Cloudflare is a content delivery network that acts as a middle layer between your actual host and user browsing the site using your domain name.
Taking the example of imtips.co which is hosted on a server with IP address as 220.127.116.11 then Cloudflare will act as a middle layer such that when you type imtips.co in your browser, it will check if you are real user or not and then it will fetch the content from 18.104.22.168 for you.
How Cloudflare Works?
Below image clarifies how Cloudflare works.
It passes all the traffic that would normally hit your server to go through the filter process of Cloudflare and only the validated traffic is being routed to the host.
You can have different security levels based on how and what you term as spammers and hackers that you want to be filtering out.
How Cloudflare differs from Other CDN?
Content delivery network or CDN is lot different from Cloudflare in the sense that CDN mirror the complete site from a particular domain/subdomain/subfolder. You can use alternative mirrored CDN url to serve the static content from the CDN.
Once you are serving static content from a cookie less separate sub domain, the browser don’t need to send extra header information for the static content and you can reduce the packet size to speed up your site’s loading time. If you are serving content from separate domain/subdomains, browser can do a parallel download of the static content making it faster for the pages to be rendered.
Apart from that the biggest advantage of using a CDN is, it serves the content from the nearest location from where the content is being requested which makes content served faster. A user in India may see content being served from a CDN edge server somewhere in Asia whereas US user may see content being served from a nearby US server making it faster for the content to be downloaded for the user.
Advantages of Cloudflare
Cloudflare is completely free to get started whereas other CDN services are paid.
2. Performance improvements
As your site is being filtered and only genuine traffic is being passed, your site can save on resources as well as can see increase the speed of your site because of the caching being performed by the Cloudflare.
3. Save bandwidth
Not all the traffic goes through the Cloudflare and so you will save on the bandwidth that you may waste otherwise to spammers and hackers.
4. Spam protection
You can filter out the bad traffic and be protected from automated bots and spammers.
5. Site Analytics
6. DNS Changes are faster
Your DNS is controlled by Cloudflare and so when changing hosts, at the most you need to do is change the IP address of your old host to the new host which can be completed in minutes instead of 24 to 48 hours that you may need to wait for DNS changes to propagate.
7. Blocks DoS and DDoS
Cloudflare blocks DDoS and DoS. DDoS is an attack on the server to send too many automated requests to the server from various locations to bring it down. If you your IP Address is known to the hacker, Cloudflare cannot protect your server from DDoS as the attacker targets IP directly bypassing the Cloudflare.
If a site experiences too much of DDoS attacks, it makes sense to be using Cloudflare.
Disadvantages of Cloudflare
1. Yet another layer
Unless your site has decent amount of traffic and you need spam protection and have issues with hacking or DDoS, I don’t see a reason to be adding one extra layer security as extra level of security means extra layer of maintenance.
2. False positive
The biggest disadvantages of Cloudflare that I have experienced in the past were too many false positives. Many of my users in the past complain about being blocked and need to key in captcha to view the content on my site.
With high securities, Cloudflare even had issues with owners being blocked out of the site.
Though you can white list your IP for your site but if you are not on a connection where IP is static or if you are having a connection where IP changes too frequently (Which is normally the case here in India), you can be just white listing your own IPs most of the time.
3. Host Support for Cloudflare
If your code needs IP Address of the user, with Cloudflare your code needs to change the way IP is passed by Cloudflare or it needs a web server module installed for your code to work the same it used to be without Cloudflare.
If you are on shared hosting, you may need to check if your host supports Cloudflare or not though most shared hosts do support Cloudflare.
If you are on Virtual Dedicated Server or a Dedicated Server, you either need to add Cloudflare modules to your web server (Apache) for code to fetch user’s IP to work fine as earlier or need to update your code to support Cloudflare way of fetching user’s IP.
When should you use Cloudflare?
If you are bottle-necked on bandwidth or have too much spam coming your way or have issues with DDoS or have issues with the site getting hacked too frequently, then you can use Cloudflare and not otherwise.
If your host is low quality and has issues with the site load time or site getting offline too often, you can think about using Cloudflare because Cloudflare caches the site for you so your mini blips in server offline issues can be fixed or even very slow shared hosting can be fixed but its still recommended to be moving to better hosts than to use Cloudflare in such cases.
In short you should not be using Cloudflare unless and until, you have to.
Should you Use a CDN?
Always. Even if you are serving the CDN content from the same domain/subdomain,
- CDN can free up your server from serving static content
- Can serve the content from the nearest location to end user
- Allow browsers to fetch content parallel to your site’s content.
Makes faster user experience.