Basically, they level the playing field for small websites. A small website no longer has to pay large sums of money to get the security and reach that giant, corporate websites get. And somehow, Cloudflare manages to do it all for free.
I immediately put my wife’s site, www.branderphoto.com, onto the service. It took only a few minutes to setup, and as long as you have access to your domain’s nameservers, it shouldn’t take longer than that. Within an hour, Cloudflare was protecting our site. It was cool to view the source on the page and see how their email protection hid email addresses.
I was very happy to see the threat panel. Over the last 30 days, Cloudflare intercepted 759 threat visits from 52 unique sources. I can view each threat from my dashboard. I see their IP address, what kind of threat it is, how dangerous the threat was, the country the threat came from, and what happened to it. Cloudflare maintains a list of IP addresses that are running bots and when a visitor from one of those IPs shows up, they are presented with a Captcha challenge. If the user can pass the captcha, they can gain access to the site. If it was a real person, the can leave a message as well. This helps you make sure that real people are getting to the site.
As of right now, all of the threats were real and I have not had an issue with actual users being blocked.
As an owner of a website, it’s a no brainer to run my site through Cloudflare.
I wear another hat, though. I am also the Vice President of Technology at Mindscape. Over the last few months, our bandwidth usage has gone through the roof. We have taken a number of different measures to try and curtail the rising bandwidth costs, but nothing has really taken hold.
Not long after I started using Cloudflare for branderphoto.com, I decided to start sending our images and files from our webTRAIN platform through Cloudflare. Each website on our platform serves its assets from one of four specific subdomains. So, I could essentially serve 90% of webTRAIN images by protecting those 4 subdomains with Cloudflare.
There were two things I needed to do. First, I needed to upgrade to the pro plan. It’s $20 a month for the first website, $5 for each additional pro site in your account. I needed it in order to serve a secure version of the files into the admin of our platform. I received the additional bonus of 15 minute increments on my stats, instead of 24 hours like the free sites have.
Secondly, I needed to do something about video. Cloudflare protection and video served from the protected domain don’t mix well. Embedding a YouTube video is fine, and so is serving your video from an unprotected subdomain. So, while I tested the file serving idea on a small portion of our sites, our team got to work on making sure all video passed through a “video only” subdomain.
The small subset of files went great. We were saving a GB or two of bandwidth a day.
Well, on Sunday, I deployed our teams video solution and flipped the switch on our busiest file serving subdomain. Check this out:
That’s one day of serving our files through Cloudflare across the busiest section of webTRAIN. We had averaged about 60 GB a day in bandwidth on the four previous Mondays. That single subdomain, serving files, was responsible for 25% of that bandwidth!
And check out the request numbers. 81% of the requests were served by Cloudflare and not by our server. That’s a HUGE number and big load off of our own machines!
We’ve been using Cloudflare for a month now, and have slowly put more reliance in it. Turning on our main fileserver to Cloudflare was a big step for us, and 24 hours in, it looks like the right solution for us.