maybe it's a bad idea to put the entirety of the backbone of the internet on one or two private companies.
this post was submitted on 18 Nov 2025
191 points (99.5% liked)
Technology
40730 readers
420 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 3 years ago
MODERATORS
Cloudflare's dominance is a huge problem exactly for this reason. Having a single point of failure is a huge risk, and it's surprising that governments don't view this as being a matter of national security.
As a side note, and not to "well ackshully", but Cloudflare isn't a backbone provider. But your point still stands lol.
they dont because they have no clue about anything technological.
Not only because it's a single point of failure, but also because it's a single point of surveillance.
Cloudflare can read and even modify the communications everyone has with sites behind its HTTPS service. And it can monitor people's browsing through its DNS-over-HTTP service. And it can fingerprint people's browsers through any of its services that use JavaScript, such as its CAPTCHA-like thing.
It’s blows my mind that it’s so obviously bad to do and yet here we are
Also the irony that some "is it down"-detectors using Cloudflare are also down.
Who's willing to bet it's DNS ?
not Lupus?
Pretty quiet on lemmy without .world and .ca and whatever else. I'm glad to see beehaw still up.
Glad to see it doesn't use cloudflare.
All three instances I have accounts on use CF. I was beginning to think it was my client I was using or they suddenly implemented the “Great Firewall of USA” and figured out a way to block Lemmy instances.
Blahaj here too!
Also .radio . They're fantastic.
both lemmy.world and lemmy.ca are working for me right now? Maybe they've come back up.
The status page is overloaded and just gives http 504 errors. Kind of ironic that a cdn provider gets that type of error.
Works for me now as well. I guess it was a temporary thing. Still not something you would expect.
Even though I don't host anything important, I'm still glad I found alternative ways to hosting my own stuff without the use of any of Cloudflare services.
I've noticed over time that the self-hosted communities have been suggesting Cloudflare Tunnels less and less since Trump and his gang took over America. Maybe this latest outage will push more people to not recommend Cloudflare again in the future.
I still remember when I first got into self-hosting and being mocked pretty hard for questioning the use of such a large centralized service like Cloudflare. I'm glad I persisted and kept learning in my own direction but that still was very demotivating at the time.
I think the only thing that is very had to replicate from cloudflares ia ddos protection since they take the hit instead.
True.
My self-hosting strategy is wildly alternative and not one I speak much about publicly. I'm the only person connecting to my own domain so as long as I continue to practice shutting the fuck up, I can get away with using multiple layers of obscurity rather than fiddling with third party solutions.
I check my logs daily and the only activity I ever see is my own. Since I am not hosting anything critical or sensitive, I have the opportunity to experiment this way without much risk to myself.
The way I'm set up, I am not concerned with DDOS attacks because it would fail to get past the Dynamic DNS. If I were hosting a social media platform or something more public, then I would need to take stronger measures to protect myself and that data.
The only thing I use CloudFlare for is encrypted DNS stuffs, other suggestions for this?
Currently I'm using DeSec.io for my Dynamic DNS and Caddy as my reverse proxy to automatically handle encryption certificates. It takes a little extra effort setting up a DeSec.io module with Caddy but since I got it working, it's been essentially zero maintenance.
Thanks for the rec, I'll have a gander, and try it out next day I have free!
Europe, pleeeeaaaasssseee! Get off of this infra!
It is not just Europe the entire world should stop using American companies for everything. Amazon, Microsoft, and cloudflare. A big portion of the internet is US dependent. Russia and China seem to realize how big of an issue this is, Europe still too dependent.
I think they're starting to realize it, a lot of European govt agencies have been migrating from Windows to Linux distros
sure, i'm with you. i just happen to be in Europe.
I'm willing to move away from cloudflare if only I can expose servers without a global IP and needing to open port on the router side. Do anybody know how to do this?
Or maybe I should move to somewhere I can setup port-forwarding?
VPS+VPN, this is what I do.
VPS has public IP and runs WireGuard "server"* and a reverse proxy (and fail2ban...). Reverse proxy points to my home computer over the WireGuard link. No open ports on my home router.
For private facing/LAN-only services I just don't have an entry in the VPS reverse proxy. DNS on the router points everything to my local server, so if at home I access everything directly. To access internal services remotely requires VPN (i.e., WireGuard to the VPS).
Works well; I have a tiny free tier VPS but even so, no complaints.
*Yes I know there are no wg clients or servers, only peers, but it plays a server-likr role.
I've been thinking about this setup but it depends on external server after all...
Yes, but you can run multiple VPS, from different providers, simultaneously.
What I like is that while it does depend on an external provider, it doesn't depend on a specific external provider. Any VPS with a public IPv4 would work.
I wish I could afford multiple VPS
If you search around you might find free ones. Oracle has/had a free tier (though it's Oracle, so...).
Maybe Pangolin is what you are looking for.
So it's basically the same as what https://startrek.website/u/qjkxbmwvz described above ... but with extra security features?
Just use wire guard. This is what tunnels is and this is what tail scale uses
Ahhhh, feels so good to be proven correct.
Stop using centralised services, especially botnet like ones that protect fascist harassers.
Had to get that account back as piefed.zip, piefed.social and lemmy.zip cannot be accessed.
Cool to see other people still able to access the Threadiverse
Ye we're not relying on cloudflare for precisely this reason.So much of the "decentralized" internet just got brought down by one providing failing.
Thank you as always for your service!
Edit: surprisingly https://anarchist.nexus/ seems to use CF
shakes fist tenchikeeeeeeeeen!!!
😄
ikr signing into my slrpnk.net account was like going to an old home I hadn't been in for a while.
No issue on slrpnk.net
load more comments
(2 replies)
I should really move my domains away from CloudFlare....
T-thanks cloudflare!!!
Gotta get 1 of our 5 a day in :3
Ah, the famous service that is too big to ever fail, fails again…