Yup, from http://www.malwaretech.com/2014/12/darkode-ode-to-lizardsqua... "I had noticed that lizardpatrol.com (the official LizardSquad website) was hidden behind cloudflare, so on a hunch I send a HTTP request to the darkode server, with the hostname set to "lizardpatrol.com".... That's right, the darkode server is also hosting the official LizardSquad website, oh dear."
Cloudflare is closer to a router than a host. They just happen to be a router which masks that which they're routing to.
If you file an abuse complaint to them about a specific domain, they won't take any actions themselves. However, they will tell the reporter the server's real hosting provider, and will forward the complaint to the hosting provider with information allowing the provider to determine what server the domain corresponds to.
There are some pros and cons to this approach, but considering their role as a completely neutral "transit station" of traffic, I think it makes the most sense legally and practically. Ethically I have a few qualms with it (if a site is very, very blatantly advertising illegal material, ethically I think they should either disable Cloudflare cloaking for the domain, stop resolving the domain at all, or just cancel the customer's account entirely; legally they don't necessarily need to, though, and I can understand why they don't), but they still make it very easy for a hosting provider to take action when there is an abuse complaint.
Depends what country your from really whether or not that would hold up. Depends if the US is going to user the overreaching arm to sort things like this out.
They cache static content like images and host that, yes, but they do not host any dynamic pages or "websites" themselves.
They have some hosting capabilities but I think that would be better described as a "mirror" rather than a host. Most of their infrastructure is routing and some is mirroring/caching.
They do host a lot more material than for example The Pirate Bay, which only hosted metadata about the files (size, description, checksums).
The reasoning is very similar, "we don't care what our users do, we're infrastructure". I wonder how well that will hold up in court, once tested. I have a nagging suspicion they will have to change their stance, but I'm happy to be proven wrong.
I can see 3 reasons why CloudFlare is protecting the site of LizardSquad, first 2 of which are really bad reasons:
1. Perhaps their logic is, if they protect LS's site, perhaps LS is less likely to attack services behind CloudFlare in fear of taking out their own site in the processes. I am not saying that CloudFlare does this out of fear of LS, perhaps they just think it's a sound business practice.
2. CloudFlare directly and significantly benefits from the illegal activity of LS and other DDoS organizations. DDoSers are the boogyman, and CloudFlare protects people from the boogyman, for money. The more boogyman attacks are there, the more people flee to the protecting arms of CloudFlare.
3. CloudFlare has the attitude that they are simple an ISP, or a router of traffic, and they are not responsible for any of the content on the sites they "distribute." This is a good position legally to take. As my friend, a prosecutor, jokingly points out, "everything is illegal." So, some country or another would be able to find something objectionable about almost every single site on the internet, and CloudFlare want's to be treated like an ISP, not responsible at all for any of that stuff.
But let's say the content in question wasn't a DDoS site, but a child porn site, would CloudFlare be so adamant in their stance, I don't think so. Even ISPs quickly disconnect their customers from the internet when clear and easily verifiable allegation of child porn, piracy, fraud, or bonnet operations are presented to them.
Basically, CloudFlare is not responsible for LS, but they should be a good Net citizen, and drop them voluntarily. That being said, they are not going to for reasons # 1 and 2.
Because it's a customer like everyone else, as a service provider you should maintain a neutral stance even if you don't like the service they provide. Just like ISPs shouldn't handle Netflix's traffic any different than traffic from other companies.
Knowingly providing internet infrastructure so others can attack other internet infrastructure is far from "being neutral." ISPs disconnect customers all the time for abuse, yet somehow Cloudflare gets a free pass?
Funny how the solution to being DDOS'd by their own customers is, "Buy our product." In the sane world we call this racketeering or protection money.
No, they will cut off service entirely if the user's behavior threatens their network (usually legally).
As an example, ISP's don't drop spammers because they morally hate spam, they drop spammers because their mail servers will get blacklisted and make their customers hate them.
Why is CloudFlare protecting these sites, anyway?