Self-Hosted Main

502 readers

1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

Service: Dropbox - Alternative: Nextcloud
Service: Google Reader - Alternative: Tiny Tiny RSS
Service: Blogger - Alternative: WordPress

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

Awesome-Selfhosted List of Software
Awesome-Sysadmin List of Software

founded 1 year ago

MODERATORS

[email protected]

How are so many sites OK with using cloudflare when they are basically a MITM? (alien.top)

submitted 10 months ago by [email protected] to c/[email protected]

87 comments fedilink hide all child comments

Regardless of whether or not you provide your own SSL certificates, cloudflare still uses their own between their servers and client browsers. So any SSL encrypted traffic is unencrypted at their end before being re-encrypted with your certificate. How can such an entity be trusted?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 10 months ago (11 children)

Because it's everyones MITM. I trust them with security because it's the only thing they focus on, I focus on making my stuff stop randomly shutting down. If absolutely everyone is using it, I don't care too much if an issue appears- nobody cares about my tiny little thing when Discord goes through Cloudflare

[–] [email protected] 1 points 10 months ago (10 children)

Because it's "everyone's MITM" it would make it a perfect spot for state actors to tap into in order to surveil pretty much everything without anyone being able to notice.

Hell, just the server logs (timestamps, IP addresses and exact URLs) would be unbelievably valuable.

I'd be really surprised if someone wasn't taking advantage of that.

Which is to say if you selfhost because you want more control and privacy, you probably want to avoid services like that.

[–] [email protected] 1 points 10 months ago (1 children)

ThePirateBay, the most notorious site in the world, uses Cloudflare. This isn't China. Wiretapping is illegal in most circumstances, and that's essentially what it would be doing.

[–] [email protected] 1 points 10 months ago

Wiretapping is only illegal if it isn't sanctioned in some way.

They can spy on anyone who isn't an American citizen legally, so they could probably tap into any server that's outside the US.

They can also spy on people if a secret court allows them to do so, and (by design) you would never even know about it.

Lastly they can simply have deals with agencies from other countries that have similar "restrictions" where they tap into the US data and then they just exchange the collected data, because then it's technically not them who is doing it so it's perfectly legal.

They certainly have no obligation (or desire) to keep anyone's data private - especially from themselves.

ThePirateBay, the most notorious site in the world, uses Cloudflare.

It wouldn't be far fetched to think that now that the battle against it was lost on all fronts it would work as a good honeypot. You never know what or who is behind it.

load more comments (8 replies)