The way I read the screenshots of the emails from the articles seemed to suggest that something the authors company was doing was causing issues with IP reputation on CloudFlares range.
Them very aggressively highlighting the BYO IP feature and then even suggesting third parties to rent IPs from strikes me as a significant detour from their normal “script” (having dealt with their AU sales team before).
CF calls and says there is a problem with traffic. They want to push an enterprise plan. Customer says no.
CF calls and says there is a problem with domains. They want to push an enterprise plan. Customer wants to solve problem, dropping domains, making changes. CF says, only enterprise plan will remedy the situation.
There is obviously a sales script involved.
“get back to Trust & Safety"
Heard that story several times, it's always another team, e.g. "Licensing" that need to be satisfied, or that if you don't pay up, that team will be off the leash. Also heard the pay-for-a-year-upfront for several large vendors who pull this. The reason is, some sales reps need to make numbers, so they shake the tree and see who falls down:
"Cloudflare has absolutely no information on when they will force you into custom billing, but when they start "urgently" needing to talk to you you're probably not going to get out until you have a juicy custom contract with them."
this is exactly what is happening. Cloudflare uses an anycast network, so IPs are shared by default.
this customer is damaging Cloudflare IP reputation which hurts other customers. Cloudflare can either fire the customer to protect other customers using Cloudflare IPs, or force this customer to use their own IPs and damage/manage their own IP reputation.
unfortunately this is expensive and OP is mad they can't do their legally fraught gambling operation on Cloudflare's addresses for free
They're mad that cloudflare cut them without real warning. And they should be! Anyone can get on a big company's bad side, and if there aren't extremely important messages being withheld by the author this makes it scary for anyone to use cloudflare.
If a custom IP is going to be mandatory, they need to say that and give a deadline, at the very least.
The IP-reputation damage is immediate. Cloudflare is choosing to pass the hard landing directly onto their customer instead of forcing their other customers to share the damage.
As a CF customer, I am happy that Cf is preventing another business from damaging mine.
The ToS doesn't say anything against gambling sites. Even if there was IP reputation damage, it's not appropriate to cut them off so immediately. Especially when they're a long-term paying customer.
Cloudflare could've just said so. Cloudflare also chose to make BYOIP expensive.
They could've explained the problem ("your gambling business is a problem for our IP reputation") and offered a solution ("we can switch you over to BYOIP so this won't be a problem"), but instead they sent in an army of sales reps that demanded an upfront payment for a product tier that they only needed one small part of, to the point of sales people pretending to be part of other teams.
It makes business sense to kick out casinos, but OP got fucked over by Cloudflare's shitty practices.
If this is what's happening, the right behavior is to say that and terminate OP's service. Even if OP is in the wrong, Cloudflare did such a bad job communicating with them that they come off as extortionate.
This feels like a reaction to Edge beginning to eat the enterprise market.
The problem is convincing anyone to buy on to gamble if this product will exist by the end of the contract.
I haven’t looked closer, but it’ll be very funny if this is fully GPO driven when Microsoft is already pushing for cloud configuration via Intune instead.
I had this discussion before and thought long about using Caddy, but then decided for nginx, directly on the host, basically following this reasoning [1].
My main motivation is that there is just more information available for nginx due to its wider use. And when you need to customize Caddy due to different requirements by services, you end up with the same or worse complexity compared to an nginx .conf. Nginx is just very robust and the configuration is not so hard to get used to.
My go-to for anything more complicated is definitely NGINX, but for ease of use in a very straightforward docker containers running HTTP services, it’s hard to beat the ease of use of the modified version of Caddy I linked
