WebPositive has been blocked

I opened the site https://pythongeeks.org/ and got the follwing warning:

The service from cloudflare on this site blocked Webpositive with this comment:

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.

I opened the same site in Dooble and it worked. Webpositive must be a dangerous thing… :rofl:

1 Like

You could contact the site owner and complain about their negative discrimination against the Haiku users :wink:


Something similar happening here too at this URL.

CDN’s like Cloudflare and web frameworks are created to force us to use technologies that they want us to use. It is the same tactic as Microsofts “Embrace, extend, and extinguish” (Embrace, extend, and extinguish - Wikipedia). It’s pure evil.

I refuse to play their game. I use the technologies I want. I just don’t use services that forces me to use a particular technology, without exceptions. That includes no longer being able to logon to my banks online service. I will never budge.

TLDR: Stop using services that force you to change your choice of technology, No exceptions.

Edit: WebKit is also part of this strategy.


CloudFlare is more stupid than malicious in that aspect. They just flag anything “unusual” as suspicious. WebPositive is unusual on the web and so it gets tagged as suspicious. They just decided to not care about unusual browsers. If it works in Chrome, 90% of the users are happy and that’s enough users. And they can say “hey, did you know that 10% of the traffic to your website is suspicious and we can block it?” which is a selling point for them. So, their business model is actually preventing people from accessing the websites they host.

The best ways to improve this are:

  • Complain to CloudFlare that they should fix their mess,
  • They probably won’t, so complain to website owners that they should stop using CloudFlare because of such decisions.

If you believe the biggest actor in the market do not know what they are doing, then I have a bridge to sell you.

It could be a coincidence that EVERY major CDN and EVERY major framework does the same mistake by ACTIVELY blocking technologies that are not controlled by a few major actors. The probability is almost zero, but sure, it is not zero.

1 Like

Change the User-Agent string?


Yep its the user agent that causes this… I had switched my user agent in Firefox awhile back for a certain site and forgot that I had done this, and started getting cloudlfare blocking be more no real reason.

Getting blocked from websites that willingly use cloudfare seems like a win win to me.

(I wouldn’t mind just stealing macoses UA completely, why should anyone care that webpositive is different)

1 Like

Cloudflare is getting worse and worse.
I’ve had issues with them blocking Tor users for years.
For a long time I circumvented that by using some shady but free web proxy services.
Not ideal,but hey,better than giving Cloudflare my real IP address.
Now they also block 99% of public web proxy sites.
And it seems that with the error shown above,they now even block browsers they don’t know.
I try to avoid sites that use Cloudflare if I can,it’s most times just not worth the effort of working around their “security” bullshit.


Cloudflare and other CDNs business model is no different from the mafia; they create a problem and then offer their services to solve the problem they created “to help you”. DDoS attacks were not a problem before CDNs existed.

1 Like


DDoS attacks happened even unintentionally. Websites were “slashdotted” when a link was shared on some websites that generated a lot of traffic. It happened a few times to Haiku, even.

And “denial of service” attacks have an history tracing at least back to 1996 according to Wikipedia. Sure, they didn’t need to be “distributed” back then, a single machine was enough.


My favorite ddos attack from reading about it was sendmail ddos’ing apples mail relay, because every hop would send an email back to apple about there beeing an error in the mail envelope, but also pass it on to the next sendmail hop :slight_smile:

1 Like

I did not say they did not exist. I said they weren’t a problem.

This is stupid. Why? Because whatever content you open, regardless of operating system or user interface kit,etc.,will be processed by the CPU in the only language it understands, which is binary.
This actually goes against the accessible nature of the internet. If the provider doesn’t like my hardware, or operating system, the I will not do any kind of business with them. Not a single cent, and not a single cookie.

1 Like

Very good! The only way to stop all these bad (evil) practices is to refuse to support them. For anybody that hasn’t tried, it is actually very liberating doing so. It is inconvenient in the beginning (convenience is one of their main weapons) but the feeling that you’ve stood up for what you believe in is very powerful and will out-power the inconvenience.


The cynic in me wonders whether Google’s latest proposal is going to make things worse for minority browsers…


Never attribute to malice that which is adequately explained by stupidity.

Hanlon’s razor


Yes. It has the same problem that the DRM support developed for Netflix has (Widevine) has. It can only be implemented by closed source systems, otherwise it would be too easy to recompile your own version that extracts the video to an unencrypted file.

This is the same, but for the whole web browser instead of just videos. We would have to find someone that would inject some spyware code that will scan the browser, make sure there is just the code they expect in WebPositive and nothing extra. If you have an ad blocker or some other extension like that? That’s not certified, you’ll have to deinstall it. You use an unknown browser that the DRM has not signed? Your bank website will not let you open your account because that may be unsafe. You use a browser on a rooted android phone? No, that’s unsafe, websites can now detect it and block you.

This is an attempt at closing up the Web. Mozilla have already said they’re against it. We’re waiting about WebKit (mainly Apple) reply on it now, and we’ll see which way they side. Will they single out Google and tell them it’s the one step too far? Or will they side with them and effectively kill Mozilla by preventing their browser to access the DRM protected walled garden part of the web (and basically kill the open web as we know it today)?


Apple already has a limited version of this system, apparently, it just wasn’t generally noticed until recently: