A few words about CloudFlare

Security Mar 06, 2018

Did you hear about CloudFlare?
OK so, maybe you're thinking in start a website/blog and want some CDN. So, I can point you to use [CloudFlare]. So let's scratch the surface about it.

What is CloudFlare?

CloudFlare is a company that aim "to help build a better Internet". They provide Content Delivery Network (CDN), SSL / TLS, DDoS protection, Load Balancing, Analytics, and a few more stuff. Check out their website.
One of the cool thing about CloudFlare is that they provide a lot of services for free!
You can learn more about the services provided on their website.

Is it easy to use CloudFlare?

Indeed, it is amazingly easy to create the account, setup and configure.

You don't need any hardware, put something in your code, install some software in your server/host, none of this.
The only thing you do (after the account creation) is setup CloudFlare name servers as the authoritative for your domain. Pretty simple.

  • First, you scan your domain from CloudFlare,
  • then CloudFlare will authorize your domain to use their name servers,
  • finally you configure the name servers on your domain registrar (e.g., GoDaddy, Namecheap, Register, etc.).

That's all!

CloudFlare services are really good IMHO and you can start protecting your site and caching the content with just a few clicks after that.

Some more benefits:

  • Protect your website against malicious visitors (or bots) and spam
  • Save bandwidth
  • Reduce average page load times
  • Despite having pro plans you get most of the benefits for free
  • If you change your host, you don’t have to wait for DNS propagation
  • 122 data centers around the world and growing (by the time of this writing)
  • And the list goes on

After one week using their services, I started to use it for all my domains [1].

How it works?

It acts like a distributed reverse proxy.
Think like no direct connection between the end user and your server/hosting. All requests pass through CloudFlare.

CloudFlare "caches" the static content of your site securely while providing fast load time to visitors. This is done by a network technology called Anycast that routes initial DNS lookups for your domain to the [CloudFlare's] data center nearest the visitor.
This greatly increases the loading speed of your website (for the end-user).
Putting it simple, they "cache" your website on their servers around the world and whenever someone visits your website, the closest server serves the content.

The security of your server increases because, basically, no one can access your server directly. So most of the attacks are blocked by CloudFlare without hitting your server.
Isn't it good?

Closing thoughts

This was just for you to have an idea on one of the things Cloudflare does, I'm not a security guy and I'm still learning about CloudFlare (ok, I'm not, but I highly recommend using it in your website and try it on. If you don't like it, you can pull your website away from them whenever you want).

For Cloud Services, I have to research a bit, but it is probably a good choice in some cases. Let me know what you're using.

One last thing to say is that I do not work for them and there are no affiliate links in this post. I hope you enjoy speeding up your website while upgrading the security levels.

Let us know if there are thing missing or other vendos like Cloudflare that we all should be aware of.

Cheers.


  1. Except for one website that already had SSL and Caching. ↩︎

Lincoln Pires

Hey there, I'm Lincoln. Things I like to do include: code, to rock 'n' roll all nite, trail running, table-top RPG, good beer, video-games, some Sci-fi, and a lot of other stuff.