this post was submitted on 16 Mar 2025
65 points (97.1% liked)

Buy European

3527 readers
2539 users here now

Overview:

The community to discuss buying European goods and services.

Matrix Chat

Rules:

  • Be kind to each other, and argue in good faith. No direct insults nor disrespectful and condescending comments.

  • Do not use this community to promote Nationalism/Euronationalism. This community is for discussing European products/services and news related to that. For other topics the following might be of interest:

  • Include a disclaimer at the bottom of the post if you're affiliated with the recommendation.

Feddit.uk's instance rules apply:

  • No racism, sexism, homophobia, transphobia or xenophobia
  • No incitement of violence or promotion of violent ideologies
  • No harassment, dogpiling or doxxing of other users
  • Do not share intentionally false or misleading information
  • Do not spam or abuse network features.
  • Alt accounts are permitted, but all accounts must list each other in their bios.

Benefits of Buying Local:

local investment, job creation, innovation, increased competition, more redundancy.

Related Communities:

Buy Local:

!buycanadian@lemmy.ca

!buyafrican@baraza.africa

!buyFromEU@lemm.ee

!buyfromeu@feddit.org

Buying and Selling:!flohmarkt@lemmy.ca

Boycott:!boycottus@lemmy.ca

Stop Publisher Kill Switch in Games Practice:!stopkillinggames@lemm.ee

Banner credits: BYTEAlliance

founded 1 month ago
MODERATORS
maam@feddit.uk
alex@jlai.lu
Lazycog@sopuli.xyz
circledot@feddit.org
Argyle13@lemmy.world
Sunshine@feddit.is
Sunshine@lemmy.ca
buyeuropean@lemmy.ca
buyeuropean@feddit.org
lazycog@feddit.uk
65
Where is lemmy.world hosted? (lemmy.world)
submitted 1 day ago by MousePotatoDoesStuff@lemmy.world to c/buyeuropean@feddit.uk
29 comments fedilink hide all child comments
 

I know lemm.ee is hosted in the EU, but I can't find that information for lemmy.world.

top 29 comments
sorted by: hot top controversial new old
[–] Kolanaki@pawb.social 6 points 13 hours ago* (last edited 13 hours ago)

Doing a whois on the domain name, shows the registrant is from North Brabant, Netherlands. Their primary cloudflare stuff pings back to Canada, but the secondary and tertiary locations I get are in the US.

[–] nimble@lemmy.blahaj.zone 44 points 1 day ago (1 children)

https://legal.lemmy.world/tos/#our-governing-laws

[–] undone@lemm.ee 40 points 1 day ago (1 children)

How dare you make us click a link and read for ourselves? Not what I signed up for.

[–] Shortstack@reddthat.com 22 points 23 hours ago (1 children)

Well of course not, you joined lemm.ee

[–] undone@lemm.ee 9 points 22 hours ago

After re-reading the fine-print I hereby fully commit my soul to the spirit of lemmy.

[–] MBM@lemmings.world 12 points 20 hours ago

FYI everyone who's sharing a Cloudflare location is only mildly doxxing themself

[–] Successful_Try543@feddit.org 28 points 1 day ago* (last edited 22 hours ago) (4 children)

AfaIk, they are hosted at Hetzner, so physically in Germany or Finland.

Edit: Source https://lemmy.world/post/22397634

~~Edit 2: The ip online tool on the website below indicates that it may actually be physically hosted in US (on a virtual server as, according to Wikipedia, Hetzner doesn't offer bare metal servers in US).~~

https://www.ipaddress.com/website/lemmy.world/

Edit 3: The IP is from Cloudflare, the servers are from Hetzner in EU.

[–] Emperor@feddit.uk 9 points 20 hours ago

AfaIk, they are hosted at Hetzner, so physically in Germany or Finland.

If I remember correctly, the main servers are in Hetzner's data centre in Finland with back-ups in Germany. Although they have a complex set-up so it may not be as cleanly divided up these days.

I suspect half the Fediverse runs on Hetzner at this point.

[–] notabot@lemm.ee 10 points 23 hours ago (1 children)

The US IP address is for Cloudflare, who are acting as a front end for things like DDoS protection. A lot of lemmy servers use them, which is unfortunate, but there don't seem to be any viable European alternatives.

You can check the details with the whois command. The relevant bit when querying for one of their addresses is:

NetRange:       104.16.0.0 - 104.31.255.255
CIDR:           104.16.0.0/12                         
NetName:        CLOUDFLARENET                         
NetHandle:      NET-104-16-0-0-1                      
Parent:         NET104 (NET-104-0-0-0-0)              
NetType:        Direct Allocation                     
OriginAS:       AS13335                               
Organization:   Cloudflare, Inc. (CLOUD14)            
RegDate:        2014-03-28                            
Updated:        2024-09-04                            
Comment:        All Cloudflare abuse reporting can be
done via https://www.cloudflare.com/abuse             
Comment:        Geofeed: https://api.cloudflare.com/local-ip-ranges.csv                                     
Ref:            https://rdap.arin.net/registry/ip/104.16.0.0
[–] Successful_Try543@feddit.org 1 points 22 hours ago* (last edited 22 hours ago) (1 children)

Thank you. So that's why you 'see' an US IP address while the physical server may be located anywhere, e.g. in Germany.

By looking at their Wikipedia, I've already found out that Cloudflare doesn't do hosting.

[–] notabot@lemm.ee 3 points 17 hours ago (2 children)

Cloudflare don't hoat sites, but they do end up being a 'man in the middle' attack on any site they proxy for, regardless of where that site is nominally hosted. That ends up exposing all traffic on those sites to a US corporation, and ultimately the US government. Considering that Cloudflare proxy somewhere between 19% and 40% of all websites, I think that's pretty alarming.

[–] Evotech@lemmy.world 1 points 14 hours ago (1 children)

It's not an attack of you pay for it

[–] notabot@lemm.ee 2 points 12 hours ago

You'll be attacked and pay for the priviledge! I suppose what you're really paying for is knowing who's attacking you. Mind you, I think it's free for small sites, which is probably quite an attractive trade-off for many.

[–] Successful_Try543@feddit.org 1 points 14 hours ago* (last edited 14 hours ago) (1 children)

I don't get the 'man in the middle' part. Is the ssl key for the encrypted https connection not from LW, but from cloudflare?
It's still problematic that they have metadata of the connections.

[–] Evotech@lemmy.world 2 points 14 hours ago (1 children)

For cloudflare to encrypt the traffic they need the key.

[–] Successful_Try543@feddit.org 2 points 13 hours ago* (last edited 13 hours ago) (2 children)

But isn't for https the traffic supposed to be e2e encrypted between the client web browser and the server hosting the web page with the same cert? Does cloudflare decrypt and then re-encrypt the traffic data?

[–] Evotech@lemmy.world 2 points 4 hours ago* (last edited 4 hours ago)

Supposed and supposed... It's easier to manage encryption and certificates on a layer above, you can reencrypt backwards with some whatever cert

You can of course not use cloudflares infra for this but then you lost a lot of insight and features

[–] notabot@lemm.ee 3 points 12 hours ago (1 children)

You see the problem. Yes, cloudflare decrypt the request from the browser, inspect it, then reencrypt it and send it to the host server. Then they take the response, decrypt that, inspect it, reencrypt it and send it to the browser.

Basically there are two TLS flows, one from the browser to cloudflare, and one from clourflare to the host server. Between those, on the cloudflare system, both the traffic and response are in plain text. That includes usernames, passwords (for HTTP basic auth anyway) and any sensitive data you send or receive.

Given that they front sonewhere between 19 and 40% of all websites, d£pending on whose stats you trust, that should be pretty alarming.

[–] Successful_Try543@feddit.org 1 points 10 hours ago

Thank you. I didn't know that.

[–] grue@lemmy.world 5 points 22 hours ago

It's Germany. You can tell because the ToS mentions the service being subject to German law.

[–] electric_nan@lemmy.ml 3 points 20 hours ago

Hetzner also has US servers now, FYI.

[–] bndkt@lemm.ee 17 points 1 day ago

They probably use Cloudflare for Loadbalancing and Anti DDOS. This doesn’t mean it is hosted on Cloudflare, it is only a proxy. The point is not to show you the real IP so you can’t attack the origin server.

[–] Rhaedas@fedia.io 3 points 1 day ago

Hosting tools point to Toronto, Canada via Cloudflare.

[–] UngratefulLilToad@feddit.org -5 points 1 day ago* (last edited 1 day ago) (2 children)

You have all information here.

https://fediverse.observer/

So Server Host for lemmy.world is Cloudflare, Inc.

[–] Successful_Try543@feddit.org 12 points 23 hours ago

Cloudflare doesn't do the hosting, just DNS/domain related related stuff. LW says they're hosting at Hetzner.

[–] UngratefulLilToad@feddit.org -2 points 1 day ago (1 children)

lemm.ee is also hosted on Cloudflare.

[–] Kaboom@reddthat.com 0 points 23 hours ago (1 children)

You'd be kinda stupid not to use some form of cloud hosting solution as a small time website these days. Cloudflare or AWS or whatever you prefer.

[–] IncogCyberspaceUser@lemmy.world 0 points 21 hours ago (1 children)

Why is that? Mostly security I guess?

[–] Kaboom@reddthat.com 1 points 17 hours ago

Security, but also ability to scale and not have to host your own equipment.