Cloudflare gated services

when accessing any number of official and unofficial nix sites,

nixos.org (not cloudflare), nixos.wiki, nix.dev, cachix.org, etc. I frequently see the “Checking if the site connection is secure” interstitial from cloudflare. I understand that anything unofficial is at the mercy of the maintainer, but comparing this to other distros and languages I have used, it was a surprise.

at best these interstitials are an annoyance, however frequently it will hang forever and sometimes prevents me from accessing the site. is there a strong reason for using this service?

As far as I know, the official services all rely on fastly rather than cloudflare, though checkig nixos.orgs CNAME suggests that its via netlify:

$ dig CNAME nixos.org

; <<>> DiG 9.18.5 <<>> CNAME nixos.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62081
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;nixos.org.			IN	CNAME

;; AUTHORITY SECTION:
nixos.org.		600	IN	SOA	dns1.p02.nsone.net. domains+netlify.netlify.com. 1658743230 43200 7200 1209600 3600

;; Query time: 22 msec
;; SERVER: 192.168.178.1#53(192.168.178.1) (UDP)
;; WHEN: Fri Aug 26 10:20:39 CEST 2022
;; MSG SIZE  rcvd: 119

Neither is cloudflare though, and I have never seen any cloudflare (or other) interstitials.

oh, sweet good to note, it is a little tricky to confirm for actual cloudflare things, since they use A records, but I have updated my post. that said, nix.dev, which is sort of official[0], and nixos.wiki were the two sites that spawned this topic.

0] GitHub - NixOS/nix.dev: Official documentation for getting things done with Nix.

At some point you need some CDN and cloudflare can be an attractive option but people can turn down their bot protection especially for informational websites.