Sure was! You need to be on top of paid and free and open source software from a security stand point. There’s no shortcut no matter what you think you’re paying for. Your threat model might be better when the service automates a Web proxy for you, but that’s only one facet. You trade problems but should never feel like you can “set and forget”. Sometimes it’s better for you to do it yourself because there’s no lying about responsibilities that way.

Plex was how last pass got hacked. https://www.howtogeek.com/147554/lastpass-data-breach-shows-why-plex-updates-are-important/

You still need to do stuff even if it is plex.

Nobody happy. :(

Bring free on cloudflare makes it widely adopted quickly likely.

It’s also going to break all the firewalls at work which will no longer be able to do dns and http filtering based on set categories like phishing, malware, gore, and porn. I wish I didn’t need to block these things, but users can’t be trusted and not everyone is happy seeing porn and gore on their co-workers screens!

The malware and other malicious site blocking though is me. At every turn users will click the google prompted ad sites, just like the keepass one this week.

Anyway all that’s likely to not work now! I guess all that’s left is to break encryption by adding true mitm with installing certificates on everyone’s machines and making it a proxy. Something I was loathe to do.

Personally, it’s the power of powershell that I use for the hundreds of windows servers. Otherwise it’s the power of Linux bash shell scripts for the dozens of Linux servers. None of the Linux servers run a gui so there’s no options there. Tbh for me, self documenting gui is the slowest way to do work. Configuring hundreds at once with peer reviewed scripts and change control is much more effective since the peer review and change control will be needed either way.

Oh though I use fortimanager a lot of configuring dozens of Fortigates. Only have a few scripts on it though.