Subj : Re: Advice on self-hosting a website? To : dflorey From : Arelor Date : Mon Apr 07 2025 13:48:37 Re: Re: Advice on self-hosting a website? By: dflorey to Arelor on Mon Apr 07 2025 09:36 pm > Ar> Cloudflare is a Google-level threat to Internet privacy. I wish > Ar> everybody stopped promoting it. > > What parts of CloudFlare don't you like? I'm genuinely curious... I don't have qualms with CloudFlare as an administrator, other than being extremely anti-user. First of all, since a lot of webmasters are placing their sites behind CloudFlare for no practical reason, CloudFlare gets to see a whole lot of Internet traffic. Having too powerful entities watching and controlling Internet traffic is problematic. For example, CloudFlare can (and does) unilaterally decide which search engines are allowed to scan CloudFlared websites and everybody who isn't Alphabet, Microsoft or a big money agency is just not going to reliably create a competing search engine because CloudFlare will axe so much of the Internet down for them. Then there is the fact that their TLS acceleration plans are of dubious utility . The one in which they act as TLS terminators is specially bad: end users connect to CloudFlare using a TLS connection controlled by CloudFlare and the encryption is broken on the CloudFlare end. Then CloudFlare proxies the requests to the CloudFlared webserver. Mind you, I think it used to be the case that the CloudFlare-WebServer connection was not necessarily tunneled. This represented a huge breach of trust - when I visit a random site and get an https connection, the expectation is that your session is encrypted up to the web host. However, even if they are encrypting the backend connection now (which I doubt is the case for all plans) it is still a breach of trust because the TLS connection is being terminated way before it reaches its destination. Also CloudFlare (and many cheapo web application firewalls) will reject legitimate mainstream web browsers when it fits them. Are you using Firefox? Don't dare customize your browser too much because you may end up getting captchaed to death. Don't dare visiting a CloudFlared site using Tor and Javascript disabled, even if the site itself is a static wallhanger. -- gopher://gopher.richardfalken.com/1/richardfalken --- SBBSecho 3.23-Linux * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (21:2/138) .