There would have been a short overlap when I disabled CloudFlare's proxy and when the new SSL certificate was accepted by everyones devices. If you received an SSL error - sorry, I didn't get any on my end.
Yes, your information is secure.
However, I'd highly recommend taking every precaution to not disclosing your own identity.
This can include using an alternate email address (protonmail is the choice here), using alias names, and using a non-logging VPN to access sites.
As any site gets more popular, it attracts unwanted visitors. The best we can do is to mitigate all risks and put as many preventitiave measures in place.
Anoma, I looged at GCP, but decided against it in the beginning.
They also block outgoing emails, so I'd need to use another provider or setup another server specifically for emails.
At the start when there were only a few members and Billy was paying for everything out of pocket, I wanted to keep things as low cost as possible.
CloudFlare's free plan provided all the protections needed, supplimented with a WAF and a few extra precautions (for example, try SSHing to the server).
Cloudflare is essentially ditched now, it's only being used as a DNS provider, which I'll eventually remove.
I'm sure you can figure out what host I'm using