Questions about Cloudflare Proxy and other solutions to hide Public IP Address

[ABOhiccups]

I read SearXNG Public Instance requirement and the Cloudflare forbidden part makes no sense. (At least my instance based in United States)

1. Our Internet Service Provider (ISP) are doing the same thing as Cloudflare. What makes the difference?
2. United States has Net Neutrality law (currently Title II law). All ISP in United States has to follow Net Neutrality law. Yes, that means Cloudflare too since it’s based in San Francisco, CA.

Is there alternative way to hide Public IP Address since Cloudflare Proxy is forbidden?

[unixfox]

• Your ISP can not decrypt your HTTPS traffic.
• This has nothing to do with the rules. The rules about cloudflare are only for not being in control of your main webserver.

If you want to hide the public IP address of your potential public SearXNG instance, you can rent a server in a datacenter and proxy the incoming requests to your other server that host your SearXNG instance.

[tiekoetter]

1. Your ISP reverse proxies requests to your IP(s)?
2. The problem lies in the reverse proxy aspect. They are allowed when you are the one operating the reverse proxy. Since you don't operate, or have insight into Cloudflare, you can't be sure they are not sniffing the packets transferred.

Since they have to, by nature of a reverse proxy, be the termination point of a HTTPS connection they can read everything.

[ABOhiccups]

I can understand now.

Does SearXNG allow Public Instance from TorGuard’s Private VPN Cloud?
https://torguard.net/private-vpn-cloud/

What is Private VPN Cloud?
How that works. You create a WireGuard tunnel on your account and you download a WireGuard file to import it to your HomeLab, PC, NAS, or any device you owned and it tunnels your traffic between your device and VPN Cloud. Then on your account page. You can add port 80 and 443 to Firewall with TCP Protocol (just like on your router settings) to expose your server from your home device to your Private VPN Cloud Account to Public Internet. Just like your own router/modem. It also works with Reverse Proxy from your Home Server like Nginx and Treafik.

[unixfox]

Should be ok because you are still in control of your webserver due to the fact that it only forward the TCP traffic (osi layer 4), it does not modify the HTTP(S) traffic (osi layer 7).