57
What do y’all think about Cloudflare? (fedioasis.cc)
submitted 2 months ago* (last edited 2 months ago) by Cantaloupe@fedioasis.cc to c/asklemmy@lemmy.world
41 comments fedilink hide all child comments

Both Lemmy.world and my server rely upon Cloudflare for SSL, DDOS protection, CDN services, etc. I use it to provide me with a Cloudflare tunnel to get around not being able to forward ports.

Outages have put this dependance to question, and the same with recent news about the US government obtaining data through subpoenas. It’s a free service that takes care of many of the difficulties when it comes to hosting your service online, but everyone knows that free is not free.

What do you all think about Cloudflare?

all 42 comments
sorted by: hot top controversial new old
[-] hexagonwin@lemmy.today 22 points 2 months ago

it's making the internet centralized and proprietary, i hate it. i do understand how it's a very easy option for website operators struggling against malicious bots though.

[-] dparticiple@sh.itjust.works 17 points 2 months ago

Dev here, building a public SaaS app. I'm aware of the centralization arguments, but CF seems to be the least worst of all the options in terms of alternatives. CAPTCHAs are awful, and I can't put up my own multi-Tbps DDOS buffer. I also regularly access my own resources from behind multiple VPNs; other than having to click the human button it doesn't consign me to an evening of identifying traffic lights.

[-] OwOarchist@pawb.social 7 points 2 months ago

The ones that require traffic lights and shit never seem to work properly for me. They always make me do an endless repetition of them, going through dozens and dozens before it finally, maybe lets me see the website I was trying to get to.

Maybe I'm just not human enough?

[-] MonkderVierte@lemmy.zip 1 points 2 months ago* (last edited 2 months ago)

What, LLM scrapers still don't solve captchas, despite being better at them than humans? How come?

[-] Brkdncr@lemmy.world 11 points 2 months ago

It’s a great service and it works mostly well. The internet is a little bit better because of them.

It’s also optional and simple to transition away from since they don’t host your environment.

[-] naught101@lemmy.world 11 points 2 months ago

Isn't Cloudflare more like the thin horizontal block above that one?

[-] joyjoy@lemmy.zip 5 points 2 months ago

That and AWS US-East

[-] panda_abyss@lemmy.ca 4 points 2 months ago

Decent idea, but too much power centralized to one company.

[-] DeathByBigSad@sh.itjust.works 4 points 2 months ago

Easy fix, just ban the act of DDoSsing... duh 🙄

/j

[-] glimse@lemmy.world 7 points 2 months ago

Stupid solution. Criminals don't care if something is banned.

What they need to do is ban reporting on them. Can't be a problem if there's no record of it ever happening

[-] DeathByBigSad@sh.itjust.works 3 points 2 months ago

Police makes police reports. Ban the police! 😏

[-] irelephant@lemmy.dbzer0.com 2 points 2 months ago

The modern Internet would be way worse without it, but it still sucks how centralized it is.

[-] RickyRigatoni@piefed.zip 2 points 2 months ago

I literally can not see most images from lemmy.zip because of the cloudfare craptcha.

[-] zikzak025@lemmy.world 0 points 2 months ago

Is that what it is? I thought it was just my app being weird, but then I see similar stuff in the browser, too.

[-] RickyRigatoni@piefed.zip 1 points 2 months ago

If you use your web browser for lemmy, find a .zip post and try to view the image directly when it resuses to load. You'll immediately get a cloudfare craptcha and then for that session lemmy.zip images will be more willing to work

[-] zikzak025@lemmy.world 0 points 2 months ago

Doesn't seem to do anything with Alexandrite, does Photon fare any better?

[-] RickyRigatoni@piefed.zip 1 points 2 months ago

I don't think there are any workarounds for the apps. Cloudfare uses sessions that also take what client you're using into account. I more of said that comment so anyone can see the proof for themselves.

[-] ada@piefed.blahaj.zone 2 points 2 months ago

Proprietary centralisation and gatekeeping of the internet, built by a profit first company that actively and deliberately protected nazis and kiwifarms until it became financially harmful for them to continue to do so.

They can fuck right off.

[-] coolfission@lemmy.world 1 points 2 months ago

Cloudflare isn’t profitable according to their quarterly earnings reports.

[-] billbasher@lemmy.world 1 points 2 months ago

I use Hostinger but it isn’t free, $1.99/mo deal at the moment, normally like 13. It does blocking like cloudflare. AI scraping blocking too

[-] Zwuzelmaus@feddit.org 1 points 2 months ago

Cloudflare is one of the secret ruling parties of the internet.

I don't understand why so many Americans like to use it, even the ones who tend to think liberal and go for self hosting.

[-] msage@programming.dev 0 points 2 months ago

What are the alternatives?

[-] Raptorox@sh.itjust.works -1 points 2 months ago* (last edited 2 months ago)

Letsencrypt for SSL, ~~fail2ban for ddos protection,~~ literally just a disk for cdn.

[-] msage@programming.dev 1 points 2 months ago

Does fail2ban actually help?

In a strong enough DDOS, you need someone before you to stop the traffic, at which point you either have a good provider, or have to submit to someone bigger than you.

[-] Buelldozer@lemmy.today 1 points 2 months ago

F2B for ddos protection?! You have absolutely no idea what you're doing. At all.

[-] arudesalad@piefed.ca 1 points 2 months ago

This is probably why so many people use cloudflare. Similarly to discord, their serivices can be found on several different platforms but they are the only ones who offer all of them for free.

[-] faythofdragons@piefed.social 1 points 2 months ago

It keeps blocking my VPN, which is highly irritating.

[-] Oberyn@lemmy.world 1 points 2 months ago

Bane of my existence as obligate VPN user

[-] Bazoogle@lemmy.world 1 points 2 months ago

This image is inaccurate, because it suggests Cloudflare is a small block. The original xkcd makes more sense, because it is a project run by a single person. To represent Cloudflare, it should be a huge block given it's a very large company with a market cap of $69 billion.

[-] MuttMutt@lemmy.world 1 points 2 months ago

I use it for a couple websites. I'm a geek and can make things work software wise but I'm absolutely not a programmer, I just don't really grasp a lot of it. Give me some hardware and I can build whatever but I digress. Cloudflare has prevented a bunch of attacks on my sites and the caching function is helping stave off switching to a VPS for now.

It can be a PITA if you don't have native IPv6 and use Hurricane Electric's IPv6 tunnel broker. A lot of sites that are hooked into cloudflare and some other similar services pop up captcha's every visit or just pain don't function correctly. I'm going to switch to Route64 as an alternative to HE, they only provide a /56 vs a /48 but it's not like I'm going to need that many /64's at this point.

[-] chicken@lemmy.dbzer0.com 1 points 2 months ago* (last edited 2 months ago)

It's a free way to get a reverse proxy for a self hosted website and not expose your home IP and avoid attacks, so kind of hard to pass up tbh.

[-] Clearwater@lemmy.world 1 points 2 months ago

I used to use them, but found that since I'm only hosting for myself, I just don't benefit much (if at all) from their services. The only thing that was actually doing any amount of work was Tunnel (similar to you, I can't forward ports).

Their service decrypts/snoops on your traffic by nature, and while my traffic is mostly just updating todo lists, taking notes, and backing up photos, I also sync my keepass database and in general just don't want my data snooped on.

I've since rolled my own Tunnel equivalent with frp on a VPS and have completely dropped CF.

[-] 7fb2adfb45bafcc01c80@lemmy.world 1 points 2 months ago

/rant on I think CloudFlare is the direct result of the enshitififcation of development work.

People write an insecure app in Express/Flask/whatever, deploy it to the internet, then bolt on Cloudflare as a WAF and add Datadog because they have no idea what's happening under the hood or limited themselves with their up-front choices.

This is marketed as progress. /rant off

But there are valid use cases like you mentioned. And it's the enshitifed sites that fund that free tier.

There's some irony about the Fediverse going through a centralized service, but I don't know of a better free answer. A cheap answer might be a VPS with Caddy and automatic Lets Encrypt, but it's not turnkey.

[-] Jack@lemmy.ca 1 points 2 months ago

Lemmy.ca moving from Cloudflare to Deflect.ca.

[-] greenbit@lemmy.zip 1 points 2 months ago

In addition to the tech reasons mentioned, the click here checkbox is just a fucking infuriating interruption

[-] pressanykeynow@lemmy.world 0 points 2 months ago

More infuriating than captcha?

[-] greenbit@lemmy.zip 0 points 2 months ago

No but we need to get rid of all types

[-] pressanykeynow@lemmy.world 0 points 2 months ago

How are you planning to do it? It's typically used as a defence against bots which are becoming more of problem not less. What you describe is Cloudflare's managed challenge, most of the time it doesn't even need you to click anything because you already clicked somewhere else.

[-] greenbit@lemmy.zip 0 points 2 months ago

Ideally a human user wouldn't have to encounter such a system at all

[-] pressanykeynow@lemmy.world 0 points 2 months ago

In your ideal world it means that you are tracked between websites. It's mostly how it works now.

[-] greenbit@lemmy.zip 1 points 2 months ago

Nah, the solution should just be done in the background. Invisible and not a forced interaction

this post was submitted on 16 Feb 2026
57 points (95.2% liked)

Ask Lemmy

39245 readers
358 users here now

A Fediverse community for open-ended, thought provoking questions

Rules: (interactive)

1) Be nice and; have funDoxxing, trolling, sealioning, racism, toxicity and dog-whistling are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them

2) All posts must end with a '?'This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?

3) No spamPlease do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.

4) NSFW is okay, within reasonJust remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com. NSFW comments should be restricted to posts tagged [NSFW].

5) This is not a support community.
It is not a place for 'how do I?', type questions. If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.

6) No US Politics.
Please don't post about current US Politics. If you need to do this, try !politicaldiscussion@lemmy.world or !askusa@discuss.online

Reminder: The terms of service apply here too.

Partnered Communities:

Tech Support

No Stupid Questions

You Should Know

Reddit

Jokes

Ask Ouija

Logo design credit goes to: tubbadu

founded 2 years ago
MODERATORS
candyman337@lemmy.world
Bluetreefrog@lemmy.world
TheSaneWriter@lemm.ee
TheSaneWriter@lemmy.thesanewriter.com
candyman337@sh.itjust.works
Asudox@lemmy.world
lemmy_bot@lemmy.world
beefbaby182@lemmy.world
ModeratorCan@lemmy.world
neidu3@sh.itjust.works
asudox@lemmy.asudox.dev