so what works today may not work tomorrow.
I have started this thread mostly as a repository for examples of blocking code snippets and methods of avoiding the blocks. Discussion of the larger problem will surely take place as well, but let's try to focus on identifying common causes of blocks and their solutions as much as possible.
So when you encounter a block please return here and post the offending pattern, and the fix you use to get around it here at LQ. If you find one you cannot easily work around, describe it as clearrly as you can we will try to make it work!