this post was submitted on 23 Dec 2025
70 points (93.8% liked)

Selfhosted

54297 readers
430 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

  7. No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
70
In what way am I the product when using CloudFlare's free tier? (lemmy.world)
submitted 2 weeks ago by early_riser@lemmy.world to c/selfhosted@lemmy.world
49 comments fedilink hide all child comments
 

I'm using CloudFlare to hide my home IP and to reduce traffic from clankers. However, I'm using the free tier, so how am I the product? What am I sacrificing? Is there another way to do the above without selling my digital soul?

you are viewing a single comment's thread
view the rest of the comments
[–] ptz@dubvee.org 23 points 2 weeks ago* (last edited 2 weeks ago) (32 children)

I have never used it, so take this with a grain of salt, but last I read, with the free tier, you could not secure traffic between yourself and Cloudflare with your own certs which implies they can decrypt and read that traffic. What, if anything, they do with that capability I do not know. I just do not trust my hosted assets to be secured with certs/keys I do not control.

There are other things CF can do (bot detection, DDoS protection, etc), but if you just want to avoid exposing your home IP, a cheap VPS running Nginx can work the same way as a CF tunnel. Setup Wireguard on the VPS and have your backend servers in Nginx connect to your home assets via that. If the VPS is the "server" side of the WG tunnel, you don't have to open any local ports in your router at all. I've been doing that, originally with OpenVPN, since before CF tunnels were ever offered as a service.

Edit: You don't even need WG, really. If you setup a persistent SSH tunnel and forward / bind a port to your VPS, you can tunnel the traffic over that.

[–] HelloRoot@lemy.lol 4 points 2 weeks ago (16 children)

I have the same setup but using frp which stands for fast reverse proxy.

The term VPN is pure marketing bs. What is called VPN today used to be called Proxy Server.

I've also heard good things about using Pangolin for the same setup.

[–] rexbron@lemmy.ca 3 points 2 weeks ago

Good luck I’m behind nine proxies!

load more comments (15 replies)
load more comments (30 replies)