15

Hey guys, For my home server I am using a Cloudflare domain name to access it, but I noticed today that my connections are secured using the Google Trust Services LLC certs, rather than the Let's Encrypt certs Nginx Proxy Manager uses.. so I'm assuming that cloudflare is having a ball sniffing all my traffic before forwarding my requests to my server...

Is there a way around this? Do other registrars do this??

Thanks!

you are viewing a single comment's thread
view the rest of the comments
[-] brygphilomena@lemmy.world 19 points 1 year ago

Are you using cloudflares protection or proxy? That orange toggle next to the a record?

If so, then cloudflare is acting as a middle man and will use their SSL certs.

[-] beppi@sh.itjust.works 5 points 1 year ago* (last edited 1 year ago)

Ohhh wow I can't believe I forgot about that, I feel so dumb hahaha.

Are there any benefits to keeping this switched on? Other than than the security I mean, is the tradeoff between privacy and security worth it in your opinion?

[-] brygphilomena@lemmy.world 7 points 1 year ago

That's something you'd have to decide in your threat model.

Do you think cloudflare, which is trusted by many, many large organizations would do anything malicious with your traffic? It's unlikely, but if that is something your concerned about them turn it off. I don't think for most self hosted services it's necessary but I also don't think it matters either way.

[-] beppi@sh.itjust.works 2 points 1 year ago

Good point, I'll leave it on then. Thanks for your help!

this post was submitted on 18 Aug 2023
15 points (82.6% liked)

Selfhosted

40767 readers
1625 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS