Is it like on Facebook, where your data is the product? Do they have access to see the content of the final links it generates?
I worked at Cloudflare for several years. The free tier largely serves three purposes:
- the more traffic patterns they can analyze the better the bot and ddos protection they can offer
- generally getting folks using it themselves makes those people more likely to push for it at work on paid plans
- free tier customers are nearly zero cost to serve while being able to serve as beta testers before functionality is rolled out to paying customers
Your individual data is useless, but the data in aggregate has a lot of value to how the system operates as a whole.
Folks have generally been conditioned to believe that “free service” == “the user is the product” == “your data is packaged and sold to advertisers, marketers, or other data warehouses”, however this is emphatically not the case at Cloudflare. Your usage is not directly monetized by packaging and selling it, it is indirectly monetized by increasing the value of the Cloudflare network to the folks that pay for it.
edit: list formatting and explainer
Everything is a trade. Time gone by I had the homelab, the multi firewall, vlan’ed, reverse proxied, double encrypted, multi tunnelled jumboxed etc - hey its fun and you learn a lot.
I do this for a job, Ive done it for a job for 30 years, I dont need to do it at home, I dont want to spend the time on it anymore, I dont want to pay the electricity bill. Im not that important in the scheme of things, and neither is my data.
So for $0 Cloudflare obfuscate my website and let me https://url to Plex with $0 MFA from Google to a Pi5 costing me near nothing. Cloudflare is a trade / risk I willing to “pay” - and I think I get an absolutely amazing deal.
For a lot of small businesses, one man shops and enthusiasts on a budget this is true also. I just hope they aren’t bought by Broadcom.
In short your data helps train their service, if home users use it then they will recommend it to their companies, and you should see how much Cloudflare costs for enterprise then you’ll understand why home is free.
Ostensibly, your metadata is the product. At the free tier you’re getting the test version of the service, and your feedback when it breaks helps refine mistakes before those mistakes affect paying customers.
I’m not sure how they could make money from the data served up over tunnels.
I believe the logic for limited free use is that more people learning/using their platform means that some of those people will use it professionally or recommend it to their employer.
Cloudflare is acting as MitM, so yes, they see all your data. What they do with it, only they know. Almost 30% of all websites are behind Cloudflare. Giving Cloudflare imense power over the web. This is the complete opposite of what the web should be: A decentralized exchange of information with no authority above it. Thanks to people pushing Cloudflare and the likes, this idea is basically dead, sadly 
.
I use Cloudflare purely for DNS. I don’t need all my data from going through a private company.
since i started using tunnels i realised that cloudflare’s domain prices are better than pretty much anywhere else, and I’ve ended up moving all my domains there and buying a load more from them… so I guess by giving me something free they’ve monetized me quite heavily in a totally different direction?
People in this sub use Cloudflare tunnel so much it’s alarming, and they attack anyone telling them it’s a bad idea to expose all your traffic to a company like Cloudflare… I guess running your own VPN + dyndns is so hard to the point where you need to sacrifice your privacy.
I was called a “prepper” yesterday because I think you should be self-reliant with your infrastructure 
The only people I recommend Cloudflare tunnel to are absolute beginners… who still don’t understand networking properly. For that, Cloudflare tunnel can be good help to make them start.
It may be more of a promotion. I am more likely to recommend Cloudflare to my clients now since I have experience with them.
Probably analytics, they could also use it to train AI, who knows. Screw them, man.
I really don’t get why so many self-hosters advise CF when it takes power and privacy away from you and puts it in CF’s hands.
Tunnels? You don’t need them. Certs? You DEF don’t need them. Whatever protection they “offer”? You can self-host it.
Unfortunately, this sub has too much Cloudflare haters
Is this like ngrok? Can I make tunnels from live urls that hit local development server?
I agree with what u/ElevenNotes said (at least the first four sentences). I believe they use you and if you get a DDOS attack that lets them train to prevent future ones for paying customers
Well, its “free”
You need to put in a credit card so if you dont - its not usable
So they can sell the self-hosting kill switch to regulators.
Can you repeat the question in a manner that makes sense?
Cloudflare is losing money, and that loss is growing each year.
Soon, they will need to monetize more, and the rug will be pulled.