So Cloudflare MtM for websites which logs ip . Bad
But doesn’t everyone log IP ? If not cloudflare then the hosting company? Aren’t this a client side issue ? I.e use a VPN.
What would be an option to cloudflare? Existence of any hosting provider that is a good option? Looking at moving to githubpages once my paid hosting expires in a year
How will Wei and cloudflare happen/do/enforce?
CloudFlare is the company that provides CDN and security services so useful to so many customers that they now sit between you and half of the internet, monitoring and monetizing all your traffic and preventing you from accessing anything from TOR exit nodes because they so decided without any oversight - or if you’re lucky, they let you through if you solve captcha after captcha until you’re tired and you give up.
This company is the Google of the internet’s bowels: it’s an ultra-invasive, de-facto big data monopoly that doesn’t draw enough attention to the vastly excessive power it has over just about everybody online and the data it possesses on everybody.
And just like Google, their entire business model revolves around grabbing as much control over the internet as possible by offering products so good that everybody wants them, until there is no competition and no escaping them.
Cloudflare acts as a CDN (content distribution network) and bandwidth proxy for websites allowing them to scale out to more concurrent users then their internal hosting could handle on its own.
As part of this CDN and bandwidth proxy service cloudflare can make content faster to people globally via content caching at cloudflare data centers. Cloud flare helps websites defend against denial of service attacks by keeping those attacks from reaching the internal hosting.
Cloud flare is very popular because they are very good at what they do, and inexpensive for small sites. Because of their popularity they have unparalleled visibility into all internet traffic. In some respects CloudFlare is the internet! That means cloudflare can track most users across most websites throughout the day, they have perfect visibility into most internet traffic.
Some people are uncomfortable with a single entity having so much concentrated information. It is a concern.
If you use a VPN cloudflare still gets to inspect your cookies, and depending on site configuration, block VPNs entirely. In fact, cloudflare is one of the single biggest blockers/hurdles for using TOR as a web browser.
Alternatives to cloudflare include:
- No CDN, host directly.
- Use a different CDN
- Use a hosting platform that has their own CDN built in (such as github).
So based on the issues above , and since I’m going the way of static websites , I will skip cloudflare.
The technical VPN/TOR issues are just a toggle on cloudflare. Not sure what default is though.
But ideologically I guess step away from them based on their monolithic influence. I guess any options for a proper WAF is paying or selfhosting. Neither in my interest . But correct headers and security setting should be enough.