Reply to post: Re: I'm sure CloudFlare serves a purpose. Somehow.

Wanna write a Cloudflare app? No? Would $100m change your mind?

Nate Amsden Silver badge

Re: I'm sure CloudFlare serves a purpose. Somehow.

even at it's most basic level cloudflare is a CDN. And the goal of the CDN is to cache assets close to the client for faster performance. The security add on stuff I'm sure is nice for the clients that need it, my experience says most do not, but if it's cheap and/or easy to setup then there may be little harm in just doing it.

The only attacks I have witnessed myself in the past 24 years of doing internet server stuff -- attacks where something like CloudFlare's services would of helped were attacks directed at other customers on shared services. e.g. the dyn DNS attack last year- as a customer we were not the target but were collateral damage. Also last year our primary upstream ISP came under a ~200Gbps attack for about 3 weeks(off and on as the attacker shifted attack vectors), which caused quite a bit of harm to us (the attacker was going after someone else on the provider, not us). about 18 months ago our upstream ISP got hit again with a big attack that was mitigated in a few hours(that time it was one of the game companies - EA or something that was the target - there was lots of news articles about it at the time).

Having fancy DDoS protection when you aren't the target doesn't help, when the shared pipe(s) are saturated by attacks on other customers.

I have never used Cloudflare as a customer, so have no idea how well they work -- though they are attacked a lot - I suppose the upside is they are generally better prepared (the CDN we use says the largest attack they have gotten didn't go much more than 2-3% of capacity last I talked to them), but also means they are a much bigger target -- I recall on more than one occasion pretty major cloudflare outages due to attacks(at least one article on el reg).

If you don't have the need for edge CDN caching, and you don't run a site that is likely to attract attackers then you generally don't need something like CloudFlare. I'm sure the biggest sites have a combination of edge defenses as well as core defenses. But that is overkill for 99.999% of sites out there.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022