Today, like the past few days, we have had some downtime. Apparently some script kids are enjoying themselves by targeting our server (and others). Sorry for the inconvenience.
Most of these ‘attacks’ are targeted at the database, but some are more ddos-like and can be mitigated by using a CDN. Some other Lemmy servers are using Cloudflare, so we know that works. Therefore we have chosen Cloudflare as CDN / DDOS protection platform for now. We will look into other options, but we needed something to be implemented asap.
For the other attacks, we are using them to investigate and implement measures like rate limiting etc.
Because cloudflare is literally everywhere. One service acting as middle man for so many sites means they can do a lot of stuff. It’s the same reason people want to decentralise services, we dont want a central authority.
Edit: I personally have dont care much if there is cloudflare, Im just giving a possible reason cloudflare might be bad.
Cloudflare is literally helping the internet to federate on a tech level. All our services like youtube Videos, instagram content, reddit and other fast access content are quick and smooth bc Cloudflare and similar companies temporarily store data at locations that are close to you.
Without them all your data would be stored in few central locations. Not only would it be slow as fuck, they would also be more vulnerable.
Also Cloudflares other main products are cyber security. Which is good for smaller federated entities for obvious reasons.