I’m not opposed to them, but a lot of people on Lemmy have pretty strong opinions, primarily around the centralization around, and potential of MITMing data.

I don’t think they’re wrong, because the centralization has given Cloudflare a shocking amount of power over who sees what and how: they, for example, will put you in captcha hell if you’re using certain browsers, connecting from certain networks, or using TOR. I don’t ever run into those issues, but they’re certainly ones that happen to people often enough that a quick search will find story after story of people that run into this mess, and that it’s sometimes annoying and painful to dig out of when and if it happens.

And, due to how their service works and the way the certificates are handled, they are essentially MiTMing your traffic. The certificate chain between your client and cloudflare and cloudflare and your server, depending on how exactly you’ve configured it, can be done in such a way that there’s a re-encryption happening with them in the middle, and thus, Cloudflare can see all your data.

I’ve met their CEO and VP of Safety and worked extensively with them in a previous job and don’t actually believe they’re doing anything untowards, but the fact is that they, if they so desired, absolutely could.

I use their stuff on anything I setup for public access, either via an argo tunnel or their more traditional CDN stuff, but I can understand why other people concerned about user blocking and privacy (which are less of a venn diagram of users impacted, and more of a single circle: the privacy people are usually using browsers, addons, and VPN connections that are directly the cause of the block) wouldn’t be Cloudflare fans.