Hiddenden/Knowledge-Base
2
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

first version of the knowledge base :)

Browse Source
This commit is contained in:
Latte
2026-03-14 11:41:54 +01:00
commit 27965301ad
47 changed files with 4356 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
70 - Tools/cloudflare/cloudflare-overview.md Normal file
View File

@@ -0,0 +1,63 @@
---
title: Cloudflare
description: Tool overview for Cloudflare as a DNS, edge, and access platform in self-hosted environments
tags:
- cloudflare
- dns
- edge
category: tools
created: 2026-03-14
updated: 2026-03-14
---
# Cloudflare
## Summary
Cloudflare is an edge platform commonly used for DNS hosting, proxying, TLS, tunnels, and access control. In self-hosted environments, it is often the public-facing layer in front of privately managed infrastructure.
## Why it matters
Cloudflare can reduce operational burden for public DNS, certificates, and internet exposure. It becomes especially useful when services need a controlled edge while the underlying infrastructure remains private or partially private.
## Core concepts
- Authoritative DNS hosting
- Proxy mode for HTTP and selected proxied traffic
- Zero Trust and Access controls
- Tunnels for publishing services without opening inbound ports directly
- CDN and caching features for web workloads
## Practical usage
Cloudflare commonly fits into infrastructure like this:
```text
Client -> Cloudflare edge -> reverse proxy or tunnel -> application
```
Typical uses:
- Public DNS for domains and subdomains
- Cloudflare Tunnel for selected internal apps
- Access policies in front of sensitive web services
## Best practices
- Keep public DNS records documented and intentional
- Use tunnels or private access controls for admin-facing services when appropriate
- Understand which services are proxied and which are DNS-only
- Review TLS mode and origin certificate behavior carefully
## Pitfalls
- Assuming proxy mode works identically for every protocol
- Forgetting that Cloudflare becomes part of the trust and availability path
- Mixing internal admin services with public publishing defaults
- Losing track of which records are authoritative in Cloudflare versus internal DNS
## References
- [Cloudflare Docs](https://developers.cloudflare.com/)
- [Cloudflare Learning Center: What is DNS?](https://www.cloudflare.com/learning/dns/what-is-dns/)
- [Cloudflare Zero Trust documentation](https://developers.cloudflare.com/cloudflare-one/)