We care, we just can't spend the resources self-hosting business critical infrastructure. It'll break, get AI-DoSed, or will have an expired cert. It's a boring and risky problem to solve. Cloudflare provides a really good service for basically free.
If you add additional piece to chain, chain becomes weaker, not stronger
> get AI-DoSed
Thats not that common. There are specific industries prone to DDoS, like gaming, but your average site don't get DDoS-ed. Then again CF free service really don't protect your site from DDoS. I have seen several times CF becoming source of DoS (not caching or denying malicious requests) and if back-end is on shared infra, CF goes to firewall.
It's not free at all. You give them access to your unencrypted traffic and they give you protection from attacks they finance themselves. You're being ripped off
