Hello World,
today, @[email protected] has provided an update to the media upload scanner we’re using. This should reduce the amount of false positives blocked from being uploaded. We have deployed the updated version now.
While we do not have stats about false positives from before we implemented the scan when uploading, those changes did not change the overall data availability for us. Flagged images were still deleted, they were just still served by our cache in many cases. By moving this to the upload process, it has become much more effective, as previously images could persist in Cloudflare’s cache for extended periods of time, while now they won’t get cached in the first place.
Over the last week, we’ve seen a rate of roughly 6.7% uploads rejected out of around 3,000 total uploads. We’ll be able to compare numbers in a week to confirm that this has indeed improved the false positive rate.
Thanks for the reply and apologies for getting back to you. I typed that out right before going to bed :(
Looking in developer tools, it does look like Cloudflare is what’s blocking me. Here’s the cf-ray value: 8f4ffe74bffc22f1-ORD
Now that I’m on a PC, I can simply open the file in an image editor, resave it without making any intentional modifications, and the upload succeeds. It makes me think that it has something to do with the image metadata (maybe EXIF?).
I’ll send you a pm you a link to the unmodified image momentarily.
thanks for the image. for some reason i can’t see the firewall event for your attempt, but when i tried to upload the image myself i found the event. it’s a rule related to a php file upload vulnerability in software we’re not even using, it’s disabled now.
Very cool, thanks! This will make it a lot easier for me to post OC.