If you set up a website with cloudflare, their user interface has a lot of tracking stuff on by default to be injected into it. It also encourages you to use their https service where the traffic is not actually encrypted from the user to your server, but man-in-the-middle’d by cloudflare. But the interface makes it super easy to do and refers to it like a good and normal default option.
I accedently turned on the orange cloud and mitm myself accedently. It was later some day when I checked my SSL cert that I found google certificate instead of let’s encrypt that I realized the traffic is not terminating at my server.
If you set up a website with cloudflare, their user interface has a lot of tracking stuff on by default to be injected into it. It also encourages you to use their https service where the traffic is not actually encrypted from the user to your server, but man-in-the-middle’d by cloudflare. But the interface makes it super easy to do and refers to it like a good and normal default option.
So yeah I think they really want your data.
I accedently turned on the orange cloud and mitm myself accedently. It was later some day when I checked my SSL cert that I found google certificate instead of let’s encrypt that I realized the traffic is not terminating at my server.
Thanks for the info about HTTPS. I have used it a lot in the past, since its so incredibly easy and reliable