Press "Enter" to skip to content

Cloudflare Update: The Little Worker That Could

By Kieron JH on October 22, 2025 5:42 am
A man resembling Edward Snowden in a vintage Newcastle United shirt with a mullet and glasses, labelled as Eddie Snowie, cyber security expert.
Eddie Snowie, our in-house cyber security expert, pictured in classic NUFC kit and his trademark mullet. A master of digital disguise and firewall foresight.
TRA logo

Edge worker upgrade: cleaner alerts, better evidence, same privacy

We have shipped a quiet but important update to our Cloudflare worker. It reduces alert spam, strengthens our audit trail, and keeps pages snappy. This builds on our previous protection notes and SEO update — the focus here is alert hygiene, proof, and reader experience.

What is new today

One alert per actionexpanded

Each visit event now resolves to a single message in our internal feed. We added strict deduping and short holdbacks so the same request does not fan out into multiple embeds. Critical security signals still arrive, but routine visits are calm.

Plain speak: one click gives one ping, not three.

First-party telemetry intakenew

Browser telemetry is now accepted only from our own pages with matching origin and content type. This cuts junk traffic and protects our counters from noisy tools. The endpoint ignores cross-site posts by default.

Plain speak: only our pages can talk to our logger.

Same-origin insight on device switchesnew

If the same device opens our site in another browser or profile, we often spot that pattern and annotate the alert. This helps us connect a session without any personal information.

Plain speak: switch browser and we can still see it is probably the same device.

Evidence you can referencenew

Every important response carries a request ID and timing header. If a reader reports an issue, we can match it to the exact entry in our log. That shortens investigations and preserves a clean chain of custody.

Plain speak: quote the request ID and we can find the moment.

KV housekeeping and counter accuracyexpanded

We adjusted how we store session counts and device totals. Routine views are kept lightweight. Short-lived hints expire quickly. Long-lived fingerprint totals stay accurate without creating storage spam.

Plain speak: numbers add up without clogging the store.

Telemetry that stays on our domainnew

Our analytics script is now served from our own site through a small proxy. This reduces third-party noise and keeps browser content rules happy, while keeping the same privacy stance.

Plain speak: fewer third-party requests, same insights.

Console tidy and script compatibilitynew

We repaired script loading edge cases that could create warnings in some browsers. The worker now cleans up conflicting attributes and serves safe defaults so essential tools load cleanly.

Plain speak: the site runs clean without nagging errors.

Safety pages refreshedexpanded

Short, readable interstitials now include clearer copy in our black and gold style, with a visible request ID. Where checks are required, they are explained and then the reader continues.

Plain speak: brief, human pages when care is needed.

How this differs from previous updates

  • Alert hygiene is tighter. Earlier work added layered protection. Today’s change focuses on cutting duplicates and noise in our evidence feed.
  • Intake is stricter. We now validate that telemetry came from our own pages before we accept it.
  • Audit trail is clearer. Request IDs and timing headers are standard so readers and editors can reference a specific moment.
  • Privacy stance is unchanged. We still use a pseudonymous device ID. No personal profiles. No ad tracking.

What this means for readers

Pages stay quick. Most people will not notice a thing. If you ever see a short safety page, it will be clear and brief. If something looks wrong, email [email protected] with the request ID and we will check it.

What this means for subjects of our reporting

Attempts to test boundaries still appear in our evidence with one clean record per action. If someone swaps browsers or profiles on the same device, our internal note often links those actions. We do not publish triggers or timers. We keep the exact rules private so the protections remain effective.

Privacy, again

We continue to log only what we need to run the site safely. That includes a pseudonymous device ID, high level browser and screen information, and the page path. We do not collect names or precise locations on public pages. We do not sell data. This is the same promise, now with cleaner delivery.

FAQ

Will this identify me?

No. We use a pseudonymous device ID. It helps us spot patterns, not people.

What happens if I open many tabs?

Our dedupe logic reduces repeated alerts so one action does not spam our feed.

What if I switch browsers?

Our internal note may say it looks like the same device. That helps with support and security without collecting personal details.

Written by The Reasonable Adjustment. This post expands on earlier security and SEO notes with a focus on alert hygiene, intake checks, and evidence quality. Exact thresholds and triggers are not shared.

Published in Articles, Cyber, Food For Thought, Kieron, Tools and Transparency

More from ArticlesMore posts in Articles »
More from CyberMore posts in Cyber »
More from Food For ThoughtMore posts in Food For Thought »
More from KieronMore posts in Kieron »
More from ToolsMore posts in Tools »
More from TransparencyMore posts in Transparency »

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *