TLS simply encrypts transport data. IP addresses and transport (TPC/UDP) packets are still transparent to anyone that can see your traffic. This also includes IP addresses and port numbers.
Cloudflare offers a proxy service for HTTP websites unfortunately to use this feature you must allow Cloudflare to man-in-the-middle your website traffic. Therefor allowing cloudflare to see the plaintext traffic of users connecting to your website.
This is a called an SSL terminating reverse proxy. For HTTP traffic you can do this instead by hosting your own cloud server and pointing your DNS to records to it then routing your traffic back to your home servers, masking your public IP. You can do this with nginx, haproxy, envoy and others using the PROXY protocol (actually HaProxy Protocol). This method does NOT terminate TLS encrypted traffic between clients and your server/load-balancer.
I would NOT recommend disabling TLS for your website (most browsers will issue huge warnings nowdays for your users if even allowing them to connect at all)
ChipTuner
npub1qd…3fqm7
2024-04-02 20:13:19
in reply to nevent1q…x2c6
Author Public Key
npub1qdjn8j4gwgmkj3k5un775nq6q3q7mguv5tvajstmkdsqdja2havq03fqm7Published at
2024-04-02 20:13:19Event JSON
{
"id": "584c0c124d9e322f1f323306a0deb14976294490f302d9298fe90e00f9fc669c",
"pubkey": "036533caa872376946d4e4fdea4c1a0441eda38ca2d9d9417bb36006cbaabf58",
"created_at": 1712088799,
"kind": 1,
"tags": [
[
"e",
"6647af09d695d41edf3ef83124b0e65b923438b016089883815935cb52e1ea9c",
"",
"root"
],
[
"e",
"d18c9a7a411551bf92e148a763629d9e5165db97ffeb8333db4c69f0bc6f9daa",
"",
"reply"
],
[
"p",
"f821179bd5d691c61b4356336388adadc3cc1304f49e771a87c38de7ed4fd022"
],
[
"p",
"53a91e3a64d1f658e983ac1e4f9e0c697f8f33e01d8debe439f4c1a92113f592"
],
[
"p",
"036533caa872376946d4e4fdea4c1a0441eda38ca2d9d9417bb36006cbaabf58"
]
],
"content": "TLS simply encrypts transport data. IP addresses and transport (TPC/UDP) packets are still transparent to anyone that can see your traffic. This also includes IP addresses and port numbers. \n\nCloudflare offers a proxy service for HTTP websites unfortunately to use this feature you must allow Cloudflare to man-in-the-middle your website traffic. Therefor allowing cloudflare to see the plaintext traffic of users connecting to your website. \n\nThis is a called an SSL terminating reverse proxy. For HTTP traffic you can do this instead by hosting your own cloud server and pointing your DNS to records to it then routing your traffic back to your home servers, masking your public IP. You can do this with nginx, haproxy, envoy and others using the PROXY protocol (actually HaProxy Protocol). This method does NOT terminate TLS encrypted traffic between clients and your server/load-balancer. \n\nI would NOT recommend disabling TLS for your website (most browsers will issue huge warnings nowdays for your users if even allowing them to connect at all)",
"sig": "539daba36cbab6d5eaa357a2673aaaf46ec4fd565781d0d821505de1ada36ca29a7dd93f530cf8925a107c7622ff625705637aaf716f50d333000b61b87b11e0"
}