|
|
|
|
|
|
by palata
175 days ago
|
|
|
> they can't connect the domain names to my IP They can't, but does it matter? They can connect the domain name to your server (through the tunnel). > or infer what services I run Why not? The port is open on Cloudflare's side, it's exactly the same. The one thing you get from Cloudflare is that probably Cloudflare has a list of blocked IPs and they will prevent them from reaching your server. Though I'm sure there are public lists of "bad IPs" and it shouldn't be too hard to have a firewall that uses them. And anyway in your case you have a list of allowed IPs, so it's not a concern at all. |
|
|
By having cloudflare as the mitm proxy in between my domain and my server, that link between the two is also not immediately apparent to the public.
Then, all the filtering and access control happens outside of my network, and only the absolutely valid traffic that I want to deal with hits my own network.
I want all of those features.