Self-Hosted Main

515 readers

1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

Service: Dropbox - Alternative: Nextcloud
Service: Google Reader - Alternative: Tiny Tiny RSS
Service: Blogger - Alternative: WordPress

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

Awesome-Selfhosted List of Software
Awesome-Sysadmin List of Software

founded 1 year ago

MODERATORS

[email protected]

How are so many sites OK with using cloudflare when they are basically a MITM? (alien.top)

submitted 11 months ago by [email protected] to c/[email protected]

87 comments fedilink hide all child comments

Regardless of whether or not you provide your own SSL certificates, cloudflare still uses their own between their servers and client browsers. So any SSL encrypted traffic is unencrypted at their end before being re-encrypted with your certificate. How can such an entity be trusted?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 11 months ago (8 children)

Because it’s not always about the encryption. I use Cloudflare tunnels because they are a good way of exposing sites to the internet without exposing my IP or opening ports, which means I don’t have to worry as much about DDoS or other attacks and therefore I don’t need to spend as much effort defending against them.

Even Cloudflare decides to inspect my traffic (and seriously why would they care about a tiny hobbyist website) it’s not like it gives them full access to everything, there are other controls you can use depending what your site is for.

Honestly what I don’t understand is why some on this sub have such strong objections to Cloudflare. Like I get they are a terrible company in a lot of ways, but name a tech company that isn’t?

[–] [email protected] 1 points 11 months ago (2 children)

You don't need to use CF tunnels to get DDoS protection and to hide your IP. If you are using CF tunnels without being undee a CG-NAT then you are getting MITM'd for nothing.

[–] [email protected] 1 points 11 months ago

You have a very narrow view of why certain technologies should or should not be used. I'm not behind CG-NAT but there is still plenty of value to Cloudflare tunnels for me. Even behind my IP I have a fairly complex network environment but CF tunnels make it easy for me to stand up a connection from a cluster, make it resilient and highly available, and automatically handle failure modes to keep the service up to the world. They also give me a transferable configuration that allows me to quickly move my apps to the cloud or to other hosting if I need to.

So no, I'm not "mindlessly" using them, and I'm not using them just for security or just for DDoS protection. I've actually put quite a lot of thought into my architecture and why I used certain technologies, thank you very much.

load more comments (1 replies)

load more comments (6 replies)