It is bad for the open web and constantly asks you to verify you are human
Comment on Basic Security for your Website | Loudwhisper
incogtino@lemmy.zip 3 months ago
Genuine question from someone with a single page static site - why is Cloudflare a useless suggestion?
possiblylinux127@lemmy.zip 3 months ago
loudwhisper@infosec.pub 3 months ago
Fair question. What I meant is that suggesting that would have made the whole post 10 lines long and not worth doing. So I avoided such suggestions that completely change the threat model.
It’s not useless to avoid a good security posture (although you might have concerns of a monopoly gatekeeping the internet, TLS traffic inspection privacy concerns etc.), on the contrary makes everything I have written about here redundant (+ provide more, like DDoS protection) as you are outsourcing the security controls.
incogtino@lemmy.zip 3 months ago
Thanks, I was more worried that there was something completely wrong security-wise with that approach!