We just can't OK VPNs across the board because it leaves us too vulnerable from a security standpoint. It's especially a concern for higher-ups right now I'd imagine as Kronos was ransom attacked recently and we were doing manual time cards. I've gotten into practically shouting matches with other employees about this when I express access concerns everyone in this thread has, which I share.

I can semi-appreciate your concern, but why is it that FlyerTalk is the ONLY site of all that I visit with VPN turned on where denial of access happens? Would seem that Cloudflare is seriously overprotective compared to the services that other sites use.

At $dayjob I know from experience that our login security posture systems take a dim view of attempted logins from public VPN IP addresses (which it usually refers to as an "Anonymous IP address"), it flags the user account as high risk, and sends the user into a cycle of 2FA challenges until they resume a pattern of more normal network access. $dayjob colleagues have learnt that keeping their Netflix region hopping away from their corporate network access makes life easier.

From the perspective of IB who host forums that have a history of being DDOS'd and forums spammed, due to the limitations of forum software it would seem to me they have no easy option to invoke a 2nd factor authentication from perceived higher risk logins, so they regrettably end up blocking access.

Thanks for the perspective and insight.

Cloudflare is involved in much of the internet. However, in my experience, only FlyerTalk and Ticketmaster don’t like VPNs at such an extreme level.

Ticketmaster does this for many reasons including they want to unmask visitors as much as possible to retarget ads to them.

FlyerTalk doesn’t have good (or presumably nefarious enough) reasons to be anywhere near so heavy handed on blocking the majority of VPNs. Plenty of websites including some of the most visited and targeted in the world both use Cloudflare and protect themselves against DDoS attacks just fine, while also allowing generally the use of VPNs.

When it comes to striking a reasonable balance between protecting against malicious bots and DDoS attacks - yet letting your users access the service without too cumbersome an amount of hassle - where there’s a will there’s a way. I hope the powers that be around here find the will to do something about the current state of the imbalance.

I miss being able to visit but the hurdle is now such that it’s a rare thing for me to switch to a specific server just to do so, and so my FlyerTalk experience has become just skimming the topic titles via email notifications consumed as digests. But there’s no participation, community or ad revenue in that….

I often have to use a VPN when I'm abroad because some websites won't let you access from a foreign IP or they send you to their non-English language website. My credit union and my school's email server won't allow non-US IPs to connect.

But with FT it's the opposite. Every NordVPN server IP seems to be blocked and I can't access anything unless I turn off my VPN.

Today I am seeing that many VPN servers of the VPN provider I use (express VPN) have been blocked by FT.

I've just done an internet search that brought up a link to FT. I forgot I was using a VPN and clicked -- and was allowed to log in. That hasn't been possible in recent weeks -- from my point of view the change is definitely an improvement.

(I'm using "personalVPN" today, formerly witopia, and selected the Boston location.)

Same here. This was never a problem in the past year after I started using ExpressVPN - and I started using that on the recommendation of my brokerage, after my account got hacked.

Are there some NordVPN servers not blocked by FT?

seems to be SUFSHARK issue w/ FT / cloudflare. Annoying.

How do you want us to quote over to you an IP address?

Has there been a solution to this yet? The only alternative I have is not using FlyerTalk when on a VPN, but that’s quite user unfriendly, considering many of us want to reference travel information while we are travelling.

Having a VPN is a common safety measure that travelers use.

I use a VPN pretty frequently in Asia. I don’t need to use one for Flyertalk, but sometimes don’t log out of my VPN before checking messages. Less than half of the 50-60 cities/countries are blocked on FT.

Unfortunately abusing VPNs is also a common tactic spammers and hackers use. This is also not specifically a knock on FT, but a company-wide security measure. I have repeatedly tried to override it because you're right: It doesn't really make sense to block VPNs on a travel site.

However, if you can select a default IP address to use, I can have our network team manually whitelist it. If you're able to select that, please PM me and I will have them do so.