Apart from running it well and keeping up to date (recent update seems to have gone well, with a nice example of instances and admins helping each other!?), some redditers seek the big instances?? Curious how communities will adapt.
@ruud
I had a list of competing commercial alternatives somewhere.. maybe I can dig it up. But I would certainly touch base with jerry@infosec.exchange because I think he dealt with attacks quite cleverly without having to use CF or any MitM of that kind. Part of his solution involves standing up an onion host & redirecting tor traffic there. But before that step, he has a way of tar-pitting suspicious traffic on the clearnet side. There is also a fedi user “tallship” who suggests having a few VPSs geographically spread out and load-balanced with some fancy DNS stuff that’s over my head.
@ruud There’s also a baby step in the right direction that can be taken to minimize CF exposure until a permanent fix is established: a site can use a Cloudflare NS service but not the reverse proxy service. When the server load hits a set threashold it can turn on the CF proxy on-the-fly until the load drops. So at least during off-peak moments users have a chance at not being exposed to or blocked by CF. This approach is used by forum.fail and kbin.social, last time i checked.