There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

Cloudflare is bad. Youre right.

Centralization is bad for everyone everywhere.

That bring said… I just moved my homeserver to another city… and I plugged in the power, then I plugged in the ethernet, and that was the whole shebang.

Tunnels made it very easy. No port forwarding no dns configuration no firewall fiddling no nothing.

Why do they have to make it so so easy…

Kyouki ,

I am out of the loop, what’s going in with snooping?

I use their cloudflared tunnel sometimes for accessing home hosted stuff.

slazer2au ,

Because Cloudflare acts as a reverse proxy it can see everything that happens in a session.
This is also known as a man in the middle attack. But Cloudflare meds to do this in order to do it’s checks for bad actors.

Now, as Cloudflare has access to the unencrypted traffic and we know that NSA is all about data vacuuming due to the Snowdn leaks we can make a tin foil hat guess whaylt goes on.

ramble81 ,

Just note, OP, that the last part of his statement is pure speculation. The first part is technically true, which can lead to that inference, but no information has been released which corroborates it. However, that does not mean it’s not possible.

slazer2au ,

This is true. Which is why I said tinfoil hat guess.

h3ndrik , (edited )

Though those leaks showed they actually did it on a large scale. I don’t think they stopped for some arbitrary reason. Why would they? And technology developed further, surveillance is only getting easier. I’d say even without a tin-foil hat on, it’s more likely they do it than not.

Auli ,

@ramble81 @slazer2au sure but they had PRISM to think they are still not doing something like that is absurd. We know they’re doing it and cloudflare would be a perfect target.

Kyouki ,

Thank you!

IphtashuFitz ,

I don’t understand why Cloudflare gets bashed so much over this… EVERY CDN out there does exactly the same thing. It’s how CDN’s work. Whether it’s Akamai, AWS, Google Cloud CDN, Fastly, Microsoft Azure CDN, or some other provider, they all do the same thing. In order to operate properly they need access to unencrypted content so that they can determine how to cache it properly and serve it from those caches instead of always going back to your origin server.

My employer uses both Akamai and AWS, and we’re well aware of this fact and what it means.

nutbutter ,

I have written a small blog post about how to Bypass CGNAT, and have also mentioned why you should not use Cloudflare if you are hosting for privacy.

nerdschleife ,

I use cloud flare tunnel for my home server too. Are there any viable and somewhat easy alternatives?

ANIMATEK ,

DynDNS? I’m not 100% sure what CF Tunnel does, but from my 2 min reading it seems that DynDNS would accomplish what OP described just as well.

f2sfljLhdtTZ ,

It might help to read it once more then 🙂

jjlinux ,

Oh, it’s way more than what any dyndns can do.

exu ,

Get a cheap VPS and set up a VPN of your choice.

cmnybo ,

Just make sure the VPS will shut down if the bandwidth is exceeded rather than giving you a big overage charge.

Audalin ,

Once configured, Tor Hidden Services also just work (you may need to use some fresh bridges in certain countries if ISPs block Tor there though). You don’t have to trust any specific third party in this case.

qaz ,

Wouldn’t that be slow?

Audalin ,

It would. But it’s a good option when you have computationally heavy tasks and communication is relatively light.

vzq ,

Yes. Very slow. And only accessible from tor clients or tor2web/onion.to-like constructions. Which adds additional delay and errors.

There are things for which onion addresses are the right solution. This is not one of them.

thefactremains ,

Tailscale funnels

conciselyverbose ,

DNS names are restricted to your tailnet’s domain name (node-name.tailnet-name.ts.net)

I guess that’s fine for some. Not a compromise I’m willing to make though.

Kuvwert OP ,

As soon as I can use my personal domains with tailscale funnel I’ll be switching, I like tail scale a lot

h3ndrik ,

Port forwards in the router + DynDns.

Moonrise2473 ,

also, when you have 5g failover on the router and the fiber it’s down, it automagically continues to work without admin intervention

send_me_your_mommy_milkers ,
@send_me_your_mommy_milkers@lemmy.world avatar

Are there browser plugins (or other solutions) to see if an site uses cloudflare before visting?

LainTrain , (edited )

Is there a way to do reverse tunnels, or something like it, so not opening any ports at all on the network, without cloudflare?

Closest to that XP I got was generating VPN keys and distributing them to close friends, running DDNS (no-ip) on my Pi with a pivpn server and then accessing JellyFin that way.

maiskanzler ,

Rent a VPS, point DNS to it, have it act as central wireguard peer and connect your server(s). Then bridge incoming traffic to server via socat or firewall rules. Done

LainTrain ,

That’s a lot of work. Thanks though.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • random
  • lifeLocal
  • goranko
  • All magazines
    •