Cloudflare is the SSL/TLS endpoint between you and the application.
When you use Cloudflare, data is encrypted between a client and Cloudflare (using 'their' SSL cert), they unencrypt it and inspect so they can process it, caching etc, then it' can be encrypted between Cloudflare and the backend using your own backend certificate.
So Cloudflare can see everything, its required for them to do what they do
Oh, you definitely got why I'm against Cloudflare..
Cloudflare has bot-mitigation built in, sure. So why would someone Anubis between their app and Cloudflare as it fulfills it's reverese proxy role, idk. It seemed like that person was trying to explain to me where Anubis was supposed to fit in sequence here. It's meant for the reverse proxy scenarios specificed in the example (nginx, Caddy, and others)
You are also correct. The "free" DDoS mitigation is an irrelevant argument against the privacy implications of using Cloudflare. Cloudflare isn't the only DDoS mitigation option.
*BuT iT's FrEe! *
Is it, really?
Yeah, I accept your apology. Anubis self-hosted and open source. I suppose you COULD use it between Cloudflare and your service, but why WOULD you?
Correct. That is an accurate description of my post.
Cloudflare was the reason why I changed instances, I specifically sought one that used Anubis instead. There is no other reason why I changed instances, this is the lemmy privacy community.
I feel like its a green flag, seeing that cartoon jackal-girl pop up with the magnifying glass for a second.
It's surely not universally the case but it's a positive sign to me.