CloudFlare looks cool but the sit does a lousy job explaining the service. I even watched the video. I'm actually more confused than when I started...I thought it as a cloud layer like Heroku, but you keep your current host, and don't install anything. How does this work, is it DNS? Why is it so cheap?
It acts as a proxy for your website, and anyone it doesn't like gets a page of junk from them instead of your site. It's gotten me multiple times that I can only assume is because I'm in Nicaragua. The first few times I thought it was some weird wordpress plugin, it was only when a friend on MSN implemented it that I realized what it was.
I have the same problem ... I don't know if it works like a reseller hosting account or more like a shared hosting account ... have no idea how much control I have over the website or if I have ssh access ... and I really don't want to sign up to find out ...
Works via DNS. Takes about 5 minutes to sign up. Tens of thousands of sites using the service. Currently powering than 2,000 page views per second for more than 100 million unique visitors per month.
Definitely make this the front page, made things a lot clearer. It could still use work, though: it still feels a bit vague on how much its oriented toward caching (which I really need to know as it could potentially require changes in a web app) and security (because I'm really confused as to why someone would want to depend on the caching proxy layer for XSS protection).
Also, this line really put me off:
> We have designed the system to scale with our goal in mind: helping power and protect the entire Internet.
I don't think anyone wants one entity having the ability to re-route a significant proportion of http traffic!
I disagree, it took a follow-up question to get the real answer to what it is. (A caching reverse proxy.)
I undertand that you'd never ever say the words 'caching reverse proxy' to normal people, but if someone on HN asks 'what is this doing' you can probably feel safe to use the technical terms.
Good ad copy, if you're aiming at geeks and only geeks, doesn't spare the jargon.
Does it serve cache hits via a CDN, or do you provide all the bandwidth?
I hadn't thought of this before reading this thread, but a great service would be something like Varnish that's backed by some CDN instead of a big block of memory. That way, we can get great performance out of sites that are low on memory and bandwidth, like your low-end Linode or Slicehost.
That's a good description: Varnish + CDN (+ security). CloudFlare ends up making sites twice as fast and saving sites about 65% of their bandwidth. We run our own CDN with nodes scattered around the world.
This all sounds a little mysterious to me. Their FAQ promises a lot of weird stuff, like protection against "web software vulnerability", whatever that means. How does CloudFlare achieve "comment spam" protection? They check each and every post request sent to my server? Isn't that going to add a lot of overhead? Can I just say that it's hard for me to believe that CloudFare has enough servers and bandwidth to do that.... I don't understand the extent of what CloudFare is offering exactly. What kind of spam protection is that exactly?
It blocks threats based on IP, threats which includes spammers. I wouldn't worry about how much servers or bandwidth they have... they seem to have more than enough.
Contact them directly and maybe that will ease your worries, but based on the amount of servers and DCs they have been adding to their network recently, I wouldn't worry about it.
Our business hosts off of AWS and two other hosting providers, in addition to utilizing Cloudkick, Sendgrid, Geckoboard, Dynect, and Chartbeat.
It is my job every day to "worry" about how PAAS providers might not be able to deliver services to my business.
We're now in contact with Cloudflare to see how we might progress, but understand that a random posting that says "don't worry" without any substantial background makes me worry.
I contacted them directly and they were exceptionally (and intentionally) vague.
I asked them how on earth they could provide a service like that at such a low cost, and why there were no bandwidth limits in any of the plans (bandwidth isn't free).
Their answer was that they couldn't tell me the answers to my questions as it would reveal business secrets or something to that effect.
At the rate of start-ups spooling up and shutting down these days, I wouldn't bet my site's DNS on a company that appears to have no sustainable business model, and is deliberately withholding information that I'd use to judge if they'll be around in 6 months time.
As this is a DNS based service, If I were a hacker, couldn't I just skip all the protection CloudFlare offers by hardwiring the website's domain + IP in my hosts file?
Judging by its description (CDN-like functionality?), it might also do a great service if it offered to dual-stack the sites that use it. Even if time before June 8th runs short, I am sure they would get some new customers because of this.
The anti-ddos functionality is indeed pretty cool. I guess the reliable detection of "anomaly" vs. "spike in traffic" is the secret sauce - but if not, would be entertaining to know more about that.
Very nice DNS management, faster page loads, reduced bandwidth usage and server load, and all of the nice security features (blocking malicious clients, XSS protection, etc). And all of it with practically no configuration and it's free unless you need SSL (and/or more advanced security features).
Also, they pass along a country header which comes in handy if you need to know which country a user is in without having to set up GeoIP and keep it up to date.
Interesting. I attempted to sign up on CloudFlare's platform but received the response that I must contact them directly to "use the features of CloudFlare" for my domain. I'm interested in testing CloudFlare, but I don't feel like having to submit a blanket request in a generic "contact us" Web form.
I wonder what the reasons are why my business is excluded from participating from initial sign-up? We are a highly trafficked site, so on the surface it seems to me someone might be talking to me shortly on the "up-sell" side of things. Agh..
We have a limit in place for big sites (top 2,000 according to Quantcast, if I recall correctly). Email us the site and we'll get the block lifted. Not an upsell, just something we do to make sure we're watching carefully when big guys come on board.
Thanks for the quick update - understood on the methodology. We're at about 2400 on Quantcast if I recall, so I'll pop in and shoot you guys a message.
Just a quick suggestion.... you might indicate that to the requestor instead of the generic "contact us" response. You could easily drive away someone who might want to POC your service but then ultimately decides to move on to the next task. And that someone could be a big guy.
Agreed. It's a remnant from when we first launched on stage at TechCrunch Disrupt 7 months ago. We'll get the error revised, and I'll get the restriction lifted ASAP.
The nice thing about distributed caches is that the closer the cache is to the user, the lesser the traffic traversing wide-area. So, the main hosting website wouldn't even see all that traffic!
But I guess these make sense only for static content...
