Cloudflare seems like a panacea, but does it have its’ pros and cons? It makes your website super fast, safe via HTTPS without an SSL certificate! And also keeps spammers and hackers out. What are the pros and cons?
Let’s find out!
Cloudflare significantly speeds up your website’s loading, ensures a (secure) HTTPS connection without having to purchase an SSL certificate, and keeps hackers and spammers away from your website. Sounds good, right? We thought so too. We have been using Cloudflare for some time now. This article will explain how it works, the pros and cons, and how to switch smoothly to Cloudflare.
How does it work?
Cloudflare does not operate at the website or web server level but is located between the visitor and your website. When a visitor goes to your website, your DNS server usually points the visitor to your web server. A DNS server is, as it were, a switching station that links domain names and servers together. If you want to use Cloudflare, replace your DNS server with that of Cloudflare.
Cloudflare naturally sends the visitor to your web server, but not before it can perform its “magic.”
Pros and Cons of Cloudflare
|1. Free Tier Available: Offers a free tier with a good set of features, making it accessible to small businesses.||1. Limited Free Tier: Advanced security features, faster speeds, and other premium services are not included in the free tier.|
|2. DDoS Protection: Excellent DDoS protection even on the free plan.||2. Customer Support: Free users report less responsive customer support compared to premium customers.|
|3. Global CDN: Cloudflare’s Content Delivery Network (CDN) is global, ensuring faster load times.||3. Limited Control: There are limitations on configuration options in comparison to some other providers.|
|4. Ease of Use: The user interface is intuitive and easy to navigate.||4. Incompatibilities: Some users report occasional incompatibilities with certain web hosting services.|
|5. Always Online Feature: Even when your site goes down, Cloudflare displays a cached version to users.||5. Cache Control: Some users report issues with cache control, such as difficulties clearing the cache.|
|6. Security Features: Cloudflare offers robust security options, like a Web Application Firewall, on premium plans.|
Free vs Paid CloudFlare Comparison Plan
Here’s a basic comparison table between the Free and Pro (paid) plans for Cloudflare:
|Features||Free Plan||Pro Plan ($20/month)|
|Unmetered Mitigation of DDoS:||Yes||Yes|
|Shared SSL Certificate:||Yes||Yes|
|I’m Under Attack™ mode:||Yes||Yes|
|Access to account Audit Logs:||No||Yes|
|Web Application Firewall (WAF) with Cloudflare Rulesets:||No||Yes|
|Image Optimizations with Polish™:||No||Yes|
|Mobile Optimization with Mirage™:||No||Yes|
|20 Page Rules Included:||No||Yes|
|Customer Support:||Email support with less priority||Email support with priority|
The Benefits of Using Cloudflare
Cloudflare is constantly expanding and offers a lot of features and extensions. More options and integrations are added every day. That is, of course, nice, but in our opinion, these are the most important advantages:
It makes your website super fast.
An important advantage of Cloudflare is the caching and compression techniques that are used. Before the visitor goes to your website, they will first see the cache of the requested page located at Cloudflare. This page will, of course, load much faster than your own website and is also compressed.
In addition to caching and compression, your website’s images are loaded and compressed on the Cloudflare network. These images are offered to the visitor via a so-called CDN (content delivery network).
A CDN is a network that offers content, and that is spread all over the world. Someone who views the website in Hong Kong loads the pictures from Asia, and someone here in the Netherlands loads them from Europe.
Cloudflare offers many advantages for the real speed optimization freaks, and you immediately score more points with Google. Literally, because you get a better score on Google’s Pagespeed Insights. Would you like to know more about this?
Another handy feature of Cloudflare is the flexible SSL function. Because Cloudflare operates before the web server, it can create a secure connection between the visitor and Cloudflare. Without having to purchase an SSL certificate. This makes your website work via the HTTPS protocol, which is safer for visitors who leave data behind. Think of a contact form or a login.
Recently, the use of HTTPS has become extra popular because Google values secure websites and places them higher in search results.
Cloudflare’s bonus is that it can also look for unwanted visitors and deny them access to your website. For example, Cloudflare compares your visitors’ IP numbers with a list of IP numbers of known hackers and spammers.
Cloudflare has even more security measures. For example, you can set whether you use one of the well-known open-source CMSs, such as WordPress, Drupal, or Joomla.
Cloudflare prevents hackers who access specific URLs from this CMS from entering.
Cloudflare can immediately block all these unwanted visitors, but you can also set them to see a captcha first.
What are the drawbacks?
We and a number of our clients have been using Cloudflare for a while now, and we have encountered a few problems. The drawbacks we have encountered are:
Another extra cache layer
One point may be that in addition to your CMS’s cache, an extra cache layer is created, namely that of Cloudflare. Especially if you make any adjustments to your website, emptying two cache systems can become annoying.
As a content manager, you will not have to do this often. Still, as a developer, we often make adjustments to the PHP or CSS code of a website. It is wise to clear the cache of the Cloudflare cache in addition to the cache of your website.
Where is your data located?
Modern companies probably have less trouble with the ‘cloud.’ But the questions about privacy and data that you can ask about the ‘cloud’ and Cloudflare are well-founded. After all, where is that content that is being cached? What happens to the IP data of the visitors to your website?
You have no insight into that, and just like with so many other cloud services, you simply have to trust that your data will not be out on the street.
Payment methods are limited.
Cloudflare is limited in payment (if you choose an account with more options) to pay by credit card. This can be a problem for some organizations.
Depending on Cloudflare
Furthermore, there are more Cloudflare cons… if Cloudflare goes down, which we have not yet experienced, your website will be inaccessible. The same goes for the DNS server you are using now, and in that sense, there is little difference. But it is still something to consider. In 2013, things went badly at Cloudflare, and 800,000 websites were down for two hours.
Since this downtime, we no longer see any reports of problems at Cloudflare.
Cloudflare DNS disadvantages
Cloudflare provides three primary services (all of which are free and based on their basic DNS service):
DNS administration enables faster DNS resolution for your domains. Easier DNS maintenance thanks to a clear user interface and the possibility to ask others to manage your DNS records.
Performance (their “CDN”) – can cache static site assets (such as images, CSS, JS, fonts, and so on) and serve them from proxy servers closer to visitors, apply intelligent page rules at the DNS level (imagine a faster/more-powerful but also a less-technical version of htaccess redirects), optimize site assets (compress, minify, and so on), and even do full page caching.
Security – a smart firewall that prevents bots and hackers from attacking your websites. Additionally, SSL administration and other security setup options are available.
To summarize, their primary service is the DNS service. Then, if you enable their proxy, you’ll enjoy proxy features like PERFORMANCE & SECURITY.
Cloudflare also provides three main PREMIUM services (all of which are based on their core DNS service):
Premium DNS (performance) — Argo routing, which is claimed to assist users get to your site faster (because of faster DNS lookups). This difference, I believe, is slight or undetectable (if at all) for the majority of people.
Premium CDN features (performance) – extra choices for increasing site speed. Railgun, for example. More control over the speed. More clever rewriting page rules. Most people do not require it.
Premium firewall features (security) – for a higher price, you get greater security, such as protection against DDOS layer 7 attacks. Most people do not require this level of security.
Frequently Asked Questions About Cloudflare Services:
- So the FREE plan is all I need? Is it not worthwhile to pay more?
- Exactly, the FREE Cloudflare plan is sufficient. You can pay extra, but you won’t notice much of a difference. I’m a speed freak like everyone else, yet I don’t utilize Cloudflare’s paid plans.
- How can Cloudflare aid in the acceleration of websites and servers?
It speeds up websites by loading static elements more quickly. (This results in faster page load times for users.)
It keeps malicious traffic (such as bots and hackers) from reaching your server. (Reducing server load and preventing you from reaching resource restrictions on slower/limited servers.)
Cloudflare can make DDOS assaults more difficult to launch against your server.
What is the point of Cloudflare if you already have fast webhosting?
Cloudflare’s DNS administration tools are fantastic and extremely useful for resolving DNS issues or just transferring sites to different servers with no downtime. Essentially, it’s not just very simple DNS management, but also incredibly quick DNS propagation; Cloudflare propagates new DNS within itself in minutes, when without it could take you several hours. It comes in useful when you need to redirect your domain to a new server IP without having to wait hours for propagation; typical use cases include migration or downtime mitigation.
Then, if you ever need to use Cloudflare’s CDN for performance or security features, you can do so with a single click.
There’s also the advantage of allowing other users to manage your DNS without exposing sensitive registration or webhosting information.
Is there a notable speed improvement using Cloudflare?
Cloudflare’s performance proxy is faster in some areas and slower in others. Using Cloudflare DNS-only rather than its “CDN” features will result in faster DNS times than enabling their CDN. (NOTE: You can enable/disable their performance features by changing the DNS settings to ORANGE or GREY cloud.)
No matter what, I strongly recommend using Cloudflare for DNS management (easier DNS management, and faster DNS lookup). However, whether or not to activate their “CDN/SECURITY proxy” is entirely dependent on their advantage to you.
- If using their CDN adds 100ms to DNS lookup time but only reduces asset load time by 50ms, the obvious answer is to avoid it.
- The more local traffic you have (visitors that are near your web server), the faster your site will load without Cloudflare’s CDN features. The features of Cloudflare CDN are more helpful with distant visitors.
- The security features of Cloudflare may potentially have an impact on performance. For example, if your site is frequently besieged by bots and spammers, using Cloudflare’s CDN (and consequently security features) can actually reduce server stress.
- Even if you don’t have enough traffic to keep Cloudflare’s cache warm, your users will experience slower performance because their requests will now have to pass via an additional proxy.
Will using Cloudflare allow your server to handle additional visitors and traffic?
Cloudflare can assist reduce server stress and allow you to manage more traffic, but not necessarily as much as you may assume.
Sites with millions of visitors may have a 50% server savings, but sites with only 10,000 visitors may see a 10% server savings.
Some assets are also more easily served by Cloudflare than others.
Tips for a smooth transition
We also use Cloudflare ourselves, and these are some of the things we learned ourselves during the transition.
- Cloudflare works at the DNS level. You must therefore change the nameservers of your domain. The main consequence is that all your DNS records will be managed at Cloudflare from that moment on. Map well in advance which DNS records you have and to which IP numbers they refer. newsletter.yourdomain.nl, ftp.yourdomainname.nl, etc.
- Suppose you want to take maximum advantage of Cloudflare’s minify techniques. In that case, your HTML code must contain as few errors as possible. An error causes the compression process to stop. You can check how many errors your HTML code contains by validating it at https://validator.w3.org/.
- If you are struggling to redirect your traffic, Cloudflare’s Page Rules functionality can help. You can use this to redirect all your traffic to the secure URL of your website.
Do you have questions or comments about Cloudflare? Then I’d be happy to see or answer those below in the comment section.
Cloudflare Advantages and disadvantages – summery
- Cloudflare has a strong infrastructure as well as a competent and responsive team.
- One of my favorite options is Cloudflare DDoS protection, which works in tandem with other cloud web application firewalls and bot management services to safeguard my resources from various forms of cyber security attacks.
- Cloudflare is the greatest reverse proxy service for protecting any application against DDoS attacks, including SSH, VoIP, FTP, gaming, and all other TCP/UDP-based apps.
- The majority of DDoS attacks are discovered and mitigated in less than 3 seconds by combining Cloudflare’s centralized and decentralized mitigation technologies.
- Its paid plans, particularly the business plan, are exorbitantly priced, although it offers a free package with restricted features that is unsuitable for large organizations.
- Cloudflare provides so many services, including as video streaming and picture scaling, that new customers may be confused about why they need them and how to utilize them.
Of course there are benefits of cloudflare dns if you are running a website where loading speed is crucial. Hopefully this post answered some of your most desired questions.