Cloudflare gated services

when accessing any number of official and unofficial nix sites,

nixos.org (not cloudflare), nixos.wiki, nix.dev, cachix.org, etc. I frequently see the “Checking if the site connection is secure” interstitial from cloudflare. I understand that anything unofficial is at the mercy of the maintainer, but comparing this to other distros and languages I have used, it was a surprise.

at best these interstitials are an annoyance, however frequently it will hang forever and sometimes prevents me from accessing the site. is there a strong reason for using this service?

As far as I know, the official services all rely on fastly rather than cloudflare, though checkig nixos.orgs CNAME suggests that its via netlify:

$ dig CNAME nixos.org

; <<>> DiG 9.18.5 <<>> CNAME nixos.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62081
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;nixos.org.			IN	CNAME

;; AUTHORITY SECTION:
nixos.org.		600	IN	SOA	dns1.p02.nsone.net. domains+netlify.netlify.com. 1658743230 43200 7200 1209600 3600

;; Query time: 22 msec
;; SERVER: 192.168.178.1#53(192.168.178.1) (UDP)
;; WHEN: Fri Aug 26 10:20:39 CEST 2022
;; MSG SIZE  rcvd: 119

Neither is cloudflare though, and I have never seen any cloudflare (or other) interstitials.

oh, sweet good to note, it is a little tricky to confirm for actual cloudflare things, since they use A records, but I have updated my post. that said, nix.dev, which is sort of official[0], and nixos.wiki were the two sites that spawned this topic.

0] https://github.com/NixOS/nix.dev

At some point you need some CDN and cloudflare can be an attractive option but people can turn down their bot protection especially for informational websites.