Cloudflare is a company serving more web traffic than Twitter, Amazon, Apple, Instagram, Bing, & Wikipedia combined. This allows them to control a massive part of the internet. What are they really up to?

They host the DNS server 1.1.1.1, claiming it is offering better protection than using your ISP's DNS. Cloudflare has a massive part of the internet in their hands. While they claim to protect your privacy better than many ISPs do, you're just giving the data to some other company, which the NSA can then access. Surely, some ISPs track their users and sell their data, but you'd feed the internet's largest servers with the websites you visit when using 1.1.1.1. This poses a threat for users who are not already in the US. When using the local ISP's DNS, the NSA is much less likely to be able to know what you did. You could use another DNS provider, which doesn't even have to be owned by a company, or even be your own.

The Cloudflare servers often go down too, which affects massive parts of the internet, all at the same time. If only a few servers go down at a time, it will affect a smaller part of the internet. Not to mention, Cloudflare blocks not only bots, but also human users, not only those using a VPN or Tor, which is a form of DoS. They'll prevent some users from accessing the website, and move on somewhere else. If you think their "DoS protection" is useful, think again.

This server runs very fine without said "protection". Granted, it's not a big website, but it's very easy to protect your own server, and you are in control of who can and can't access your website. The best part is that all human users you approve can access your website!

The disapproved users need to solve a captcha, from Google, another big data collector. This can be used to track users and remove their anonymity. Great, now your data is in the hands of TWO companies, embedding their scripts into millions of website. They also perform invasive "browser checks" which require JavaScript, and, by now you should already be able to tell that this is another form of tracking.


So, if you haven't already, please use tracking protection tools, to avoid being tracked this way. If you're using any of Cloudflare's services, consider stopping using them.

For static content, hosts can even use the gemini protocol, which is less prone to attacks and spam (since it uses port 1965 by default and not 80), and is far more privacy respecting.

Sources: