I feel like its a green flag, seeing that cartoon jackal-girl pop up with the magnifying glass for a second.

It’s surely not universally the case but it’s a positive sign to me.

YES

Cloudflare is the SSL/TLS endpoint between you and the application.

When you use Cloudflare, data is encrypted between a client and Cloudflare (using ‘their’ SSL cert), they unencrypt it and inspect so they can process it, caching etc, then it’ can be encrypted between Cloudflare and the backend using your own backend certificate.

So Cloudflare can see everything, its required for them to do what they do

This is such a fundamentally stupid idea in the first place. It proves the legislators are thoughtless morons on the subject.

Yes, lets compell ALL providers to create and maintain very desirable targets (dossiers of user’s personal data and all activity) and also compell access for the incompetent RCMP to get it whenever they like. Let’s also understand that Canada has already passed a law to make sure they can never be held responsible if they fail to properly protect that data on their end.

Oh don’t forget, they don’t mind at all if the providers give them MORE than they ask for, volunarily. Nothing weird about that, I’m sure that explicitly stated and intentionally placed soft spot will never be misused. They are going to take all this data, and shove it into an LLM and then god-knows-what.

I guess now I get serious about I2P and other options to move my activity off the surface web, given that VPNs will be pointless now. And so I need to think about what of my online activity that I can accept the government collecting, understanding that they WILL misuse it and fail to protect it.

I hope Proton goes big-brain and uses that ‘voluntary data’ loop-hole to pollute the data of whatever it is forced to share.

Oh, you definitely got why I’m against Cloudflare…

Cloudflare has bot-mitigation built in, sure. So why would someone Anubis between their app and Cloudflare as it fulfills it’s reverese proxy role, idk. It seemed like that person was trying to explain to me where Anubis was supposed to fit in sequence here. It’s meant for the reverse proxy scenarios specificed in the example (nginx, Caddy, and others)

You are also correct. The “free” DDoS mitigation is an irrelevant argument against the privacy implications of using Cloudflare. Cloudflare isn’t the only DDoS mitigation option.

*BuT iT’s FrEe! *

Is it, really?

Yeah, I accept your apology. Anubis self-hosted and open source. I suppose you COULD use it between Cloudflare and your service, but why WOULD you?

Correct. That is an accurate description of my post.

Cloudflare was the reason why I changed instances, I specifically sought one that used Anubis instead. There is no other reason why I changed instances, this is the lemmy privacy community.