Public in the sense that the actual content is public (like a blog), sure, anyone can access it, so does the reverse proxy). Since it’s public, I
Would still take the trouble entirely out to a provider.
Public in the sense that the front page is public, and the client still need to authenticate to the service at home, in this case, that does not make sense (the user authenticates to reverse proxy, which authenticates to the service), for the reason I mentioned.
> I Would still take the trouble entirely out to a provider.
Frankly, because you don't trust your own abilities in that area, or you're simply not interested in taking responsibility for that piece - and that's totally fine.
> Public in the sense that the front page is public, and the client still need to authenticate to the service at home
Maybe your authentication doesn't live at home, or on the home network. It could be on a vps or a cloud radius/ldap/etc auth service.
Some people have been writing code for 30+ years. I've been running internet facing systems for 30+. Different backgrounds, different levels of comfort and enjoyment out of different things!
If I run my services at home, I don’t want to provide Cloudflare with access to my data.