10

Anyone running a webserver would agree, security can be a hustle and tedious job. Recently I came across a service claiming to help with that -- CloudFlare.com. There's plenty of benefits listed on CloudFlare's own website, however I'm interested if there are any potential drawbacks switching your DNS to theirs. A few blog comments had some cautious remarks about CF's system being too aggressive and flagging even site owners.

Aren't there any benefits in having your own name servers, perhaps from SEO stand point?

Also they talk about caching content on multiple servers... What if your content is not static?

Trying to get as much info as possible before making a decision. Any insight would be highly appreciated.

Thanks.

AviD
  • 72,138
  • 22
  • 136
  • 218
  • 1
    Hey slatecaster, I think you'll get a better response from http://security.stackexchage.com, so I'm going to migrate it over. Good luck! –  Feb 13 '11 at 15:26
  • 2
    Some explanation of the particular sorts of security benefits you're looking for would help - see the [faq](http://security.stackexchange.com/faq) section on context. So would a description here of the aspects of CloudFlare that you are interested in, since content on external sites can change at any time. – nealmcb Feb 14 '11 at 01:09
  • I tried CloudFlare but they disappointed me with their less than satisfactory uptime. Also, I noticed my site was faster when directly delivered from Hawk Host instead of Cloudflare proxy. Their bad uptime really is the turnoff for me. If they can manage Hawk Host like uptime then I will surely try them again. –  Oct 05 '11 at 16:56
  • I'm not sure what relevance the website link has to the question, so I removed it. Please do not post hyperlinks in questions or answers unless they have actual relevance to the topic at hand. If they do, please make sure your post offers clear explanation as to what that relevance is. – Iszi Oct 07 '11 at 02:49

2 Answers2

2

Thought I would jump in here.

"A few blog comments had some cautious remarks about CF's system being too aggressive and flagging even site owners"

We use a variety of data sources that indicate potential threats, which can lead to some false positives in data. If you're concerned about too many visitors getting challenged, you can do the following:

-Adjust your CloudFlare security settings to low or medium (high is fairly restrictive). This can be done by going to: settings->CloudFlare settings->Basic Security->Change to low or medium.

-You also have the option of whitelisting IPs, IP ranges & countries in your 'Threat Control' panel.

"Also they talk about caching content on multiple servers... What if your content is not static?" We wouldn't impact dynamic content at all (those changes would appear immediately).

"perhaps from SEO stand point?"

CloudFlare should be good for SEO because we help speed up delivery of your pages (our IPs are also whitelisted with Google).

There are tons of tips and things to consider on our blog as well.

  • 3
    it is considered good practice to explicitly identify your affiliation, if you might have a financial or other interest in the answer, or if you are affiliated with the company being discussed in the question. – D.W. May 17 '11 at 09:52
  • 1
    I had no doubt Damon was affiliated with Cloudflare when he said "we." He could have been clearer, but he certainly wasn't trying to hide it and astroturf; the two downvotes are unwarranted. – user502 Aug 04 '11 at 20:30
2

The largest drawback I've run into so far with them is their lack of distribution for DNS hosting. Cloud-based hosting is great, but when you're requiring people to use a DNS server that is less than distributed, it creates major issues.

At this time, I'm not sure if they've resolved that, but they've yet to make any deployment on allowing people to specify their own DNS hosting, which was promised months ago.

In closing, I'd hold off on it. It's still premature, and needs a lot of work.

Ryan Gard
  • 21
  • 2