Cloudflare is bad. Youre right.

Kuvwert@lemm.ee to Selfhosted@lemmy.world – 291 points –

Centralization is bad for everyone everywhere.

That bring said... I just moved my homeserver to another city... and I plugged in the power, then I plugged in the ethernet, and that was the whole shebang.

Tunnels made it very easy. No port forwarding no dns configuration no firewall fiddling no nothing.

Why do they have to make it so so easy...

153

You are viewing a single comment
View all commentsShow the parent comment

Yes, but it does expose your own IP address and thus where you live. Tunnels don't.

True, but the downside of cloudflare is that they are a reverse proxy and can see all your https traffic unencrypted.

Yes, but if you host a public site it might be a better option, the content is public anyway, and you won't get doxed if you publish something controversial. It's a trade-off, between keeping traffic private or keeping your IP private. Wireguard works best for private traffic, but you can't host a public site with that.

Wireguard works best for private traffic, but you can't host a public site with that.

Of course you can! Nginx and wireguard on a VPS and actual services wherever you want.

1 more...

Your IP changes all the time, it doesn't matter. The best someone can deduct from your IP is the country.

This is false. Some ISP's change IP's often, but some don't and sometimes geoip lookups can be really accurate. My IP has remained the same since I moved in, and a geoip lookup results in a coordinate less than a kilometer away. It does matter.

I guess you live in a country with loads of spare IP addresses. Here in the UK they change every few days and IPs get rotated between all ISPs, so you can't even deduct which ISP I'm using. And sometimes my IP is not even a mainland UK IP, but some weird shit from across the world, because Empire, lol.

When looking up my static ip, the location I get is the one of my ISP, not my address. Do you happen to live nearby some central infrastructure of your ISP? (If it seems otherwise, I'm not trying to debunk what you said - I'm just asking curious questions!)

Yes, it seems to be a hit or a miss. I don't think I live near any central infrastructure or ISP, especially not this specific part of the city.

@qaz @Aux now you’ve just exposed where you live not your ipaddress. Nobody would have thought it was that close now they do.

@qaz @Darkassassin07 what are you even saying? Ip address doesn’t expose where you live. And better get off the internet right now if your concern is exposing your ip cause it was never secret to begin with.
Tunnels stop you from opening a port so nothing is exposed openly to the internet but it does not keep your ip private.

Ip address doesn’t expose where you live.

https://letmegooglethat.com/?q=geoip+lookup

Tunnels stop you from opening a port so nothing is exposed openly to the internet^1^ but it does not keep your ip private^2^.

This is also incorrect.

  1. The entire purpose of CF tunnels is to expose sites on the internet
  2. CF tunnels (and services like it e.g. ngrok) rely on shared proxy servers that forward traffic based on HTTP host headers (which is why you can't forward arbitrary TCP traffic). The IP of the site will therefore have the shared IP of the company's proxy server instead of your own.

How do you imagine that geoblocking content works if IP addresses don't expose where you live?

And better get off the internet right now if your concern is exposing your ip cause it was never secret to begin with.

qaz could be using any of dozens of different methods to obfuscate their IP from the wider internet to write their comment, Tor or a VPN to name just a couple.

1 more...