So a couple of months ago i did a test and review of Cloudflare, it was getting popular and i wanted to check it out, so why a second part? Well 2 reasons, first instead of using it for a week, now i’ve used it for a couple of months on a couple of my sites, so i have a better view of the service, second cause i still have a couple of gripes with Cloudflare but also some nice tips to share.
My Hits with Cloudflare!
So like i said i’ve been using Cloudflare for a while now and i would say, its still a hit and miss for me, but mostly a hit, even with hosting your DNS through Cloudflare (and therefore losing control of your DNS ), but to be honest, unless you are paying for the really good DNS hosting, Cloudflare’s DNS service is far superior, i know, cause i’ve used a lot of free and paid dns hosters and hosted my own and i checked it here, with just a couple of tweaks/added services their DNS could compete with the best.
Now in terms of site performance i would say its pretty spanky awesome, i’ve had sites that were literally hanging for dear life bashing the server and just by turning Cloudflare on, it not only relieved a lot of the stress on the server but also turned the site speed way up, that’s by far the best thing about it, how much performance and how easy their CDN/Proxying system is.
My Misses with Cloudflare
But there are still today a couple of gripes, the first and largest is with their security settings and their intermission publicity type of thing they do when they block a user, as far as feedback from my visitors, i would say 100% of my visitors freak out when they reach a site and they are greeted with the cloudflare “you might be infected”! its just a fact, they expect to see a site, it really doesn’t matter if they are infected, their network is bad or they have an unlucky ip, its just not standard web usage to go to a site and be greated with something else, it feels like a pop ad or intermission ad to force someone to do something, what sites like wiki-whatever.info/exclusive-experts.com (i made them up, but you know what kind of sites im talking about) do all the time while spamming Google, its a disaster in terms of usability and no type of customization will ever change my mind, people never expect a warning from a site, even Google disabled their “you might be infected” because people freaked out even if it was with the best of intentions.
What is the Cloudflare Structure?
Cloudflare seems to work a bit like this, they get datacenters on popular internet hubs around the world, popular in the sense that a lot of traffic goes through them, i would bet that altough they spend quite a bit on hardware, that they dont pay or pay very little for bandwith and do what most large providers do and have peering agreements, thats were the free cloudflare users come in, altough clouflare provides a free service they kinda need those users to have enough critical mass for these peering aggrements to be worthwhile for both parties, so altough we arent paying they need the free users, note that this isnt something evil, its awesome win-win for everyone.
The Economics of Cloudflare
How do they get paid! Humm i would say affiliates (through their detestable intermession security warning and through some of the plugins), and of course paid accounts, on this i wonder why they start the price at 20$, maybe they think most of their free users have only 1 site, and if they have more they only have to pay 5$ for each after that, well in my case at least for now its simply not economicaly viable to pay for clouflare pro, for 20$ a month you can buy yourself a whole lot of hosting, even with the added savings of a Pro account.
How do I use Cloudflare
- Basic Security Level: Essentially Off (because the bonus of blocking potential bad users doesnt outweight the really horrible spammy intermission alert)
- Caching Level: Aggressive
- Minimim Expire TTL: 4hours (but adjust this to the update schedule of your site)
- Auto Minify: JS=OFF CSS=ON HTML=ON (avoid the JS, until now it hasnt work in any of my sites and also makes Googles PageSpeed Apache Addon freakout)
- Rocket Loader: OFF
- Outbound Links: OFF
- E-Mail Address Obfuscation: OFF
- Server Side Exclude: OFF
- Always Online: OFF (still a good feature, it only shows a bar on top saying that the site is currently offline, i just turn it off as a personal preference)
- IP Geolocation: OFF
- Browser Integrity Check: OFF
- Hotlink Protection: OFF
Yeah i disable most of the features, dont get me wrong if you need it or its good for you, please turn it On, still the only feature i really cant live with is the Basic Security Level for the reasons i already ranted about hehehe, but hey, freaking thumbs up for Cloudflare its free and it works pretty damn good, my only real gripe is with the security warnings, i would prefer pure blocking than any kind of warning, the more transparent and white-label the better and im really waiting for their announced new pricing scheme to see if i can get a few pro accounts for a couple of my sites, but even so Cloudflare isnt perfect, well damn if it isn’t pretty close.