CloudFlare: Security, DDOS protection, CDN, DNS and Speed

By Jonathan Griffin. Editor, SEO Consultant, & Developer.

· 9 min read

CloudFlare offers many benefits, including increased security (their pro plan even offers a web application firewall), DDOS protection, CDN, DNS, and performance optimization.

Essentially, once your website is setup with CloudFlare all the traffic is routed through their global network.  They will optimize the delivery of your website to increase page load times and performance as well as block security threats, bots and crawlers that can waste your bandwidth and resources.

CloudFlare can be used by anyone, and they have a comprehensive free plan that can be setup in around 5 minutes.  In fact, some hosts (SiteGround or Eleven2 for instance) have a one click button install directly from the cPanel.

CloudFlare is a Content Delivery Network (CDN)

CloudFlare operates out of a total of 23 data centers spread out around the world. Their CDN automatically caches all your static files at their “edge nodes” so that they are stored closer to the end user.  Any content that is dynamically generated from your database is delivered direct from your web server. CloudFlare uses a technology called “Anycast” to route your visitors to the closest server. You can see a map of all the different data centers below:

CloudFlare data centers.
CloudFlare data centers. CREDIT: SCREENSHOT.

CloudFlare claims that websites on average load twice as fast for your visitors, regardless of where they are located.  Of course, this would vary depending on whether you already have caching installed on your website and the speed of your web servers.

CloudFlare cdn.

Some features of CloudFlares’ CDN are as follows:

  • No configuration necessary -  CloudFlare automatically determines which files to cache based on your traffic and content.
  • Works with static and dynamic content - Automatically determines which resources on your website are static, and which are dynamic and delivers static files via their network.
  • Page Rules - You can fine tune how CloudFlare treats each page of your website.
  • Always Online™ - If your server goes offline, CloudFlare can serve a cached image of your most popular pages to your visitors.
  • Protect against traffic surges - If you get a spike in traffic, CloudFlare will absorb the load saving up to 65 percent of your server resources, and up to 60 percent of your bandwidth.  This can easily prevent your website going offline, and being forced onto a more expensive hosting plan.
  • Automatic IPv6 - Fully compatible with the new IPv6 Networks.
  • Rock-solid reliability - If there is ever a problem with one of the servers on the CloudFlare network traffic is simply rerouted to one of the other servers seamlessly.
  • Works with other CDNs - If you’re already using a CDN you have the choice of routing CDN traffic through CloudFlare or bypassing CloudFlare altogether for your CDN traffic.

Web Content Optimization

What CloudFlare does for web performance is not just about moving static files closer to visitors, it is also about ensuring that every page renders as fast and efficiently as possible from whatever device a visitor is surfing from. CloudFlare users can choose any combination of these web content optimization features that take performance to the next level.

  • Rocket Loader - Automatically optimizes your pages to minimize the number of network connections and ensure even third party resources won’t slow down page rendering.
  • Reduced connections - Combines multiple JavaScript files into a single request to avoid the overhead of multiple network requests.
  • Easy on and off - Each of the many CloudFlare Optimizer services is easy to turn on or off. Want to try one of the services? It is one click to turn on. Want to turn one of them off? It is one-click simple.
  • AutoMinify - On-the-fly removal of unnecessary characters from HTML, CSS, and JavaScript. Saves 20 percent of a file’s size and works without caching so it can support even fully dynamic pages.
  • Nothing to install - CloudFlare Optimizer is available without any hardware, software or code changes. With a simple change to DNS, you can be up and be running in five minutes.
  • Local storage caching - Uses local storage on modern browsers and mobile devices to intelligently cache the objects needed to render your website best.
  • Cache header optimization - Automatically adjusts the cache header instructions so browsers will correctly cache the resources of a website to minimize the need for new requests.
  • Asynchronous resource loading - Optimizes your HTML, so it renders as quickly as possible and without needing to wait for slow scripts like widgets or advertising. Your Web pages will feel much snappier.
  • JavaScript bundling - Combines multiple JavaScript files into a single request to avoid the overhead of multiple network requests.
  • Browser optimization - Every browser works a bit differently, whether it is Internet Explorer on a PC or Safari on an iPhone. Browser optimization automatically adjusts the way content is delivered based on the particular device accessing the website to maximize speed without affecting the site’s look or features.
  • Aggressive GRIP - Making a website half as big is as good as making the network twice as fast. Hardware optimized lossless compression reduces the size of all your resources and delivers them compressed even through lazy firewalls that incorrectly claim browsers don’t support GRIP.

CloudFlare Security

One of CloudFlares’ main strengths are the **security features **that form part of the service. CloudFlare can protect your website from a whole range of threats, ranging from comment spam, excessive bot crawling to some of the most serious problems such as SQL attacks or DOS (Denial of Service) attacks. What’s more, you can set your security levels to fine tune how your website reacts to each of these threats. Some of the cool features are as follows:

  • Automatic learning of new attacks - CloudFlare’s technology automatically detects new attacks that arise against any website on its network. Once CloudFlare identifies that there is a new attack, CloudFlare starts to block the attack for both the particular website and the entire community. This also means the longer you are on CloudFlare, the better the protection becomes.
  • Ridiculously easy security - Forget the confusing control panels of most security products. With CloudFlare, just choose the security setting for your website. You can make a choice between I’m under attack!, High, Medium, Low and Essentially off. Provide the full armor defense, or stop only the worst threats. Behind the scenes, our systems learn about your website and automatically tune protection to your particular needs.
  • Threat reports and details - CloudFlare shows you the list of threats that have been stopped from reaching your website. You can sort and see threats by type, country origin, and severity. CloudFlare protects against a range of threats: Cross website scripting, SQL injection, comment spam, excessive bot crawling, email harvesters, and more.
  • Browser integrity - Automatically performs a browser integrity check for all requests to your website by evaluating the HTTP headers for threat signatures. If a threat signature is found, the request will be denied.
  • Visitor reputation - CloudFlare uses threat data from a variety of sources to build a reputation for every visitor online. You set the desired security setting for your website and then CloudFlare’s network stops the threats before it reaches your website. Reputation-based security provides the first line of defense for your website.
  • Block list / trust list - In addition to CloudFlare’s automatic detection, you can easily add an IP address, IP ranges or entire countries to your Trust and Block list.
  • Saved bandwidth and server resources - By stopping threats before they get to your website you save bandwidth and resources. Your server is also freed up to serve your legitimate traffic optimally.
  • Protect SSH / Telnet / FTP ports - Add a layer of protection to ports like SSH, FTP, and Telnet by disabling them for your root domain. Continue to access them from a subdomain of your choosing.
  • Collaborative security - CloudFlare uses the collective intelligence of its community to get smarter. CloudFlare’s network learns from every new attack and then shares that information with the rest of the CloudFlare community. What this means is that since CloudFlare continually learns, every website, regardless of size, makes the system smarter.
  • Breaking the cycle of malware - Websites are empowered to inform visitors with compromised computers so these visitors can take action to clean the malware infection.

CloudFlare Analytics

CloudFlare analytics is arguably the most accurate statistics you can get. Unlike Google Analytics, which relies on JavaScript loading on your website, CloudFlare monitors all traffic going through its network. You can, therefore, monitor threats, search engine crawlers which can make up to 20 percent-50 percent of your traffic.

Despite how good this is, we don’t use it much often. While Google Analytics does not show all traffic, it does show you what you need to know and presents the information with lots of other information, such as traffic sources, etc. Don’t get us wrong; this is a neat feature to have, but for the average webmaster its usefulness will be limited.

CloudFlare Apps

There are some useful apps here such as Google Analytics, Pingdom monitoring as well as other services that can help improve the look and feel of your website, or enhance your business.  With CloudFlare Apps, these can be installed with a single click, without the need to make any code changes to your website. CloudFlare can do it all as it goes through its network.

Apps work with any content management system (CMS) or software application that speaks HTML. In fact, apps are particularly useful to those websites which have multiple applications running for different website functionality. With CloudFlare, you make changes in one place to cover your main website, your blog, support forums, microsite, wiki, or any other service.

Final Thoughts

We use CloudFlare on many of our websites.  Its main strength is reducing server resource usage, increasing website speed and improving your website security. Whenever we speak to people who say their host is saying they need to upgrade to a VPS because they are using too many resources, our first reaction is to install a caching plugin and install CloudFlare referring them to this " What is CloudFlare " article.

There are many hosts that have CloudFlare fully integrated with their web hosting, such as SiteGround, A Small Orange or Eleven2. While in the majority of websites CloudFlare is trouble free, we have had the odd problem with websites going offline, or the website not performing properly (although to be fair this was a complicated parallax one-page website). 99 percent of the time though CloudFlare works like a charm, and if you were to ask us if we recommend it, our response would be an overwhelming YES.

To see the benefits of CloudFlare we highly recommend you check out our W3 Total Cache + CloudFlare Tutorial. It seriously improves the speed of your website.