Sad to see. We should all know cloudlfare decrypts our data before it reaches the service it protects. A perfect surveillance man-in-the-middle.
I was happy to find a home in the fediverse that uses Anubis instead.
Was thinking about it incorrectly when I wrote this comment.
If they use SSL/TLS between their host server and Cloudflare, then Cloudflare can’t decrypt your traffic as you’re suggesting.Cloudflare is the SSL/TLS endpoint between you and the application.
When you use Cloudflare, data is encrypted between a client and Cloudflare (using ‘their’ SSL cert), they unencrypt it and inspect so they can process it, caching etc, then it’ can be encrypted between Cloudflare and the backend using your own backend certificate.
So Cloudflare can see everything, its required for them to do what they do
The link you shared is to Anubis, there’s no information on who changed from one instance to another or why., other than your comment about Cloudflare.
Correct. That is an accurate description of my post.
Cloudflare was the reason why I changed instances, I specifically sought one that used Anubis instead. There is no other reason why I changed instances, this is the lemmy privacy community.
Anubis is meant to sit between your reverse proxy (such as Nginx or Caddy) and your target service. One instance of Anubis must be used per service you are protecting.
-–
The company’s services act primarily as a reverse proxy between website visitors and a customer’s hosting provider…
I am sorry, but…
Yeah, I accept your apology. Anubis self-hosted and open source. I suppose you COULD use it between Cloudflare and your service, but why WOULD you?
I accept your apology
Please log out of the internet and don’t come back until you touch some grass and/or get laid
Why? They made an entirely irrelevant comment.
That they’re proxies is not the issue, it’s that with one you have to trust some company with all your traffic, while with the other you can use your own infrastructure.
We’re in the privacy community here, suggesting cloudflare is just rediculous.
Distributed denial-of-service (DDoS) protection…
With 500 Tbps of network capacity, Cloudflare has mitigated some of the largest DDoS attacks ever recorded, without slowing down performance for customers.Website DDoS protection is Free in all application services plans…
It’s not OPs point at all, whether or not Cloudflare is good or best at DDoS protection.
This is like arguing that everyone should only shop on Amazon because they’re cheapest and fastest.
OP asked “why WOULD someone” use it, not why should. I think their question was answered appropriately.
It was only answered appropriately if you ignore the context of the conversation which was a person comparing the two services by showing that they were both reverse proxies while discussing the privacy implications of Cloudflare’s reverse proxy being proprietary and privately hosted.
The person they were replying to was suggesting that there is no difference between Cloudflare and Anubis because they’re both reverse proxies. The fact that Cloudflare owns a bunch of infrastructure to mitigate DDoSs is irrelevant.
Oh, you definitely got why I’m against Cloudflare…
Cloudflare has bot-mitigation built in, sure. So why would someone Anubis between their app and Cloudflare as it fulfills it’s reverese proxy role, idk. It seemed like that person was trying to explain to me where Anubis was supposed to fit in sequence here. It’s meant for the reverse proxy scenarios specificed in the example (nginx, Caddy, and others)
You are also correct. The “free” DDoS mitigation is an irrelevant argument against the privacy implications of using Cloudflare. Cloudflare isn’t the only DDoS mitigation option.
*BuT iT’s FrEe! *
Is it, really?
lemmy.ml also uses Anubis!
I feel like its a green flag, seeing that cartoon jackal-girl pop up with the magnifying glass for a second.
It’s surely not universally the case but it’s a positive sign to me.
