I don't see the need to vilify Cloudflare. So far, they have shown nothing but respect towards net neutrality, fighting against bad internet practices (like Google), and even standing up to ISPs and governments to protect their users, whether they're pirates or not.
They have been around long enough (10+ years) to let you judge them and their services through their actions, not rumours.
They are a good company, but that's not the problem. The problem is the internet is increasingly got centralized behind them, to the point of blocking their IP addresses (or when they have an outage) broke a significant chunk of the internet. Also, once they control a significant chunk of internet, what's stopping them from turning shitty like google (which famously started with a "don't be evil" motto)? At that point it's probably too late to decentralize the internet again.
Centralization is an issue, but it's not Cloudflare to blame, it's the ISPs and governing bodies. Consider this: who's the one who initiated the initial block in the first place?
You only see one side of the coin (government broke a huge swath of the internet by blocking cloudlare's IP addresses). Now consider the other side of the same coin: when cloudlare decided it doesn't like your IP address, suddenly you're blocked from accessing a huge swath of the internet. This isn't hypothetical either. It's already happening in places with IPv4 scarcities which forced ISP to put their customers behind CGNAT. Cloudlare see this as a single IP address generating huge amount of requests, and when it blocked that IP address, suddenly a huge amount of people are blocked from accessing a huge part of the internet and instead get the dreaded captcha hell. People from US and Europe haven't seen this issue too often because they have disproportionate amount of IPv4 allocation compared to the rest of the world, but if you want to have a taste of what it's like running afoul with cloudlare, just use TOR or a cheap/free VPN and see how many sites suddenly become inaccessible due to cloudflare deny rule.
I employ VPN, TOR, and additionally, I manage sites utilizing CloudFlare. I can tell you this much: There aren't many alternative services that safeguard your website and gather statistics while respecting the privacy of the end user. CloudFlare even provides onion routes for TOR users, which I've naturally activated for my website. Thus, the issue doesn't rest with CloudFlare; it's a tool. The true issue lies with the webmasters abusing their power and using overzealous rulesets.
They could easily apply the same rulesets by utilizing nginx to proxy the traffic and implementing blocks on their side, avoiding CloudFlare altogether. The only distinction would be the increased expenses and a different host, nothing more.
There aren't many alternative services that safeguard your website and gather statistics while respecting the privacy of the end user.
Well, there's the issue. Cloudflare is hostile to user privacy, they are gathering as much data as Google and they try to gain a monopoly on all kinds of web hosting. They are the definition on an evil company.
That's not true at all, though. I can see only the basic information, such as:
Page load time
Number of visitors per country
Browser header and user agent
Referral (if any)
That's all there is to it. I don't have access to IP addresses, location data, or behavioural information. I only have access to the necessary information that enables my website to function seamlessly.
I don't have access to IP addresses, location data, or behavioural information. I only have access to the necessary information that enables my website to function seamlessly.
You do not, but Cloudflare does because they collect everything.
Look, I get where you're coming from, but saying Cloudflare collects everything just because they have some access to data is a bit of a stretch. Sure, they might have some data for security and optimization, but that doesn't mean they're hoarding every little detail about users. They're more like the bouncer at the club, keeping an eye on things without memorizing everyone's life story. So, while they might have a bit of info, calling it "collecting everything" is like saying a bouncer knows everything about the party – it's just not the case.
I get your point, you like the easy and convenient hosting that Cloudflare offers. I wouldn't feel comfortable logging into a website that's behind Cloudflare because they see everything. Including login credentials you submit. That's why I try to avoid CDNs (not just Cloudflare) in general. Also, what really annoys me is how Cloudflare treats VPN and Tor users. You need to solve 5 million different restarted CAPTCHAs. This is in my opinion user-hostile. I don't do anything bad, I am just a regular user looking to protect my privacy and not expose my true IP and location by using a VPN.
Your IP address is not worth their storage costs.
Why do ISPs, CDNs and other digital service providers store all kinds of data then? Not just IP addresses, also a whole bunch of other data and/or metadata.
Centralization is likely the unintended end result of the internet. Consider a mesh network where all the links have even throughput. Now suddenly one node has some content that goes viral. Everyone wants to access that data. Suddenly that node needs to support a link that’s much wider because everyone’s requests accumulate there.
Someone goes and upgrades that link. Well now they can serve many more other nodes so they start advertising to put others' viral information on the node with larger link.
I don't see the need to vilify Cloudflare. So far, they have shown nothing but respect towards net neutrality, fighting against bad internet practices (like Google), and even standing up to ISPs and governments to protect their users, whether they're pirates or not.
They have been around long enough (10+ years) to let you judge them and their services through their actions, not rumours.
They are a good company, but that's not the problem. The problem is the internet is increasingly got centralized behind them, to the point of blocking their IP addresses (or when they have an outage) broke a significant chunk of the internet. Also, once they control a significant chunk of internet, what's stopping them from turning shitty like google (which famously started with a "don't be evil" motto)? At that point it's probably too late to decentralize the internet again.
Centralization is an issue, but it's not Cloudflare to blame, it's the ISPs and governing bodies. Consider this: who's the one who initiated the initial block in the first place?
You only see one side of the coin (government broke a huge swath of the internet by blocking cloudlare's IP addresses). Now consider the other side of the same coin: when cloudlare decided it doesn't like your IP address, suddenly you're blocked from accessing a huge swath of the internet. This isn't hypothetical either. It's already happening in places with IPv4 scarcities which forced ISP to put their customers behind CGNAT. Cloudlare see this as a single IP address generating huge amount of requests, and when it blocked that IP address, suddenly a huge amount of people are blocked from accessing a huge part of the internet and instead get the dreaded captcha hell. People from US and Europe haven't seen this issue too often because they have disproportionate amount of IPv4 allocation compared to the rest of the world, but if you want to have a taste of what it's like running afoul with cloudlare, just use TOR or a cheap/free VPN and see how many sites suddenly become inaccessible due to cloudflare deny rule.
I employ VPN, TOR, and additionally, I manage sites utilizing CloudFlare. I can tell you this much: There aren't many alternative services that safeguard your website and gather statistics while respecting the privacy of the end user. CloudFlare even provides onion routes for TOR users, which I've naturally activated for my website. Thus, the issue doesn't rest with CloudFlare; it's a tool. The true issue lies with the webmasters abusing their power and using overzealous rulesets.
They could easily apply the same rulesets by utilizing nginx to proxy the traffic and implementing blocks on their side, avoiding CloudFlare altogether. The only distinction would be the increased expenses and a different host, nothing more.
Well, there's the issue. Cloudflare is hostile to user privacy, they are gathering as much data as Google and they try to gain a monopoly on all kinds of web hosting. They are the definition on an evil company.
That's not true at all, though. I can see only the basic information, such as:
That's all there is to it. I don't have access to IP addresses, location data, or behavioural information. I only have access to the necessary information that enables my website to function seamlessly.
You do not, but Cloudflare does because they collect everything.
Look, I get where you're coming from, but saying Cloudflare collects everything just because they have some access to data is a bit of a stretch. Sure, they might have some data for security and optimization, but that doesn't mean they're hoarding every little detail about users. They're more like the bouncer at the club, keeping an eye on things without memorizing everyone's life story. So, while they might have a bit of info, calling it "collecting everything" is like saying a bouncer knows everything about the party – it's just not the case.
I get your point, you like the easy and convenient hosting that Cloudflare offers. I wouldn't feel comfortable logging into a website that's behind Cloudflare because they see everything. Including login credentials you submit. That's why I try to avoid CDNs (not just Cloudflare) in general. Also, what really annoys me is how Cloudflare treats VPN and Tor users. You need to solve 5 million different restarted CAPTCHAs. This is in my opinion user-hostile. I don't do anything bad, I am just a regular user looking to protect my privacy and not expose my true IP and location by using a VPN.
Your IP address is not worth their storage costs.
Why do ISPs, CDNs and other digital service providers store all kinds of data then? Not just IP addresses, also a whole bunch of other data and/or metadata.
Centralization is likely the unintended end result of the internet. Consider a mesh network where all the links have even throughput. Now suddenly one node has some content that goes viral. Everyone wants to access that data. Suddenly that node needs to support a link that’s much wider because everyone’s requests accumulate there.
Someone goes and upgrades that link. Well now they can serve many more other nodes so they start advertising to put others' viral information on the node with larger link.