Ask Lemmy

it's making the internet centralized and proprietary, i hate it. i do understand how it's a very easy option for website operators struggling against malicious bots though.

Dev here, building a public SaaS app. I'm aware of the centralization arguments, but CF seems to be the least worst of all the options in terms of alternatives. CAPTCHAs are awful, and I can't put up my own multi-Tbps DDOS buffer. I also regularly access my own resources from behind multiple VPNs; other than having to click the human button it doesn't consign me to an evening of identifying traffic lights.

Isn't Cloudflare more like the thin horizontal block above that one?

Cloudflare is one of the secret ruling parties of the internet.

I don't understand why so many Americans like to use it, even the ones who tend to think liberal and go for self hosting.

Cloudflare is just your average, often free, TLS-terminating proxy everyone uses and definitely NOT a NSA operation for being able to read and control all internet traffic.

You should definitely use it, preferably with AWS or Azure (or both!) as the underlying server.

Also, pick US-East1 so you are down when everybody else is.

This image is inaccurate, because it suggests Cloudflare is a small block. The original xkcd makes more sense, because it is a project run by a single person. To represent Cloudflare, it should be a huge block given it's a very large company with a market cap of $69 billion.

The modern Internet would be way worse without it, but it still sucks how centralized it is.

Lemmy.ca moving from Cloudflare to Deflect.ca.

That and AWS US-East

It’s a great service and it works mostly well. The internet is a little bit better because of them.

It’s also optional and simple to transition away from since they don’t host your environment.

Proprietary centralisation and gatekeeping of the internet, built by a profit first company that actively and deliberately protected nazis and kiwifarms until it became financially harmful for them to continue to do so.

They can fuck right off.

Decent idea, but too much power centralized to one company.

It's a free way to get a reverse proxy for a self hosted website and not expose your home IP and avoid attacks, so kind of hard to pass up tbh.

/rant on I think CloudFlare is the direct result of the enshitififcation of development work.

People write an insecure app in Express/Flask/whatever, deploy it to the internet, then bolt on Cloudflare as a WAF and add Datadog because they have no idea what's happening under the hood or limited themselves with their up-front choices.

This is marketed as progress. /rant off

But there are valid use cases like you mentioned. And it's the enshitifed sites that fund that free tier.

There's some irony about the Fediverse going through a centralized service, but I don't know of a better free answer. A cheap answer might be a VPS with Caddy and automatic Lets Encrypt, but it's not turnkey.

It keeps blocking my VPN, which is highly irritating.

Bane of my existence as obligate VPN user

Easy fix, just ban the act of DDoSsing... duh 🙄

/j

Feddit.org uses Anubis

In addition to the tech reasons mentioned, the click here checkbox is just a fucking infuriating interruption

I literally can not see most images from lemmy.zip because of the cloudfare craptcha.

Self-host or die trying !

I mainly use Cloudflare for buying domains and DNS settings. Are there better, more resilient alternatives? I am not savvy enough for a hyper custom setup. I think I've seen Porkbun mentioned. I've used name cheap before. I do pay for NextDNS - is that something that could fit into this? I don't think so but maybe I'm underutilizing it.

I use it for a couple websites. I'm a geek and can make things work software wise but I'm absolutely not a programmer, I just don't really grasp a lot of it. Give me some hardware and I can build whatever but I digress. Cloudflare has prevented a bunch of attacks on my sites and the caching function is helping stave off switching to a VPS for now.

It can be a PITA if you don't have native IPv6 and use Hurricane Electric's IPv6 tunnel broker. A lot of sites that are hooked into cloudflare and some other similar services pop up captcha's every visit or just pain don't function correctly. I'm going to switch to Route64 as an alternative to HE, they only provide a /56 vs a /48 but it's not like I'm going to need that many /64's at this point.

I found it when I needed to access a service I had running in a docker container from an external machine. It was magic at the time. I’ve used it to host private GitHub repos with access controls and it works for that too. I haven’t developed a strong opinion perhaps because of its utility.

I used to use them, but found that since I'm only hosting for myself, I just don't benefit much (if at all) from their services. The only thing that was actually doing any amount of work was Tunnel (similar to you, I can't forward ports).

Their service decrypts/snoops on your traffic by nature, and while my traffic is mostly just updating todo lists, taking notes, and backing up photos, I also sync my keepass database and in general just don't want my data snooped on.

I've since rolled my own Tunnel equivalent with frp on a VPS and have completely dropped CF.

I haven't had my shit up for very long, and HOLY SHIT the unique visitors numbers are nuts. I think this is because of federation, but mainly the images being loaded across other instances.

I looked at deflect and it ain't gonna be cheap, the number will only go up, and I am the sole user of the site. Storing the shit in a media bucket or whatever would fix it, but I'd have to pay for that shit too.

Given that a lot of websites need cloudflare to shield them from getting DOSd by the infinite hord of web scrapers maybe cloudshare should be depicted as a shield blocking a broom from knocking the tower over? Probably both held by the same person...