check out "Cloud Firewall", a blocker by Gokulakrishna Sudharsan that was inspired by Kashmir Hill's series and Dhruv Mehrotra's VPN:

@privacylab how does this compare/contrast with decentraleyes?

You just CAN'T access to,,, etc. and any requests to these big-tech sites from other sites are also blocked.

It's the hardcore mode for free internet enthusiasts.

Hm, is there a way to whitelist sites so decentraleyes can MITM certain CDNs?

there is an option to toggle:
" Use local offline storage for storing Cache of recent results in format SHA256 hashes of hostnames (default enabled - green!). If disabled (gray), addon will use "in-memory" cache and will lose the cache when browser restarts "

@popefucker @roipoussiere @privacylab hi, developer of cloud firewall here. Yesterday was the first 0.0.1 release, I wished to release ASAP before everyone forgets @KashHill's living without big 5 tech series. In future version, I will add setting to allow user to decide which "resource types" wants to block. Currently it looks at IP of every 1p/3p resource and checks if IP is present in known (bundled) list of ipv4/ipv6 ranges owned by clouds. Pic has list of resource types.

@roipoussiere @popefucker @privacylab hi cloud firewall developer here. It's not just a blocker with list of few host names like and YouTube com. I literally mean "cloud firewall", it looks at IP address of site+ all 1p/3p resources and checks if IP is present in known (bundled) list of ipv4 ipv6 ranges owned by cloud companies. Not the "big tech sites" but "anything hosted in clouds" :)
Please try it out once and review settings page and help page (which is same as readme in repo)

it blocks everything, with decentraleyes you can still use YouTube or Google

@popefucker @privacylab hi, I created Cloud Firewall. It is a firewall i.e it looks at IP address of every 1p/3p resources and checks if it's present in the known (bundled) list of ipv4 or ipv6 ranges owned by cloud companies and decides to cancel request if user has enabled blocking. PFA pic for supported request types it analyzes.

Can you pls review the readme for examples and " how does it work section" and let me know your thoughts?

It seems like a great piece of software but a whitelist would be very nice.

@popefucker @privacylab yes , can you please see the issues list in Gitlab? I have already wrote down a issue about adding a white list button for main_frame (address bar level) and a future feature for "resource type" level like JS, IMG level. Thanks , please let me know your thoughts if you get a chance to try it. I wished to publish it ASAP before everyone forgets Kashhill's series. It's just 1 day after first release of this add-on. :)

@popefucker @privacylab hi, can you review this issue I wrote about having a switch to allow only the resources supported by Decentraleyes, so that it can catch and render from local.

@popefucker @privacylab Hi, I released a new version of Cloud Firewall addon with a special switch for allowing CDN lib JS requests so DecentralEyes addon can provide those resources from its local resources. It's an optional switch in settings page, disabled by default.

@gkrishnaks @privacylab awesome!!! I will definitely install & use :) thanks

@popefucker @privacylab pls share feedback after you try. It's just 15 days old now and I'll add more features :)

Also, wished to share this post by Paula, an advanced technical user of Cloud Firewall in /e/ forum about it, see what she called as "Surprises".

P.S. Firefox for Android is also supported. :)

@roipoussiere @privacylab cloud firewall developer here, glad you like it. To clarify, it's a firewall, NOT a "hosts file" type blocker with list of host names to block. It looks at IP of each resource 1p/3p and decides whether it's present hosted in a cloud by checking against bundled ipv4 ipv6 ranges owned by cloud companies. It's not just about "" or '' but stuff hosted in clouds like aws or gcp.

@roipoussiere @privacylab Hi Nathanaël. In Cloud Firewall, I have added support for working together with Decentraleyes addon and also persistence of toggle Switch states. Both these are optional, disabled by default, and can be enabled in Settings page.

Can you share feedback or comments/thoughts (Also issues or bugs or feature requests!) - I am very curious to hear more as you took it as a challenge to replicate Kash Hill's experiment :)

@roipoussiere @privacylab I took inspiration from her research to build this addon. She spent 6 weeks without top 5 tech companies and their cloud services one per week, 6th week without all of them. I reused the ASN data from Dhruv Mehrotra' s VPN which he built for her to use as part of this research series. "Life Without the Tech Giants":

@gkrishnaks @privacylab
My first feedback is that the possibility to set a whitelist could be interesting.
For instance, I use GitHub at work, so I need to access this website, but I still want to block others Microsoft's domains.

@gkrishnaks @privacylab
Also, a button to temporary enable the current domain that just being blocked may be useful (just like Decentralize and uBlock Origins).


Thanks for trying out, yes many have asked for this feature "excludes list" of some sites, I've it documented as ticket #1 in my repo based on this feedback. :)

Ok, I will note down the "temporary exclude" for per site basis too as a new ticket in gitlab.


@gkrishnaks @privacylab
Ok. I've just upvoted it. 😛
Ironically, I was not able to access cloud-firewall repository, because uses Amazon services. 😁

Hm ok! is hosted in Google GCP.. Also see what Paula, a cloud firewall user, posted here about her usage of this addon here in /e/ forum and what surprised her!

@perflyst @privacylab ohh no, why did you check GitHub? In AMO listing, I linked only Gitlab repo page for both home and support links.

@perflyst @privacylab oh did I accidently type GitHub link there? I will check and update it.

@perflyst @privacylab hi, I corrected the typo mistake. Thanks, I had mentioned correct URL 3 times but missed on that one by typing github out of habit, I should have copied and pasted the URL :)

@judeswae @perflyst @privacylab Hi All,
For My "cloud firewall" add-on, I need some technical help regarding a feature request from a advanced user who tried it and reviewed the code.

It's regarding how to use alternate dns resolver like TBB (currently we use dns.resolve API provided by Firefox to extensions)

Please read this issue link and boost/share it so I can provide the feature for advanced users/advanced use cases.

LB: in case it hasn't been spotted by h.t's eyes yet

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!