Three things are crucial when you’re hosting a business online:
Cloudflare can help with all three. But what exactly is Cloudflare and how can a CDN help speed, security, and scalability?
At the core, Cloudflare is a Content Delivery Network (CDN) composed of hundreds of data centers located in more than 100 countries. Founded by Matthew Prince in 2009, Cloudflare has grown to handle five to ten percent of the global internet traffic, making Cloudflare one of the largest CDNs in the world.
A CDN like Cloudflare makes use of a process called caching. A cache is a place where frequently-viewed data is stored to make it faster to retrieve.
Think about checking the time – if someone asks you what time it is, it will take some effort to pull your phone out of your pocket and check. However, if someone else asks you about it a few seconds later, you can just say the time you remember seeing. In that case, the time you remember is the cache. Of course, after time passes this cache will not be accurate anymore, so it’s important to refresh it as needed.
Cloudflare will check on your website (also known as the origin) every so often to keep its cache up-to-date. The Cloudflare CDN will then serve that cache to any visitors requesting your website. The main benefit of using Cloudflare is that visitors around the world will be downloading your website from a location that’s physically closer to them, giving them faster loading times. However, it also means that since some of the requests are handled completely by the CDN, your server will experience a lower load, and more visitors will be able to look at your website at the same time.
Another capability that content delivery networks offer is filtering incoming traffic. This acts as another layer of protection to outside threats, along with your firewall and other security measures you may have implemented. Cloudflare is known for implementing some of the most powerful filtering techniques on their network, which your site can take advantage of.
Cloudflare is not only a CDN – they also operate the world’s highest-performance Domain Name System (DNS) network.
The DNS system is what translates your domain name into an IP address that a computer can understand and use to talk to a server. Your domain registrar first specifies an Authoritative Name Server (usually called nameserver), which stores all the relevant DNS records.
The DNS resolution process happens before a connection can be established, so it’s another important factor on the loading speed of your website.
In the default configuration, Cloudflare is set up as your domain’s nameserver, so your visitors will enjoy the quick DNS resolution provided by the Cloudflare network.
Cloudflare has a free plan that lets you try many of their benefits without an upfront commitment. The only change you need to get started with is to change your nameservers to point to Cloudflare, which allows them to provide you with their fast DNS resolution and to proxy your web traffic through their network. Even in the free tier, Cloudflare gives you valuable improvements to both performance and security.
Here are four key benefits of using Cloudflare:
Since all traffic to your website first passes through the Cloudflare network, malicious traffic such as DDoS attacks, comment spam, or content scraping can be detected and filtered or rerouted without ever reaching your server in the first place.
Malicious agents are detected using a variety of identifiers, including previous known malicious IP addresses, the type of requests made, any malicious payloads that may be included in the request, or even the timing and frequency of their connections. This is weighed against the security level you’ve set up on your site to determine whether a visitor is let through, if additional verification on the visitor’s browser is required, or if the visit is blocked entirely.
Since your website’s data is cached across the Cloudflare network, site visitors will load your site from their nearest Cloudflare data center which will reduce latency, instead of having to load it directly from your server.
Another benefit of caching is that your server won’t need to handle all of its web traffic. Instead, it provides the Cloudflare network with an up-to-date copy of the site as needed, which is in turn served to your visitors.
Setting up an SSL (Secure Sockets Layer) can be trivial, or can be quite a bit of work; depending on your webserver and your domain setup. Cloudflare automatically provides you with an SSL certificate on any proxied domain, so your visitors can enjoy a secure connection even if SSL is not set up at your server. You can also set up a flexible SSL setup, so a self-signed certificate can still secure your website in addition to the one Cloudflare provides.
The “Under attack mode” is actually one of five security levels that you can set on your site, with the other four being off, low, medium and high. This granularity is useful to mitigate any problems your site may have with bot traffic, even if it doesn’t get to the point of a DDoS attack. You can also set custom security levels for individual pages using Page Rules.
Changing your nameservers may not be ideal if you already have a custom DNS setup, such as for an external mail exchanger. If you are using a custom DNS setup, you can use the Business or Enterprise plans to set up your custom nameservers while still taking advantage of the Cloudflare CDN. Besides custom nameservers, there are other specialized features provided by the Business and Enterprise plans, such as additional page-by-page rules and custom SSL certificates.
You can learn more about them on the Cloudflare Plans page.
Content delivery networks such as Cloudflare are not a magic wand, and being aware of their limitations can help you make more effective use of them.
Here are two cases when you may not want to have Cloudflare enabled:
One of the main features of Cloudflare is caching your website data to allow faster loading. This, in turn, means that changes you make to your site may not show up immediately. Thankfully, Cloudflare has the option to disable cache for any domain when needed. Keep in mind that this will affect all visitors to your site. One option to get around this without having to disable cache completely is to use your DNS hosts file to access your server’s IP directly, instead of going through the Cloudflare network.
Just like before, the cache can work against you if your website’s data changes continuously, and you’d like to avoid having your visitors see stale data. Instead of having to disable Cloudflare for your entire site, you can use cache-control directives to tell Cloudflare how long to keep your site’s resources.
Setting up a Cloudflare account is free and easy to do. The only requirement to add a domain to that account is to be able to change the name servers that are set up at your domain registrar. This ensures that anyone going through your site passes through the Cloudflare network instead of going to the server directly.
We have partnered with Cloudflare to provide several of their products to our clients. If your domain is registered with Liquid Web, then we can take care of the nameserver change for you. Regardless of whether the domain is registered with us or not, we can help you get Cloudflare set up on your account and point you in the right direction to finish the process.