Cloudflare - How does it work?

by Melkur
23 replies
Hi all,

I've been asked to look into Cloudflare for someone looking to start a new site.

I must admit I'd never heard of them until now, but I've done a little googling and looked at their site, and I think I've got my head around the basics - you point your domain's DNS to Cloudflare, they cache your site and when visitors come to your domain, they see the cached version instead of the version on your host. (Correct me if I'm wrong here!)

So far, so good. But, if the DNS points to Cloudflare, how does Cloudflare go about getting the content from your host to cache? And what happens if you want / need to move hosts?

I suspect I'm probably making this far more difficult than it needs to be, but so far I haven't got that part of the equation figured out.

Any insights would be much appreciated!
#cloudflare #work
  • Profile picture of the author WinsonYeung
    I wrote an review about it on my blog here. you might want to check how cloudflare work here

    CloudFlare Review
    Signature
    [WSO of The Day] Discount How To Generate 172.56% Positive Return OR build your List for FREE!

    "Case Study: Discover You Can Make $1371.66 With A Simple Blog Post by Clicking Here"
    {{ DiscussionBoard.errors[7600989].message }}
    • Profile picture of the author Melkur
      That's a very nice summary of Cloudflare's services, but I'm still not clear how they get the content of your website into their cache, or what happens if you want / need to move host - how do they know to get the content from your new host instead of the old one?
      {{ DiscussionBoard.errors[7601182].message }}
  • Profile picture of the author Vimal Gobin
    You need to point to CloudFlare from your host, not from the domain registrar. Does that answer your question? If not, I'll try to write a more elaborate post when I get back home (currently on mobile).
    Signature
    "The work I received was magnificent – The writing was exquisite – It's more than what I expected – I must say that he did a damn good job – I was blown away with the quality – Written in perfect english – I've purchased a few services here on Warrior Forum, and this by far the best!"
    {{ DiscussionBoard.errors[7601284].message }}
    • Profile picture of the author Melkur
      Originally Posted by Vimal Gobin View Post

      You need to point to CloudFlare from your host, not from the domain registrar. Does that answer your question? If not, I'll try to write a more elaborate post when I get back home (currently on mobile).
      Aha! I knew I had to be overlooking something So how does that work? And does it mean that you can only use Cloudflare from certain hosts? If you have time to elaborate, I'd appreciate it, but if not you've given me a place to start looking!
      {{ DiscussionBoard.errors[7603214].message }}
    • Profile picture of the author damoncloudflare
      Originally Posted by Vimal Gobin View Post

      You need to point to CloudFlare from your host, not from the domain registrar. Does that answer your question? If not, I'll try to write a more elaborate post when I get back home (currently on mobile).
      You actually make the DNS switch at your registrar and not your host. The only exception is if you activate through one of our hosting partners, which does not require changing to our nameservers, since this is done through a CNAME record.
      Signature
      {{ DiscussionBoard.errors[7612630].message }}
  • Profile picture of the author dvduval
    I was very unhappy with Cloudflare in my experience. It didn't make the site faster, and led to problems sometimes with development, and just extra steps that made me lose time. I think there are better alternatives to cloudflare out there too. Also many of our phpLD customers tried cloudflare and also ended up moving away over time. I think it is kind of a waste of time personally. If you have a good host, you don't need cloudflare.
    Signature
    It is okay to contact me! I have been developing software since 1999, creating many popular products like phpLD.
    {{ DiscussionBoard.errors[7603332].message }}
    • Profile picture of the author ColtForty5
      Originally Posted by dvduval View Post

      I was very unhappy with Cloudflare in my experience. It didn't make the site faster, and led to problems sometimes with development, and just extra steps that made me lose time. I think there are better alternatives to cloudflare out there too. Also many of our phpLD customers tried cloudflare and also ended up moving away over time. I think it is kind of a waste of time personally. If you have a good host, you don't need cloudflare.
      I agree. I enabled CloudFlare for a week or so and though it showed it was saving me bandwidth, the performance seemed to take a pretty significant decline.
      {{ DiscussionBoard.errors[7609236].message }}
      • Profile picture of the author truelifeajf
        I've used cloudflare for a long time. Remember, that if you configure your site and cloudflare properly it will help you if you get a DDOS attack. Cloudflare have twice saved my arse in that respect.
        {{ DiscussionBoard.errors[7609441].message }}
    • Profile picture of the author damoncloudflare
      Originally Posted by dvduval View Post

      I was very unhappy with Cloudflare in my experience. It didn't make the site faster, and led to problems sometimes with development, and just extra steps that made me lose time. I think there are better alternatives to cloudflare out there too. Also many of our phpLD customers tried cloudflare and also ended up moving away over time. I think it is kind of a waste of time personally. If you have a good host, you don't need cloudflare.
      The only real issue you would have with development would be when you are changing static content on the site for items we cache. Easy to address with Development Mode or using the purge cache options.

      Sorry to hear you had a bad experience, however.
      Signature
      {{ DiscussionBoard.errors[7612625].message }}
  • Profile picture of the author seasoned
    So how does it work? The only standard way I know to do what they claim, using standard methods, is to use URL rewrite. That likely won't defend against a DOS attack though. It may MITIGATE it, but that is it.

    steve
    {{ DiscussionBoard.errors[7609982].message }}
    • Profile picture of the author damoncloudflare
      Originally Posted by seasoned View Post

      So how does it work? The only standard way I know to do what they claim, using standard methods, is to use URL rewrite. That likely won't defend against a DOS attack though. It may MITIGATE it, but that is it.

      steve
      We don't do a re-write. We have services like I'm Under Attack that can help mitigate/stop a DDoS.

      We also have a lot of data that helps challenge a lot of bad behavior with a challenge page, which is very effective at stopping bots (most attacks are going to be from a botnet zombie).
      Signature
      {{ DiscussionBoard.errors[7612617].message }}
      • Profile picture of the author seasoned
        Originally Posted by damoncloudflare View Post

        We don't do a re-write. We have services like I'm Under Attack that can help mitigate/stop a DDoS.

        We also have a lot of data that helps challenge a lot of bad behavior with a challenge page, which is very effective at stopping bots (most attacks are going to be from a botnet zombie).

        To clarify, a URL rewrite is a tiny file on the ORIGINAL system that, in this case, redirects access of given items to another server. You COULD have pictures and basic html on another system, and have THEM accessed instead of the copies n YOURS. This WOULD mitigate DOS attacks.

        If you are not doing THAT, then what DO you do?

        Steve
        {{ DiscussionBoard.errors[7618718].message }}
  • Profile picture of the author damoncloudflare
    "So far, so good. But, if the DNS points to Cloudflare, how does Cloudflare go about getting the content from your host to cache? And what happens if you want / need to move hosts?"

    Your server IP is in your DNS settings, so that is how the content would still work. If you changed hosting providers, then you would want to simply change to the new server IP address in your DNS settings.

    We do the caching part in the cloud and we cache based off of the file extension. What CloudFlare caches by default.
    Signature
    {{ DiscussionBoard.errors[7612613].message }}
    • Profile picture of the author Melkur
      Originally Posted by damoncloudflare View Post

      "So far, so good. But, if the DNS points to Cloudflare, how does Cloudflare go about getting the content from your host to cache? And what happens if you want / need to move hosts?"

      Your server IP is in your DNS settings, so that is how the content would still work. If you changed hosting providers, then you would want to simply change to the new server IP address in your DNS settings.

      We do the caching part in the cloud and we cache based off of the file extension. What CloudFlare caches by default.
      Many thanks for clearing that up for me - much appreciated!

      Just out of curiosity, how easy (if at all) is if for a malicious person to trace a site that uses Cloudflare back to its actual host, such that attacks could be launched against the server's IP address instead of via the domain name? Would traceroute be sufficient to do that, or is the actual host effectively hidden (except, of course, from legitimate agencies such as law enforcement etc)?
      {{ DiscussionBoard.errors[7614472].message }}
      • Profile picture of the author damoncloudflare
        Originally Posted by Melkur View Post

        Many thanks for clearing that up for me - much appreciated!

        Just out of curiosity, how easy (if at all) is if for a malicious person to trace a site that uses Cloudflare back to its actual host, such that attacks could be launched against the server's IP address instead of via the domain name? Would traceroute be sufficient to do that, or is the actual host effectively hidden (except, of course, from legitimate agencies such as law enforcement etc)?
        There really isn't a full way to hide your IP address online that I am personally aware of. Basic lookups against the domain will terminate on our IPs (dig, traceroute, ping) against the domain, but we can't proxy all traffic on a site (some records have to go direct). It also probably doesn't do much good if the party already has your actual IP address, whether you are on us or not.

        Most DDoS attacks, however, are botnet zombies. We can help mitigate those with things like I'm Under Attack Mode. You can also do things in .htacess and CloudFlare to help further reduce the stress on your server when you do get an attack (blocking countries, IPs, etc.).
        Signature
        {{ DiscussionBoard.errors[7618656].message }}
        • Profile picture of the author seasoned
          Originally Posted by damoncloudflare View Post

          There really isn't a full way to hide your IP address online that I am personally aware of. Basic lookups against the domain will terminate on our IPs (dig, traceroute, ping) against the domain, but we can't proxy all traffic on a site (some records have to go direct). It also probably doesn't do much good if the party already has your actual IP address, whether you are on us or not.

          Most DDoS attacks, however, are botnet zombies. We can help mitigate those with things like I'm Under Attack Mode. You can also do things in .htacess and CloudFlare to help further reduce the stress on your server when you do get an attack (blocking countries, IPs, etc.).
          Unless you have REALLY simple HTML and do practically NOTHING, you have to point somewhere to have programs, like google does, amazon does, etc.... So the client HAS to have a way to connect there. And that IS done through an IP address. Heck, the only reason for a domain name is to simplify that.

          Steve

          Steve
          {{ DiscussionBoard.errors[7618731].message }}
        • Profile picture of the author Melkur
          Originally Posted by damoncloudflare View Post

          There really isn't a full way to hide your IP address online that I am personally aware of. Basic lookups against the domain will terminate on our IPs (dig, traceroute, ping) against the domain, but we can't proxy all traffic on a site (some records have to go direct). It also probably doesn't do much good if the party already has your actual IP address, whether you are on us or not.

          Most DDoS attacks, however, are botnet zombies. We can help mitigate those with things like I'm Under Attack Mode. You can also do things in .htacess and CloudFlare to help further reduce the stress on your server when you do get an attack (blocking countries, IPs, etc.).
          Again, thanks for clearing that up - pretty much as I expected, but confirmation is always helpful! I would think that would be adequate protection against most attacks, and for the more determined, well, they're always going to find some way to be a pain. I've been down the route of blocking IPs before - effective, for a while, but it inevitably leads to an arms race where the other party is looking for ways around the block just as fast you ban them.

          Just to clarify your last point, is it possible to block specific IPs and / or IP ranges from accessing even the Cloudflare cached pages, or are you referring purely to the host's .htaccess there?
          {{ DiscussionBoard.errors[7621244].message }}
          • Profile picture of the author damoncloudflare
            "Just to clarify your last point, is it possible to block specific IPs and / or IP ranges from accessing even the Cloudflare cached pages, or are you referring purely to the host's .htaccess there?[/QUOTE]

            Yes, you can use CloudFlare's Threat Control to block ips/ip ranges from hitting your site (also would honor your .htacess).
            Signature
            {{ DiscussionBoard.errors[7676100].message }}
            • Profile picture of the author Melkur
              Originally Posted by damoncloudflare View Post

              "Just to clarify your last point, is it possible to block specific IPs and / or IP ranges from accessing even the Cloudflare cached pages, or are you referring purely to the host's .htaccess there?
              Yes, you can use CloudFlare's Threat Control to block ips/ip ranges from hitting your site (also would honor your .htacess).[/QUOTE]

              Thanks - that's potentially a very useful feature, and very handy to know about!
              {{ DiscussionBoard.errors[7676701].message }}
              • Profile picture of the author Kingfish85
                Originally Posted by Melkur View Post

                Yes, you can use CloudFlare's Threat Control to block ips/ip ranges from hitting your site (also would honor your .htacess).
                Thanks - that's potentially a very useful feature, and very handy to know about![/QUOTE]

                It's a great service. The pro plan has a ton of great features as well.
                {{ DiscussionBoard.errors[7676714].message }}
  • Profile picture of the author humbledmarket
    Banned
    Originally Posted by Melkur View Post

    Hi all,

    I've been asked to look into Cloudflare for someone looking to start a new site.

    I must admit I'd never heard of them until now, but I've done a little googling and looked at their site, and I think I've got my head around the basics - you point your domain's DNS to Cloudflare, they cache your site and when visitors come to your domain, they see the cached version instead of the version on your host. (Correct me if I'm wrong here!)

    So far, so good. But, if the DNS points to Cloudflare, how does Cloudflare go about getting the content from your host to cache? And what happens if you want / need to move hosts?

    I suspect I'm probably making this far more difficult than it needs to be, but so far I haven't got that part of the equation figured out.

    Any insights would be much appreciated!
    Yes I believe that's about it.

    We've tried the shared hosting on Namecheap with Cloud flare and it's much faster than without cloud flare.

    If you want something to cache your pages on wordpress you can also use the W3 Cache Performance plug in; it does something similar and surely speeds your pages up a lot.

    However I would really recommend cloud flare. It does what it does well and it's more than just caching your pages but also helps protect against downtime.

    For us because NameCheap already has cloudflare service with their hosting we didn't need to set up any thing just pointed the domain to the namecheap DNS and that's about it!

    They have a list of host that support/integrated their cloudflare service already...If I'm not mistaken you shift host as you usually do, just by transfering your site files and then redirecting your DNS.
    {{ DiscussionBoard.errors[7618768].message }}
  • Profile picture of the author RachelLily
    CloudFlare has developed a plugin for WordPress. By using the CloudFlare WordPress Plugin, you receive correct IP Address information for comments posted to your site and better protection as spammers from your WordPress blog get reported.
    Signature

    I make $50 every 3 hours. Learn my methods here: eliteincomeprofits.com

    {{ DiscussionBoard.errors[7676788].message }}
  • Profile picture of the author tomerep
    CloudFlare is a service that does one thing: make websites better. With a single change to DNS, sites are instantly protected from a wide range of online threats, see an increase in page load speeds, and have their content dynamically optimized across the Internet. CloudFlare’s core service is free.
    {{ DiscussionBoard.errors[7676931].message }}

Trending Topics