Cloudflare flags archive.today as "C&C/Botnet"; no longer resolves via 1.1.1.2
Cloudflare has controversially flagged archive.today as "C&C/Botnet" on its 1.1.1.2 DNS resolver, preventing resolution for users opting for malware protection. This move by a major internet infrastructure provider against a prominent archiving service has sparked debate, recalling past conflicts and igniting discussions about censorship, network neutrality, and the platform's alleged malicious activities. The HN community is divided, with some supporting Cloudflare's action due to recent DDoS accusations against archive.today, while others question the implications for internet freedom and archival access.
The Lowdown
Cloudflare's Radar platform now categorizes the archiving service archive.today (and its variants like archive.is) under several flags, most notably "Command and Control & Botnet." This classification means that Cloudflare's 1.1.1.2 DNS resolver, which filters out malware, will no longer resolve these domains, instead returning a 0.0.0.0 address. This action follows previous accusations against archive.today regarding its alleged involvement in DDoS attacks and a subsequent decision by Wikipedia to deprecate its links.
- New Cloudflare Classification:
archive.todayis now flagged as "CIPA Filter," "Reference," "Command and Control & Botnet," and "DNS Tunneling" by Cloudflare. - DNS Resolution Impact: The 1.1.1.2 DNS resolver, designed to block malware, will no longer provide valid IP addresses for
archive.todaydomains, returning 0.0.0.0. - Historical Context: Cloudflare's action comes after reports of
archive.todayallegedly directing DDoS attacks against websites, leading to previous HN discussions and Wikipedia's decision to removearchive.todaylinks. - Previous Conflicts: This is not the first time Cloudflare and
archive.todayhave had issues; earlier conflicts often involvedarchive.todayintentionally blocking Cloudflare's resolvers over privacy concerns (e.g., PII in DNS lookups).
The exact timing of Cloudflare's specific "C&C/Botnet" flagging, occurring over a month after the primary DDoS accusations, remains unclear, but it marks a significant escalation in the ongoing tension between the two entities.
The Gossip
Cloudflare's Controversial Call
Commenters are deeply divided on Cloudflare's decision to flag `archive.today`. Some vigorously defend Cloudflare, citing `archive.today`'s alleged use in DDoS attacks as justification for the block, arguing that malicious activity warrants such measures. Others question the implications of a major infrastructure provider essentially de-platforming a significant archiving service, raising concerns about censorship and the broader impact on internet access and neutrality, especially since 1.1.1.1 (non-filtered DNS) still resolves the domain.
A History of Hostility
The discussion quickly delves into the long, tumultuous relationship between Cloudflare and `archive.today`. Commenters recall multiple past instances, some dating back to 2019, where the two services have been at odds. Historically, `archive.today` had often intentionally configured its domains to provide incorrect responses to Cloudflare's DNS resolvers, largely due to disagreements over user privacy and PII handling. This current situation is distinct, as it represents Cloudflare actively blocking `archive.today` for alleged malicious activity rather than `archive.today` blocking Cloudflare.
DDoS Dilemmas and Deprecation
A significant portion of the conversation revolves around the accusations that `archive.today` was being used to launch or facilitate DDoS attacks. Users link to previous Hacker News threads and articles, including Wikipedia's decision to deprecate `archive.today` links, as evidence supporting Cloudflare's action. There's an underlying debate about the responsibility of platform providers when their services are allegedly misused, and whether active blocking is an appropriate response.