If you set up a website with cloudflare, their user interface has a lot of tracking stuff on by default to be injected into it. It also encourages you to use their https service where the traffic is not actually encrypted from the user to your server, but man-in-the-middle’d by cloudflare. But the interface makes it super easy to do and refers to it like a good and normal default option.
So yeah I think they really want your data.
I accedently turned on the orange cloud and mitm myself accedently. It was later some day when I checked my SSL cert that I found google certificate instead of let’s encrypt that I realized the traffic is not terminating at my server.
Thanks for the info about HTTPS. I have used it a lot in the past, since its so incredibly easy and reliable
Good luck reaching websites 😂
You won’t be able to access 22% of websites, among them many of the largest ones.
Yupp it sucks.
But it does kind of reaffirm that it most likely is collecting just as much data as google. I hate cloudflare and don’t understand why the rest of the world wants to be so dependent on a US ran technology firm after waves arms all this
I agree - there definitely would need to be many more reverse proxy services, because the current dominance of just a handful is making the internet brittle in ways it wasn’t before.
Including .world lol
And nothing of value would be lost.
Hahaha.
Lots of stuff breaks when you block cloudflare so a better way to avoid its data collection is to use a vpn and clear your browsing data.
Is this even the privacy forum? A lot of people here implying OP should consent to the spying for better service. Cloudflare absolutely does gather as much as Google, and with much deeper access. If you can go without those websites, then block Cloudflare.
Doesn’t Lemmy go down when Cloudflare goes down? Are you currently blocking CF?
So it looks like I’m only blocking subdomains for the challenges, ajax, and some other CDN stuff. I could try blocking the whole domain for a while and see what happens. It will probably result in the same access since I blocked challenges.
I block cloudflareinsights.com which my lemmy instance seems to be using lol.
I have not had that one come up on my logs yet.
Privacy policies doesnt mean anything, if it’s a US based company. Doesnt matter if the servers are in the EU. They steal it anyway.
Look US Cloud Act.
I am of the habit that I block it globally on the browser. Until perhaps a website that I have to use needs it.
