So, with the Cloudflare outage, I have found my self hosted services are not accessible outside of the home. I use a SWAG reverse proxy from linuxserver.io and bought my domain through cloudflare. I’m fairly new at this stuff, so is this a secure way of doing things? Does cloudflare have access to my data? I’m fairly new at this, so I apologize if this is a silly question. Is there some way to self host what cloudflare does?
Self-hosting an authoritative dns server is not a good idea for several reasons.
Cloudflare doesn’t have access to data hosted in your server unless you’re using their reverse proxy tunnel.
A momentary (if severe) blip in their availability isn’t a good reason to change providers.
That’s the conclusion I’m coming to. Saw a lot of posts from self hosters happy they aren’t affected by this. Figured there was some reason NOT to use Cloudflare (security, etc.). But it kind of just seems like a personal preference. Cloudflare has certainly had better uptime than all my services thus far 🙂
Many would be self-hosting behind a VPN so are less affected by public DNS issues.
Cloudflare is a business service primarily and the people who should be worried about its monopoly are the businesses, not so much a handful of people running home servers.
not so much a handful of people running home servers
Oh you’ll smoke a turd in hell for your insolence. lol
Doubt cloudflare has access to your date. more like the time old joke of it was DNS.
Most likely because you purchased your domain through Cloudflare they are also your authoritative name servers for your domain. When you try to access home.your.domain if the local DNS server doesn’t already know the IP to send that traffic to it will ask CF because they are the name servers. As they are having issues they didn’t respond.
I don’t know if CF allows you do use other name servers with domains purchased by them.
Depends on a few things. If you actually put the site ‘through’ cloudflare then they act as a SSL offloading proxy and could read the content.
If they’re just providing a DNS record than no, that just points people in your direction.
your dns server relays on another upstream dns server that could be down so whats the point
I’m fairly new at this, so I apologize if this is a silly question
Those don’t exist, afaic.
Caveat: I am unsure if Cloudflare will let you use other nameservers or if you are required to use theirs. I do know that if you use their Tunnel/ZeroTrust, you have to use their nameservers, but you can buy a domain from anywhere.
Yes, you can self host your own DNS. Bind, PowerDNS, Pi-Hole + unbound, Technitium has emerged as a new favorite, so there are options. I think you can selfhost AdGuard DNS tho the blocking service is a paid tier.
1984.hosting has a great free tier, and I’ve never had an issue in 7+ years
I use Linode
if your after alternative to CLoudflare DNS, I can recommend OVH for both domain name and zone, they have API so you can get certs for both internet facing stuff and internal domains
deleted by creator
I don’t believe pihole functions as an authorative DNS server though. Something like technetium does and they could be used as the nameservers for a domain while still offering all the same adblocking functionality that pihole does.
Though pihole could work of you were relying on a VPN to access your stuff remotely.
deleted by creator
Sure but this won’t work if you’re accessing services outside your network like OP is doing. You’re going to need publicly available DNS records somewhere to do that.
You’re, right, I misread the post.
At that point DNS is handled by whatever network you’re on. Since that not always under your control, hosting a private VPN (and setting DNS though that) is the way to go.
