back to article Wanna write a Cloudflare app? No? Would $100m change your mind?

Internet traffic wrangler Cloudflare is opening up its massive global network to third-party developers. The network capacity and services provider says that its Cloudflare Apps Platform will let developers write code for web apps that Cloudflare customers can then purchase and embed on their sites. Globally, Cloudflare said …

  1. ElReg!comments!Pierre
    IT Angle

    I'm sure CloudFlare serves a purpose. Somehow.

    I mean, I do know that El Reg is a CloudFlare (CF) client for example. I know that because I've been prevented from accessing my beloved Reg writers' ramblings more than a couple of times, with little more than a so-called "ray-ID" to sooth my pains. I'm pretty new at this IT thing (not), but I can't help wondering whether that cloud-based approach to "protection" really is worth it. I mean, do you guys really save that much money by using CF over in-house IT? Genuine question.

    1. Anonymous Coward
      Anonymous Coward

      Re: I'm sure CloudFlare serves a purpose. Somehow.

      In this age where people can rent a 1 Tbps botnet for a bottle of vodka, the unfortunate answer is yes.

    2. Nate Amsden Silver badge

      Re: I'm sure CloudFlare serves a purpose. Somehow.

      even at it's most basic level cloudflare is a CDN. And the goal of the CDN is to cache assets close to the client for faster performance. The security add on stuff I'm sure is nice for the clients that need it, my experience says most do not, but if it's cheap and/or easy to setup then there may be little harm in just doing it.

      The only attacks I have witnessed myself in the past 24 years of doing internet server stuff -- attacks where something like CloudFlare's services would of helped were attacks directed at other customers on shared services. e.g. the dyn DNS attack last year- as a customer we were not the target but were collateral damage. Also last year our primary upstream ISP came under a ~200Gbps attack for about 3 weeks(off and on as the attacker shifted attack vectors), which caused quite a bit of harm to us (the attacker was going after someone else on the provider, not us). about 18 months ago our upstream ISP got hit again with a big attack that was mitigated in a few hours(that time it was one of the game companies - EA or something that was the target - there was lots of news articles about it at the time).

      Having fancy DDoS protection when you aren't the target doesn't help, when the shared pipe(s) are saturated by attacks on other customers.

      I have never used Cloudflare as a customer, so have no idea how well they work -- though they are attacked a lot - I suppose the upside is they are generally better prepared (the CDN we use says the largest attack they have gotten didn't go much more than 2-3% of capacity last I talked to them), but also means they are a much bigger target -- I recall on more than one occasion pretty major cloudflare outages due to attacks(at least one article on el reg).

      If you don't have the need for edge CDN caching, and you don't run a site that is likely to attract attackers then you generally don't need something like CloudFlare. I'm sure the biggest sites have a combination of edge defenses as well as core defenses. But that is overkill for 99.999% of sites out there.

    3. TheTor

      Re: I'm sure CloudFlare serves a purpose. Somehow.

      Cloudflare don't charge for bandwidth. That in itself can be a huge cost saving...

      If your servers go down, they keep serving your content until it's back up.

      Because they take the majority of the load, you can reduce the amount of in house infrastructure needed to serve your content.

      All for free.

      Even without the added goodness of their web application firewall (paid plans only though), they are well worth the effort to set up and use.

  2. Anonymous Coward
    Anonymous Coward

    Like SF

    Now, that's a stretch. SF has a development environment, database, deployment tools and a language. On top of that its PAAS. It can be a standalone environment.

    This is a way to sneak your widget on someone's website after you have a product. Don't compare...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like