• Dessalines@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    3 years ago

    Its a man in the middle that recieves every communication to any server that uses it, including ip addresses, signups, passwords, usernames, all in clear text for them. Since so many servers use it, its a giant aggregator as dangerous as a centralized password store.

    • tmpod@lemmy.ptM
      link
      fedilink
      arrow-up
      0
      ·
      3 years ago

      I use Cloudflare solely for DNS management because I know of other alternative that is remotely close to it… Registrars are usually really awful. I never proxy A records, always pure DNS.

      Quad9 is a great alternative to CF’s 1.1.1.1, but unfortunately they don’t provide a service like that :c

      • Kinetix
        link
        fedilink
        arrow-up
        1
        ·
        3 years ago

        I am guessing you aren’t running any servers anywhere you could do your DNS on?

        • tmpod@lemmy.ptM
          link
          fedilink
          arrow-up
          0
          ·
          3 years ago

          Never considered that as a serious option. What kind of DNS server software would you recommend? What resource footprint does it have (my server is already pretty crowded and I’d like to not get a new one for now)? Does it work well?

          • Kinetix
            link
            fedilink
            arrow-up
            1
            ·
            3 years ago

            Works as flawlessly as anything, but I’d recommend two systems, you want to have at least 2 DNS servers. If two small VPSes doesn’t make sense for you (you hardly need any resources to run powerDNS or BIND), then I wouldn’t go with that option. Was just curious.

            • tmpod@lemmy.ptM
              link
              fedilink
              arrow-up
              0
              ·
              3 years ago

              Yeah, I just read a bit on the topic too and I came across the same thing. Atm I don’t run anything that would justify getting two servers for DNS, so I’d rather rely on a third-party. Thanks for the suggestion though and if you have any good alternatives to CF please let me know :)

              • Kinetix
                link
                fedilink
                arrow-up
                1
                ·
                3 years ago

                Well, I would be loathed to give CF money or data, so since I own domains at a registrar that does “meh, OK” services, if I wasn’t running my own DNS servers I’d just go with them. I would most registrars would provide reasonable DNS services for nothing.

                I use Netfirms, btw, but that’s not necessarily a plug for them.

                • tmpod@lemmy.ptM
                  link
                  fedilink
                  arrow-up
                  0
                  ·
                  3 years ago

                  I see. Yeah, I haven’t had the greatest of experiences with my registrars when it comes to DNS (mainly slow updates and inability to add some types of records). Also, I don’t give CF money nor data really, I use just DNS, no proxying. The distributed nature of DNS makes CF less prone to getting data than it would be otherwise. Do you know any other service similar to CF’s DNS thing?