Hello World!
It was a server-side block, from Cloudflare (security rule specifically). I’m very familiar with it, having used the same service over a decade. They are able to tweak the overall security level, or specific WAF rules for the endpoint in Cloudflare. They also have analytics that will show them exactly how many cancellation requests would be blocked. The fact that they totally ignored these details in my ticket, is concerning.
Maybe, but it would also be very easy to blame on misconfiguration / mistake. Honestly, it wouldn’t surprise me if the behavior itself isn’t purposeful, but ignoring / not fixing it is. I’ve definitely seen such behavior at other companies, where they drag their feet on fixing a bug that is bad for the user, but helping them.
On a related note… I went to cancel a membership a few weeks back, and the site displayed a message “you don’t have an active membership to cancel”. I thought it was strange, so I checked out the network requests being made, and turned out the cancel API call was getting blocked for “security reasons”. Nothing else on the site was blocked for me, just the cancellation endpoint.
I opened a ticket, and it took them nearly 2 weeks to respond, and there was zero acknowledgement on why cancellation would be blocked.
Not sure if it’s a purposeful dark pattern, but it sure seems like it!
An ultralisk was the first thing that I thought of.
Thanks for the suggestions!
Ventoy is awesome, love being able to load a ton of different boot images on a single USB drive! The only issue I’ve run into is the occasional image that won’t boot. Not sure if this is expected, or you need to sometimes tweak settings to get it working?
It isn’t how it works today. I’m talking about sometime in the distant (or near) future. Surely at some point AI will have the capabilities on par with at least a low level hacker.
Or, if you still think that’s a stretch, just imagine all the ways perfectly legitimate software can cost companies money. Not through malicious design, but just by mistakes.
If it’s something mission critical, consider following the 3-2-1 backup rule.
I tend to use whatever built-in snapshot option the service provider offers, and then for off-site backups can use something like Veeam (free for first 10 VMs / machines) - https://www.veeam.com/virtual-machine-backup-solution-free.html
Sounds like what you want is some form of webhooks that your customers can sign up for, that will send out when the reports are complete.
There are quite a few ways to do that. One I’ve looked at recently is Convoy, for setting up a user-facing webhook Dashboard -
By using webhooks for delivery, then your actual configuration / viewing of schedules just becomes standard API calls.
Interesting article, thanks for sharing!
I’ve run a (nowhere near as popular) public API for just about 10 years now. Definitely relate to the bit where he mentions people simply retrying the same request when they get an error. 😂
I get a lot of students using the API for learning projects, which is great! But it also means my rate limiting is more often protecting my server from accidental infinite loops, rather than anything purposely abusive.
I picked up a 4070 and have been really happy with the low power draw (and therefore heat) after undervolting it.