@f0x Oh, how come? Are they problematic?
@f0x Ah thank you, I will look through these. Do you know of any alternatives that offer similar features?
@dumpsterqueer most of their features are exactly the problem, and aren't needed. They centralize the internet, and it gives them a huge capability for control and surveillance
@dumpsterqueer I would rather recommend spinning up a (cheap) vps for that purpose, I have a similar setup for pixie.town, with a 3$ Hetzner vps that takes all the traffic, and sends it to my server at home over a wireguard vpn (<3 wireguard), which is also used to proxy the outwards traffic.
Nginx is ran on the vps which could also do the user-agent filtering, and the vps provider almost certainly has adequate ddos protection
@dumpsterqueer sure, yeah, it could be hosted at trusted rackspace/server coops etc
it's also a lot less centralized and vendor-locked-in, because this setup would work on literally any random vps
@f0x mmm I read some of the sources. I didn't realize Cloudflare decrypts and re-encrypts traffic going through it, so they can analyze it. Holy shit. But now I think about it it's like well yeah, how else would a CDN work?
I'll start looking into moving away from them asap cuz that's a huge privacy issue
@f0x how do you do the user agent filtering with nginx?
@ella personally never did that, but shouldn't be too hard, and done with maps rather than if's from what I see
@f0x Hmm, but then you have to trust the vps provider right? Doesn't that amount to more or less the same trust you have to put in Cloudflare? Not trying to be argumentative btw, just trying to understand the pros and cons.
The wireguard vpn hop is a nice idea, I like that..