Subj : Cloudflare
To   : poindexter FORTRAN
From : Arelor
Date : Thu Apr 22 2021 05:41:46

  Re: Cloudflare
  By: poindexter FORTRAN to All on Wed Apr 21 2021 07:26 am

 > I found an interesting article on Reddit about a home lab user using the
 > home/free tier of Cloudflare for their network.
 > 
 > On top of the usual DDOS stuff, they handle SSL and proxying to HTTP/HTTPS
 > for your facing services, provide DNS for your domain, allow access to their
 > CDN, and you get to hide your home IP in the process.
 > 
 > There's a lot of analytics, I'm just starting to play with that now.
 > 
 > The original poster is using pfsense to talk to Cloudflare's API, it sounds
 > like you could do some interesting things with it.
 > 
 > Definitely worth checking into, I'd started setting up a reverse proxy on my
 > network, mostly to handle LetsEncrypt renewals, but this would render that
 > moot as well as add some other features.
 > 
 > 
 > ... The neuroanatomy of fear and faith share common afferent pathways.

Cloudflare is a Google-class threat to privacy and freedom of the Internet.

Their SSL management is very meh if you use them only as an SSL accelerator.
They break the asumption that the SSL/TLS connection is performed to the
website's hosting location. If you use them as an accelerator they get to see
all the supposedly encrypted traffic and your users won't know it unless they
pay a lot of attention.

Anti-DDOS is nice. It is too bad that in order to have your own DDOS protection
nowadays you need the infrastructure to route DOS connections to /dev/null,
which is kind fo expensive.

--
gopher://gopher.richardfalken.com/1/richardfalken

---
 þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL

.