Explain to me like I’m a 5 year old who just learned what an internet is how CloudFlare can block traffick to websites that dont sign up for their services?
News from the UK shows that CloudFlare is now blocking a bunch of domains associated with peer to peer file sharing, but I dont understand why these domains wouldn’t just migrate away from CloudFlare services and that would fix the problem. Do the ISPs use CloudFlare to provide services between the user and the website hosts when the user requests a web page via the browser?
There are definitely multiple ways they can block traffic to a site, but you have to be sending traffic through them or using DNS from them, or placing your site behind them using them for protection from denial of service attacks.
Firstly, if you pay or use their free “anti-ddos” services, what is really happening is all traffic to your site is being sent through their network. Should you violate their terms of service, they can choose to terminate that traffic.
DNS is Domain name service, where I want to visit example.com, and DNS tells the computer to go to 12.34.56.78. The DNS server your computer will ultimately use can be assigned by your ISP, manually configured by your network administrator, etc. One choice you can use, that is regarded by some as a good choice due to response time, is cloudflare. When cloudflare decides to block a site, one method they may use is to redirect DNS replies for that domain to a placeholder that indicates this site is blocked, or reply with NXDOMAIN - Non-eXistent domain.
An ISP could also choose to buy bandwidth from cloudflare as an upstream provider. For cloudflare enforcing a block, they would redirect traffic destined for any of address they want to a placeholder just like DNS.
A more aggressive, and dangerous tactic that could cause global outages for a site, would be to falsely claim address as their own to the public internet with Border Gateway Protocol - BGP, then redirect/blackhole it.