Both Lemmy.world and my server rely upon Cloudflare for SSL, DDOS protection, CDN services, etc. I use it to provide me with a Cloudflare tunnel to get around not being able to forward ports.
Outages have put this dependance to question, and the same with recent news about the US government obtaining data through subpoenas. It’s a free service that takes care of many of the difficulties when it comes to hosting your service online, but everyone knows that free is not free.
What do you all think about Cloudflare?
You must log in or register to comment.
Cloudflare is just your average, often free, TLS-terminating proxy everyone uses and definitely NOT a NSA operation for being able to read and control all internet traffic.
You should definitely use it, preferably with AWS or Azure (or both!) as the underlying server.
Also, pick US-East1 so you are down when everybody else is.
I do wonder if everyone would be so comfortable with Cloudflare if they were a Russian or Chinese operation.
Wouldn’t be surprised to find CF were also controlling some of the biggest DDOS botnets to remind people what happens when you don’t let the Americans see all your traffic…
Given that a lot of websites need cloudflare to shield them from getting DOSd by the infinite hord of web scrapers maybe cloudshare should be depicted as a shield blocking a broom from knocking the tower over? Probably both held by the same person…
I haven’t had my shit up for very long, and HOLY SHIT the unique visitors numbers are nuts.
I think this is because of federation, but mainly the images being loaded across other instances.I looked at deflect and it ain’t gonna be cheap, the number will only go up, and I am the sole user of the site. Storing the shit in a media bucket or whatever would fix it, but I’d have to pay for that shit too.
for most of the time,indifferent.
Turnslide is nice,DDOS protection is nice,etcBane of my existence as obligate VPN user
Can you expand on it? How do websites block vpn? Do they just block all the other countries? Why would you want to visit such websites?
This image is inaccurate, because it suggests Cloudflare is a small block. The original xkcd makes more sense, because it is a project run by a single person. To represent Cloudflare, it should be a huge block given it’s a very large company with a market cap of $69 billion.
Fair enough, one other guy said it should be the thin block above the one pointed to. Makes sense, and it can still be yanked from under you.
Suddenly yanking it out might cause a lot of stuff to collapse, but at least some parts would still be able to operate without it in the long term. Maybe one of the blocks in the upper two stacks?
/rant on I think CloudFlare is the direct result of the enshitififcation of development work.
People write an insecure app in Express/Flask/whatever, deploy it to the internet, then bolt on Cloudflare as a WAF and add Datadog because they have no idea what’s happening under the hood or limited themselves with their up-front choices.
This is marketed as progress. /rant off
But there are valid use cases like you mentioned. And it’s the enshitifed sites that fund that free tier.
There’s some irony about the Fediverse going through a centralized service, but I don’t know of a better free answer. A cheap answer might be a VPS with Caddy and automatic Lets Encrypt, but it’s not turnkey.
I think CloudFlare is the direct result of the enshitififcation of development work.
I think it’s also a symptom of assholes fucking it up for everyone. You wouldn’t need the DoS-protections or security tools if there were no attackers.
Don’t know a solution for that, unfortunately. I think you have a point about inadequate development work, but I’m not sure it’s the whole puzzle.
The modern Internet would be way worse without it, but it still sucks how centralized it is.
Piefed.ca too
In addition to the tech reasons mentioned, the click here checkbox is just a fucking infuriating interruption
More infuriating than captcha?
No but we need to get rid of all types
Feddit.org uses Anubis
Cloudflare is one of the secret ruling parties of the internet.
I don’t understand why so many Americans like to use it, even the ones who tend to think liberal and go for self hosting.
What are the alternatives?
And a VPS and any number of tunneling systems for the remote reverse proxy.
Rathole is my goto. But SSH forwarding, wireguard… There’s plenty, even ones that will entirely manage the reverse proxy on the VPS.How will it help against ddos?
Letsencrypt for SSL,
fail2ban for ddos protection,literally just a disk for cdn.F2B for ddos protection?! You have absolutely no idea what you’re doing. At all.
You’re right, I was writing this from the top of my head and remembered f2b as simply the banning one and didn’t properly check its capabilities for ddos. Sorry for that
Does fail2ban actually help?
In a strong enough DDOS, you need someone before you to stop the traffic, at which point you either have a good provider, or have to submit to someone bigger than you.
This is probably why so many people use cloudflare. Similarly to discord, their serivices can be found on several different platforms but they are the only ones who offer all of them for free.
deleted by creator
It’s a free way to get a reverse proxy for a self hosted website and not expose your home IP and avoid attacks, so kind of hard to pass up tbh.
I use it for a couple websites. I’m a geek and can make things work software wise but I’m absolutely not a programmer, I just don’t really grasp a lot of it. Give me some hardware and I can build whatever but I digress. Cloudflare has prevented a bunch of attacks on my sites and the caching function is helping stave off switching to a VPS for now.
It can be a PITA if you don’t have native IPv6 and use Hurricane Electric’s IPv6 tunnel broker. A lot of sites that are hooked into cloudflare and some other similar services pop up captcha’s every visit or just pain don’t function correctly. I’m going to switch to Route64 as an alternative to HE, they only provide a /56 vs a /48 but it’s not like I’m going to need that many /64’s at this point.
Admin of Feddit.dk. We try not to use non-EU suppliers and I don’t like the idea of depending so fully on something like Cloudflare. I could see us using an EU equivalent but don’t really see the need right now.
