• @pogodem0n@lemmy.world
    link
    fedilink
    English
    4922 days ago

    “Man in the middle”. They are used by a lot of web services as a proxy, usually to prevent DDOS attacks.

    • mox
      link
      fedilink
      English
      2522 days ago

      And when Cloudflare is the proxy for a web site, it’s Cloudflare that provides the HTTPS connection, meaning that you don’t actually have an encrypted channel directly to the site. Cloudflare is the man-in-the-middle eavesdropping on all of your communications with that site. Your bank transactions, your medical records, your personal messages, etc.

        • mox
          link
          fedilink
          English
          521 days ago

          Have you ever tried to visit a web site and found a Cloudflare error page instead? It might have looked like this:

          https://www.webproeducation.org/wp-content/uploads/2020/10/error-524-cloudflare-233e5a08ce8c4d92843b7a841fa7c015.png

          Do you know how they’re able to insert that error page into the response that reaches your browser, even though it’s an https connection and your browser assures you that it’s “secure”?

          Clouldflare is able to do this because they are a middle-man between you and the site. They can eavesdrop and/or alter anything sent or received on that connection.

          • @msage@programming.dev
            link
            fedilink
            English
            121 days ago

            I thought that was for their hosted websites, had no idea whether they even do hosting/cloud infra.

            But yes, I hate them to my core.

      • @commander@lemmings.world
        link
        fedilink
        English
        121 days ago

        Interesting. I’m going to keep this in mind.

        Weird how much of a monopoly cloudflare has on the internet. I guess it’s going to start being an indicator for me for services that have becomes “too big for their britches.”

        • @mac@lemm.ee
          link
          fedilink
          English
          221 days ago

          Small companies use CF as well. It really is one of the best ways to prevent all sorts of bad actors

          • mox
            link
            fedilink
            English
            221 days ago

            One of the easiest, perhaps. Not best. Anything that gives a single entity control over so much of the internet, and positions them to snoop on so much of everyone’s communications, will never be “best”.