I read a comment on here some time ago where the person said they were using cloudflared to expose some of their self-hosted stuff to the Internet so they can access it remotely.

I am currently using it to expose my RSS feed reader, and it works out fine. I also like the simplicity of Cloudflare’s other offerings.

Any thoughts on why cloudflared is not a good idea? What alternatives would you suggest? How easy/difficult are they to setup?

  • Dave@lemmy.nz
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    I’m not quite sure I get what you’re getting at. If you’re using Cloudflare (for more than just a nameserver), then the client’s browser is connecting to Cloudflare via a Cloudflare SSL certificate. Any password (or other data) submitted will be readable by Cloudflare because the encryption is only between the browser and Cloudflare. They then connect to your reverse proxy, which might have SSL or it might be unencrypted. That’s a second jump done by re-encrypting the data.

    How does the reverse proxy help, when the browser is connecting to Cloudflare not to the reverse proxy?

    • keyez@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Fair, I was more thinking from the server side not the client side where cloudflare certs are the ones seen first.