Disclosure: When you purchase a service or a product through our links, we may earn a commission. Read more...
WHAT IS CLOUDFLARE ABOUT? REVIEW & SETUP GUIDE
Owners seek every day the very best CDN providers in order to get assured solutions for their business. Thus, keep in mind that yes, as someone in Fast & Furious probably said, speed is very important. The faster users can connect, the more they trust your website as it seems more reliable.
What could be the solution to your speed and safety needs? The answer is (drums rolling)...
Cloudflare! (duh! It’s in the title).
You might have never heard about it before, so I’ll explain it in one line: Cloudflare is acontent delivery network (CDN) and security solution provider helping multi-sized business(S, M, L and XL) to supercharge and secure their online applications.
If you want to speed up your online business, then Cloudflare is one of your fastest options and one that comes with an extra security layer which protects all your web assets. Gain speed and safety against online threats This is why millions of website owners love Cloudflare. I mean, what else could you ask for?
Pizza. You can always ask for pizza.
Do you know what the best thing about Cloudflare is? It’s FREE! Not everything of course, but there are many things you’ll get for no cost. Oh, and by the way, Cloudflare is TechRadars’ choice number one in 2019. It’s awesome!
There are many great features available within several plans. I wrote this review to guide you and help you understand what sort of beast I’m talking over here.
Content Delivery Network (CDN)
Like that person you are secretly in love with yet you still call him/her a friend, Cloudflare is much more than that. With 156 data centers placed in more than 74 countries all over the world in every continent, except Antarctica (penguins hate it for some reason), Cloudflare has the ability to deliver content with speed and efficiency. Those numbers are growing and it is definitely one of the biggest CDN provider on the market.
Nowadays, website optimization is one of the most discussed topic in the Internet. The other ones are privacy conditions and Michael Jackson. Let’s not get into that one. Visitors want to see fast response times and they want the same experience in every device they use. Fortunately, Cloudflare customers have multiple options to beat this problem and take their website performance to new heights. Choose between several features and you’ll enjoy the following benefits:
- Cache Header Optimization – control the cache header directives to reduce the need for new (and annoying) requests.
- Easy On and Off – turn on/off user interface with just one click.
- Nothing to Install – though it may require changes in the code deployed to origin the server, you can be up and running in five minutes. 7 if you are using Internet Explorer.
- Automatic HTTPS Rewrites – eliminates mixed content issues by rewriting insecure URLs
- TLS 1.3 – the latest Transportation Layer Security provides you with extra safety and you can be sure about it because it has “security” as its surname.
- Automatic Content Caching – all the static resources will be cached and it allows you to define how long cache „lives“ before it expires
- Accelerated Mobile Links – Cloudflare is using AMP technology to speed up mobile pages
- Local Storage Caching - uses local storage to smartly cache the objects needed to best render your site
- HTTP/2 – the next version of HTTP protocol, the second best Protocol since Mission Impossible: Ghost Protocol. It is based on Google's SPDY project, which uses multiplexing to speed up your website.
- Server Push – content will be pushed to the browser even before a request is made.
- Aggressive GZIP – reduces the size of resources.
- Opportunistic Encryption - provides benefits to HTTP-only domains by applying encryption and web optimization features.
Cloudflare is currently running one of the largest and fastest DNS network in the world by powering over 39% of managed DNS domains. DNS is available for every plan and setting it up takes only a couple of minutes. 5 minutes if you use Internet Explorer. It also lets you add some of the security and performance features for free.
Argo and Railgun
Argo Smart Routing is a high speed routing mechanism invented by Cloudflare’s specialists. It delivers web traffic through the fastest secure routes to improve end-user experience. In order to avoid congestion and choose the most reliable links to deliver increased uptime, the network condition will be monitored at all times.
As if you were just starting to date someone, this feature knows you need protection. This is why it also guards all traffic by using encryption. Bad news for the bad guys. Argo saves some money too, as it minimizes content requests to the origin server, which in the end means reduced server load and less bandwidth. Let’s sum up the benefits of using Argos:
- Congestion Avoidance - real-time routing decisions
- Tiered Caching - content served from adjacent data centers
- TCP Optimizations - persistent TCP connections
Railgun, on the other hand (probably left), is a web optimization technology that accelerates delivery of non-cached websites. The basic service caches around 65% of the resources, but 35% of this content cannot be cached because either the resources are dynamically generated or marked as “do not cache” or... no, that’s it. Uncacheable web objects can be compressed up to 99.6%, allowing 200% additional performance increase. Not bad at all, Raligun!
If you have rich quality content website (and I’m sure you do), Argo and Railgun can help you provide the fastest user experience for your visitors. Here you can take a look at the Railgun supported packages provided by A2 Hosting
Cloudflare Stream™ is a video on-demand streaming platform that includes storage, encoding and a customizable player. Combine this with Cloudflare’s fast, secure, and reliable global network and you’ll get a reliable and flexible bundle. Upload videos effortlessly, watch them on any device, lower storage and streaming costs and customize the player to fit your specific needs. As a result you’ll enjoy more time and money where you really need them. For example, buying pizza.
Quick Note! You’ll be charged depending on how many minutes you watched instead of bandwidth. The same applies for the storage. You don’t have to worry about publishing high quality videos, the only thing that matters is the length of the video.
Anycast Network and Spectrum
Anycast Network is a networking mechanism to transmit incoming request through a variety of different data centers with the capacity to process the traffic with high efficiency. Its mechanisms tackle high traffic volume, network congestion, DDoS attacks and the Ayuwoki.
I’m not entirely sure about the last one, but it definitely should.
With Spectrum you’ll be able to saveguard all your TCP-based services exposed to the Internet and protect against Layer 3 and 4 DDoS attacks. Block dangerous IP addresses with IP Firewall and Spectrum can use the obtained data when somebody tries to reach your TCP services. They’ll die trying. Hence, there’s no need to worry about bad guys snooping your sensitive data... but there’s still a darker side to this story. The only drawback here is that you can’t use Spectrum without Enterprise plan. Still, when you have a high load website containing sensitive data, I strongly recommend you to go for more expensive plans to avoid someone stealing it.
Aimed at strengthening trust in the Internet by adding a layer of security to the DNS lookup and exchange processes, Domain Name System Security Extension (DNSSEC) is one of the most complicated topics for sure. If you have no idea about what I just said, this basically means that it keeps away malicious activities like cache poisoning, pharming, man-in-the-middle attacks ...and if you are Mark Zuckerberg and you had no idea about what I said, please hire me.
Properly enable DNSSEC for your domain name and visitors will always be able to connect to authentic domain name. These attacks usually go unnoticed by websites’ visitors, increasing the risk of phishing, malware infections, and data leakage. Nobody wants that or there’ll be a lot more people with Yahoo mails. With Cloudflare you can be sure this scenario doesn’t happen.
Web Application Firewall (WAF)
Cloudflare offers an enterprise-class level web application firewall, which hits over 5 million request per second and continually spots and blocks new potential threats. Spots and Blocks would be a great name for a Youtube channel by the way.
In this era of cyber-supervillains, all web applications must tackle threats like SQL injection, CrossSite Scripting (XSS) attack, Cross-Site Forgery Requests (CSRF) and many more. Cloudflare’s WAF stays ahead of these threats by automatically updating when any new security vulnerabilities are released. This is a major difference compared to on-premise firewalls that each day become more outdated.
Cloudflare supports OWASP too, one of the notorious security ruleset. Customers have the possibility to add their own rules, yet it is still not enough to ensure secure traffic. That’s why Cloudflare refreshes often its’ own rules, actually 86% of all rules, through WAF updates to block the vast majority of online dangers.
Cloudflare states that their WAF rule sets result in latency of less than 1 millisecond. 1 millisecond. Usain Bolt recently told me that’s fast and I believe him. It is a very good performance result compared to the amount of rule sets applied for the security purposes. Not bad Cloudflare, not bad at all.
When you have web application software installed on your origin web server, you can even shield your website against application-specific threats. Cloudflare WAF supports wide range of rule sets.
Cloudflare Application Specific Rule Sets
- Atlassian Products
OWASP Top 10 Vulnerabilities
- Broken Authentication and Session Management
- Sensitive Data Exposure
- XML External Entities (XXE)
- Broken Access Control
- Security Misconfiguration
- Cross-Site Scripting (XSS)
- Insecure Deserialization
- Using Components with Known Vulnerabilities
- Insufficient Logging & Monitoring
- Writer’s Block
Actually, take a nice walk when you suffer from the Writer's Block.
Rate Limiting adds superb web traffic control to configure thresholds and define responses for any application endpoints. Use it to protect your infrastructure against any type of abusive behaviour targeting the application layer.
Cloudflare only charges the legal requests that match your predefined rules; hence, when you experience unpredictable traffic spikes or attacks, the bandwidth cost is also reduced. No attacker can take down your website. Sorry Mr. Assange, try again later.
Enjoy all these benefits using Rate Limiting feature:
- Layer 7 DDoS Mitigation - distributed denial-of-service protection.
- API Protection - set API usage limits.
- Brute Force Protection - protect sensitive customer information.
- Cost Savings - avoid unpredictable costs by only allowing good traffic through.
With „mint“ please. This is something for the IoT world, so I’m talking now to you, fridge. Cloudflare has invented Orbit to solve security issues that chase and attack those interrelated computing devices.
Why do you need such thing at all? Do you really need protection for your smart microwave? Well, the problem relies in the standard PC security model, where patches are downloaded and installed, and it does not scale to 22 billion devices (and growing). Did you know that even your trousers can connect to the Internet? If not, you should get one of those.
Maybe sooner than later, we’ll face the security concern and find out that the current situation is not good at all. Security tends to be the last one of manufacturers’ concerns and even consumers don’t really care to update their IoT devices. I’m not sure though if this is indeed possible.
Cloudflare Orbit solves the IoT security problem in a very clever way. A secure connection is made between IoT device and its origin server, which holds malicious requests from reaching devices, leaking data and making us cry. The following is a list I made out couple of features worth of mention:
- Secure & Authenticated Data Transfer – TLS will be used for the secure connection.
- Shield – vulnerabilities will be blocked in real-time.
- Earth Icon – fast and cost-effective firmware updates.
- Improved Battery Life – data is compressed to reduce data transmission, resulting in lower power consumption.
Cloudflare Access and Workers
Cloudflare enables you to add extra application access layer to your site’s infrastructure in any device you wish. You can even use existing service providers like: Google™, G Suite™, Github™, Okta™, Facebook™, and more... to authenticate on the Cloudflare global network. Gain full visibility and transparency into recent logins, access requests, policy changes and many more characteristics crucial to maintain security.
Cloudflare Workers is a codename for a distributed serverless execution environment all over the world. Don’t worry, it’s a not a bunch of Cloudflare users about to make a strike. This feature is tailor-made for you when you require to offer fast and extensible services wherever customers reside.
Workers KV, a global low latency and scalable key-value storage technology, is distributed to every data center too.
Load Balancing automatically sends visitors to the closest origin service to reduce latency. For example, European users will be sent to London’s database, Australian customers to Sidney’s and Argentinian visitors to... Antarctica? Nope, as I said before, penguins are not really into Cloudflare.
With Load Balancing, businesses will have it easier to secure revenue, reputation and customer loyalty. Who wants to use or visit a website that seems slow, unstable or simply doesn’t work? It makes any service appear poor. Consumers in 21th century want to consume services 24/7 and they better be fast! Otherwise, they might lose us.
These are the two main features you’ll get with Cloudflare’s Load Balancing:
- Local and Global Load Balancing – load balancing traffic across multiple servers or by routing traffic to the closest region.
- Health Checks with Fast Failover – visitors will be rapidly routed away from failures, your site will always seem young, healthy and with all life ahead of it.
Details about the Plans
Based on the features listed above, I can say without a doubt that Cloudflare offers one of the best performance and security bundles in the market. Most similar service providers need to hop on roller skates because they are still getting short to this.
Now, let’s head on to the pricing plans below
These Great Features
- Unmetered mitigation of DDoS attacks
- Global Content Delivery Network
- Shared SSL certificates
Everything in Free +
- Enhanced security with Web Application Firewall (WAF)
- Enhanced performance with image and mobile optimization
- More control with advanced features
Everything in Pro +
- 100% uptime guarantee
- Prioritized email support
- Custom SSL Certificates
- CNAME Setup
- Custom WAF rules
- And many more customizable features
Everything in Business +
- 24/7/365 enterprise-grade phone, email, and chat support
- 100% uptime guarantee with 25x reimbursement SLA
- Enterprise-grade DDoS protection with network prioritization
- Much more...
Does page speed affect revenue? Yeah! It significantly does. Learn why Cloudflare is the most effective when it comes to boosting site speed and performance, according to testing from Cedexis (a respected company that evaluates CDN performance)
- Cloudflare is better than the nearest competitor over HTTPS for the 95% percentile.
- Cloudflare performs better than all competitors over HTTPS at both the 50% and 95% percentile
- Cloudflare is the fastest authoritative DNS provider: 32% faster than the second fastest competitor
- Cloudflare is the fastest public resolver, almost 37% faster globally than the second fastest public DNS resolver
Some might say that, on average, Cloudflare is not the fastest contender on the market and it may be true. But compare its feature set and global network to any other one and you’ll find it very hard to compete with. Hence, I can say with confidence that Cloudflare is one of the best giants of CDNs.
What Is My Undeniable, Unquestionable and Obviously Right Conclusion?
It’s nice you asked.
Cloudflare has a very long list of features to offer you, many of them for free and many which binds you to spend a lot more than a dime if you want to enjoy the full arsenal. Believe me, even the free set of features will amaze you.
Cloudflare is not the „fastest“ CDN provider out there, neither a slow one. Yet, if you compare its wide feature set and security solution, I will definitely give it my blessing and suggest this service. I’ll suggest it especially if you require global presence and reliable performance solution. Cloudflare is the right choice for you.
A mild spoiler alert: They have much more features coming, currently on BETA phase. Even Thanos can’t wipe out so much awesomeness. Stay tuned!
PS: Please hire me, Mark.