I hear that both CloudFlare is privacy respectful and that it spies on site visitors (with their CDN). What’s your thoughts on this matter?

  • kevincox
    link
    fedilink
    arrow-up
    5
    ·
    4 years ago

    supposedly breaking the SSL and re-encrypting it with their SSL

    There is no doubt here, this is how basically all CDNs work. You need to see the plaintext request in order to perform caching and most other features that they provide.

    I agree, if the content is very sensitive then you shouldn’t trust a third party. However in practice most companies trust third parties whether that is a hosting provider, analytics or any number of functions that it is easier to outsource.

    I think the concern arises because Cloudflare is big. This has benefits and drawbacks.

    • Generally larger companies have more resources to invest in security.
    • Covering such a large portion of the web gives them a lot of possible tracking data if they want to use it maliciously (for whatever your personal definition of malicious is).