How to encrypt your website traffic - Free SSL Cert

Syntax

Developer
Joined
Oct 10, 2007
Messages
2,833
Reaction score
181
Location
Texas
Just secure it through CF. No reason not to have small sites going through them.
Free CDN and simple SSL.
 
OP
Merrok

Merrok

Magic Tomato
Premium User
Joined
Jun 18, 2009
Messages
51
Reaction score
54
Just secure it through CF. No reason not to have small sites going through them.
Free CDN and simple SSL.
Well you could do that. That would be the lazy solution, but definitely not the most reliable one.
It is really easy to install your own TLS Cert. So why not do it? Why rely on a third party?
Using CF means trusting their every step and there have been huge issues in the past where it was really easy to do a Man-in-the-Middle attack on Cloudflare Certificates and they didn't even notice until a magazine published an article on it.
So besides you having to rely on Cloudflares reliability, they also have fucked up badly in the past which leaves the question if you really wanna trust them or simply do it yourself. Doesn't take long to install a Let's Encrypt signed Certificate.
Although I gotta say, I'd rather see a website with a CF Certificate than with none at all.
 

sick7

Relentless
Joined
Apr 3, 2011
Messages
274
Reaction score
36
Location
South Korea
Well you could do that. That would be the lazy solution, but definitely not the most reliable one.
It is really easy to install your own TLS Cert. So why not do it? Why rely on a third party?
Using CF means trusting their every step and there have been huge issues in the past where it was really easy to do a Man-in-the-Middle attack on Cloudflare Certificates and they didn't even notice until a magazine published an article on it.
So besides you having to rely on Cloudflares reliability, they also have fucked up badly in the past which leaves the question if you really wanna trust them or simply do it yourself. Doesn't take long to install a Let's Encrypt signed Certificate.
Although I gotta say, I'd rather see a website with a CF Certificate than with none at all.
I usually just do the best of both, and generate a LetsEncrypt cert which gets installed on my origin webserver, and then set CloudFlare to Strict (Full) SSL mode.
¯\_(ツ)_/¯
 
Top