NodeBB

Just wanna note that the domain owner is the one who elected to use that level of security check, though TBF CF doesn't make it very granular (and why enterprises tend to use their own WAFs) https://duckduckgo.com/?q=cloudflare+security+levels&ia=images&iax=images&iai=https%3A%2F%2Fmediafortress.com.au%2Fwp-content%2Fuploads%2F2022%2F08%2FCloudflare-security-level.gif Edit: for the record I don't at all judge. Web has rampant bit activity these days and it's a lot even for a large team. Slash there are other settings in CF that could affect the behavior so it could be something else. Sae a comment that it was login-aware which makes me think it's more than just the security levels

@PuercoPop I think HTTP signatures are not good for that, but you can put a signature inside an activity:https://fediverse.codeberg.page/fep/fep/8b32/"integrity proofs" proposed in this document use JSON Canonicalization Scheme, which is not whitespace-sensitive.

test four begins now.