A form of “DDoS protection” where every possibly suspicious connection is blocked permanently/indiscriminately is considered harmful both for the website itself and online freedom. I stopped using monero.town when it started blocking everyone on Tor after DDoSed via some stupid Tor abusers in 2024. In general we need DDoS protection, but it was unexpected and ironic to see that all-too-familiar “you are blocked because you’re a privacy-oriented user” screen from Cloud-something here on a monero-related website.

Today I happened to notice that they have unblocked Tor (don’t know since when) and the website still exists though perhaps being less active than it used to be.

“Sorry, you have been blocked You are unable to access monero.town”

It’s a good idea, and it could be done. You could have Arweave as the front-end, but a backend on a regular VPS (to avoid people having to pay with arweave wallets)

However, there is another alternative that is already made, that doesn’t require any custom work,

Using encryption as identity forums, it stops the CDN from seeing passwords using DegenRocket’s code. Right now it’s on RebelNet.me using Nostr/Ethereum keys. So maybe switch off Cloudflare to a better CDN (perhaps bunny), and then people can sign with Nostr keys. And then the CDN can’t access accounts…

Best part: RebelNet.me has native Monero tipping already on it.