Cloudflare Review – Content Delivery Network

Last updated: by Janz Nordman

I wrote this review about Cloudflare for one reason. Commonly, website owners seek every day the very best CDN providers in order to get assured solutions for their business. Thus, keep in mind that yes, speed is very important. The faster users can connect, the more they trust your website as it seems more reliable.

What could be the solution to your speed and safety needs? Naturally, the answer is Cloudflare! You might have never heard about it before, so I’ll explain it in one line. Cloudflare is a content delivery network (CDN) and security solution provider helping multi-sized business to supercharge and secure their online applications. If you want to speed up your online business, then Cloudflare is one of your fastest options and one that comes with an extra security layer that protects all your web assets. Gain speed and safety against online threats. This is why millions of website owners love Cloudflare.

Do you know what the best thing about Cloudflare is? It’s free! Not everything of course, but there are many things you’ll get for no cost. Oh, and by the way, Cloudflare is TechRadar choice number one in 2019. It’s awesome! There are many great features available within several plans. I wrote this review about Cloudflare to guide you and help you understand what sort of beast I’m talking over here.

Content Delivery Network (CDN)

With 156 data centers placed in more than 74 countries all over the world in every continent, except Antarctica, Cloudflare has the ability to deliver content with speed and efficiency. Those numbers are growing and it is definitely one of the biggest CDN providers on the market.

Cloudflare CDN

Website Optimization

Nowadays, website optimization is one of the most discussed topics on the Internet. Visitors want to see fast response times and they want the same experience in every device they use. Fortunately, Cloudflare customers have multiple options to beat this problem and take their website performance to new heights. Therefore, choose between several features and you’ll enjoy the following benefits:

  • Rocket Loader – automatically bundles JavaScript files to minimize the number of network connections. Not an actual rocket loader, but still pretty cool.
  • Cache Header Optimization – control the cache header directives to reduce the need for new (and annoying) requests.
  • Easy On and Off – turn on/off user interface with just one click.
  • Nothing to Install – though it may require changes in the code deployed to origin the server, you can be up and running in five minutes. 7 if you are using Internet Explorer.
  • Automatic HTTPS Rewrites – eliminates mixed content issues by rewriting insecure URLs
  • TLS 1.3 – the latest Transportation Layer Security provides you with extra safety and you can be sure about it because it has “security” as its surname.
  • Automatic Content Caching – all the static resources will be cached and it allows you to define how long cache „lives“ before it expires
  • Accelerated Mobile Links – Cloudflare is using AMP technology to speed up mobile pages
  • Local Storage Caching – uses local storage to smartly cache the objects needed to best render your site
  • HTTP/2 – the next version of the HTTP protocol, the second-best Protocol since Mission Impossible: Ghost Protocol. It is based on Google’s SPDY project, which uses multiplexing to speed up your website.
  • Server Push – content will be pushed to the browser even before a request is made.
  • AutoMinify – saves 20% of static content file sizes (HTML, CSS, JavaScript).
  • Aggressive GZIP – reduces the size of resources.
  • Opportunistic Encryption – provides benefits to HTTP-only domains by applying encryption and web optimization features.

DNS

Cloudflare is currently one of the largest and fastest DNS network in the world by powering over 39% of managed DNS domains. DNS is available for every plan and setting it up takes only a couple of minutes. 5 minutes if you use Internet Explorer. It also lets you add some of the security and performance features for free.

Cloudflare DNS Speed

Argo and Railgun

Argo Smart Routing is a high-speed routing mechanism invented by Cloudflare specialists. It delivers web traffic through the fastest secure routes to improve the end-user experience. To avoid congestion and choose the most reliable links to provide increased uptime, the network condition will be monitored at all times.

This feature knows you need protection. Therefore, it also guards all traffic by using encryption. Bad news for the bad guys. Argo saves some money, too, as it minimizes content requests to the origin server, which in the end means reduced server load and less bandwidth. In short, I sum up the benefits of using Argo.

  • Congestion Avoidance – real-time routing decisions
  • Tiered Caching – content served from adjacent data centers
  • TCP Optimizations – persistent TCP connections

Railgun, on the other hand, is a web optimization technology that accelerates the delivery of non-cached websites. The basic service caches around 65% of the resources, but 35% of this content cannot be cached because either the resources are dynamically generated or marked as “do not cache”. Uncacheable web objects can be compressed up to 99.6%, allowing 200% additional performance increase. Not bad at all, Railgun!

If you have a rich quality content website and I’m sure you do, Argo and Railgun can help you provide the fastest user experience for your visitors. Here you can take a look at the Railgun supported packages provided by A2 Hosting.

A2 Hosting Railgun

Stream Bufferless

Cloudflare Stream™ is a video-on-demand streaming platform that includes storage, encoding, and a customizable player. Combine this with the fast, secure, and reliable global network of Cloudflare, and you will get a reliable and flexible bundle. Upload videos effortlessly, watch them on any device, lower storage, and streaming costs, and customize the player to fit your specific needs. As a result, you’ll enjoy more time and money where you need them.

Quick Note for this Cloudflare review, you are charged depending on how many minutes you watched instead of bandwidth. The same applies to the storage. You don’t have to worry about publishing high-quality videos. The only thing that matters is the length of the video.

Anycast Network and Spectrum

Anycast Network is a networking mechanism to transmit incoming requests through a variety of different data centers with the capacity to process the traffic with high efficiency. Its mechanisms tackle high traffic volume, network congestion, and DDoS attacks.

With Spectrum you’ll be able to safeguard all your TCP-based services exposed to the Internet and protect against Layer 3 and 4 DDoS attacks. Block dangerous IP addresses with IP Firewall and Spectrum can use the obtained data when somebody tries to reach your TCP services. Hence, there’s no need to worry about anyone snooping your sensitive data… but there’s still a darker side to this story. The only drawback here is that you can’t use Spectrum without an Enterprise plan. Still, when you have a high load website containing sensitive data, I strongly recommend you to go for more expensive plans to avoid someone stealing it.

DNSSEC

Aimed at strengthening trust in the Internet by adding a layer of security to the DNS lookup and exchange processes, Domain Name System Security Extension (DNSSEC) is one of the most complicated topics for sure. If you have no idea about what I just said, this basically means that it keeps away malicious activities like cache poisoning, pharming, man-in-the-middle attacks.

Properly enable DNSSEC for your domain name and visitors will always be able to connect to an authentic domain name. These attacks usually go unnoticed by websites’ visitors, increasing the risk of phishing, malware infections, and data leakage. Nobody wants that or there’ll be a lot more people with Yahoo mails. With Cloudflare you can be sure this scenario doesn’t happen.

Cloudflare DNSSEC

Web Application Firewall (WAF)

Cloudflare offers an enterprise-class level web application firewall, which hits over 5 million requests per second and continually spots and blocks new potential threats. Spots and Blocks would be a great name for a Youtube channel, by the way.

In this era of cyber-supervillains, all web applications must tackle threats like SQL injection, CrossSite Scripting (XSS) attack, Cross-Site Forgery Requests (CSRF), and many more. Cloudflare’s WAF stays ahead of these threats by automatically updating when any new security vulnerabilities are released. This is a major difference compared to on-premise firewalls that each day become more outdated.

In this Cloudflare review, I would like to point out that Cloudflare supports OWASP, too, one of the notorious security rulesets. Customers can add their own rules, yet it is still not enough to ensure secure traffic. That’s why Cloudflare often refreshes its own rules, actually 86% of all rules, through WAF updates to block the vast majority of online dangers.

Cloudflare states that their WAF rule sets result in latency of less than one millisecond. One millisecond!!! It is a very good performance result compared to the number of rule sets applied for security purposes – not bad, Cloudflare, not bad at all.

When you have web application software installed on your origin web server, you can even shield your website against application-specific threats. Cloudflare WAF supports a wide range of rule sets.

Cloudflare Application Specific Rule Sets

• Drupal
• WordPress
• Joomla
• Flash
• Magento
• PHP
• Plone
• WHMCS
• Atlassian Products

OWASP Top 10 Vulnerabilities

• Injection
• Broken Authentication and Session Management
• Sensitive Data Exposure
• XML External Entities (XXE)
• Broken Access Control
• Security Misconfiguration
• Cross-Site Scripting (XSS)
• Insecure Deserialization
• Using Components with Known Vulnerabilities
• Insufficient Logging & Monitoring
• Writer’s Block

Rate Limiting

Rate Limiting adds superb web traffic control to configure thresholds and define responses for any application endpoints. Use it to protect your infrastructure against any type of abusive behavior targeting the application layer.

Cloudflare only charges the legal requests that match your predefined rules; hence, when you experience unpredictable traffic spikes or attacks, the bandwidth cost is also reduced. Therefore, no attacker can take down your website.

Cloudflare Rate Limiting

Enjoy all these benefits using Rate Limiting feature.

Layer 7 DDoS Mitigation – distributed denial-of-service protection.
API Protection – set API usage limits.
Brute Force Protection – protect sensitive customer information.
Cost Savings – avoid unpredictable costs by only allowing good traffic through.

Orbit

Cloudflare has invented Orbit to solve security issues that chase and attack those interrelated computing devices.

Why do you need such thing at all? Do you really need protection for your smart microwave? Well, the problem relies in the standard PC security model, where patches are downloaded and installed, and it does not scale to 22 billion devices (and growing). Did you know that even your trousers can connect to the Internet? If not, you should get one of those.

Maybe sooner than later, we’ll face the security concern and find out that the current situation is not good at all. Security tends to be the last one of manufacturers’ concerns and even consumers don’t really care to update their IoT devices. I’m not sure though if this is indeed possible.

Cloudflare Orbit solves the IoT security problem in a very clever way. A secure connection is made between the IoT devices and its origin server, which holds malicious requests from reaching devices, leaking data, and making us cry. The following paragraph of this review is a list of Cloudflare Orbit features worthy of mention.

Secure & Authenticated Data Transfer – TLS will be used for the secure connection.
Shield – vulnerabilities will be blocked in real-time.
Earth Icon – fast and cost-effective firmware updates.
Improved Battery Life – data is compressed to reduce data transmission, resulting in lower power consumption.

Cloudflare Access and Workers

According to this review, Cloudflare enables you to add extra application access layer to your site’s infrastructure in any device you wish. You can even use existing service providers like Google™, G Suite™, Github™, Okta™, Facebook™, and more… to authenticate on the Cloudflare global network. Gain full visibility and transparency into new logins, access requests, policy changes, and many more characteristics crucial to maintain security.

Cloudflare Workers is a codename for a distributed serverless execution environment all over the world. Don’t worry, it’s not a bunch of Cloudflare users about to make a strike. This feature is tailor-made for you when you require to offer fast and extensible services wherever customers reside.

Workers KV, a global low latency, and scalable key-value storage technology is distributed to every data center too.

Load Balancing

Load Balancing automatically sends visitors to the closest origin service to reduce latency. For example, European users will be sent to London’s database and Australian customers to Sidney’s.

With Load Balancing, businesses will have it easier to secure revenue, reputation, and customer loyalty. Who wants to use or visit a website that seems slow, unstable, or simply doesn’t work? It makes any service appear poor. Consumers in the 21st century want to consume services 24/7 and they better be fast! Otherwise, they might lose us.

In my Cloudflare review I would like to mention two main features you’ll get with Load Balancing.

Local and Global Load Balancing – load balancing traffic across multiple servers or by routing traffic to the closest region.
Health Checks with Fast Failover – visitors will be rapidly routed away from failures, your site will always seem young, healthy and with all life ahead of it.

Details about the Plans

Based on the features listed above, I can say in my review without a doubt that Cloudflare offers one of the best performance and security bundles in the market. Most similar service providers need to hop on roller skates because they are still getting short to this.

Now, let’s head on to the pricing plans below

Cloudflare Plans

Free Includes

These Great Features

  • DDoS attack mitigation
  • Global Content Delivery Network
  • Support via email

Pro Includes

Everything in Free +

  • Enhanced security with Web Application Firewall (WAF)
  • Lossless Image Optimization
  • Automatic Mobile Optimization
  • More control with advanced features

Business Includes

Everything in Pro +

  • 24x7x365 chat support
  • 100% uptime SLA
  • CNAME set-up compatability
  • Use your own SSL certificate
  • Many more customizable features

Enterprise Includes

Everything in Business +

  • 24x7x365 phone support
  • Dedicated solutions engineer support
  • Role-based Access Control
  • 25x reimbursement uptime SLA
  • Custom pricing on additional features

Many features are not enlisted on this pricing chart and can be checked out on Cloudflare Pricing Webpage.

Performance

Does page speed affect revenue? Yeah! It significantly does. Learn from this review why Cloudflare is the most effective when it comes to boosting site speed and performance, according to testing from Cedexis (a respected company that evaluates CDN performance).

  • Cloudflare is better than the nearest competitor over HTTPS for the 95% percentile.
  • Cloudflare performs better than all competitors over HTTPS at both the 50% and 95% percentile
  • Cloudflare is the fastest authoritative DNS provider: 32% faster than the second-fastest competitor
  • Cloudflare is the fastest public resolver, almost 37% faster globally than the second-fastest public DNS resolver
Authoritative DNS Performance Comparison (DNSPerf)
Authoritative DNS Performance Comparison (DNSPerf)

Some might say that, on average, Cloudflare is not the fastest contender on the market and it may be true. But compare its feature set and global network to any other one and you’ll find it very hard to compete with. Hence, I can say in this review with great confidence that Cloudflare is one of the best giants of CDNs.

What Is My Undeniable, Unquestionable, and Obviously Right Conclusion?

Cloudflare has a very long list of features to offer you, many of them for free and many which binds you to spend a lot more than a dime if you want to enjoy the full arsenal. Believe me, even the free set of features will amaze you.

Cloudflare is not the „fastest“ CDN provider out there, neither a slow one. Yet, if you compare its wide feature set and security solution, I will definitely give it my blessing and suggest this service here in my review about Cloudflare. I’ll suggest it especially if you require a global presence and a reliable performance solution. Cloudflare is the right choice for you.

A mild spoiler alert! They have many more features coming, currently on the BETA phase. Even Thanos can’t wipe out so much awesomeness. Stay tuned!

FAQ

How does Cloudflare work?

Cloudflare protects and accelerates any website online. Once your website is a part of the Cloudflare ecosystem, all the web traffic is routed through their intelligent global network. It automatically optimizes the delivery of your web pages so your visitors get the fastest page load times and best performance. It also block threats and limit abusive bots and crawlers from wasting your web hosting bandwidth and server resources.

Leave Comment

Your email address will not be published. Required fields are marked *