Jim Westergren
About me, my projects, SEO, Web Development and Personal Development since 2005
"If we did all the things we are capable of, we would literally astound ourselves." - Thomas A. Edison

Why I recommend CloudFlare and why you should try it too

CloudFlare is a both a proxy and a CDN (content delivery network). It was recommended to me by Magnus Bråth.

Quoted from them:

On average, a website on CloudFlare

  • loads twice as fast
  • uses 60% less bandwidth
  • has 65% fewer requests
  • is way more secure

All for free!

Never heard of them? According this recent article on Forbes.com they are getting over 1500 new signups per day and on any given day 25 percent of the Internet’s visitors pass through its network.

I have now tested it for about a week and I recommend them. I am using the free version so far and below I will show you my results.

Stopping spam

The graph below shows that I received around 1000 spam comments per day on this blog (filtered by Akismet) and that CloudFlare cut this down to less than half with the medium security setting. What I really like is that CloudFlare blocks before any request is being sent to the server.

The graph below shows that CloudFlare blocks almost half of the hits to this blog. What is blocked is spam bots, they call it "threats".

Does CloudFlare block real visitors? No. See the Google Analytics which remains almost the same:

When CloudFlare blocks it displays a CAPTCHA to the user to prove that they are a human. If passed, they are allowed access. So I am not so worried but I don't want to set my security settings to high.

Now I have also installed a math challenge plugin to cut the spam down even more.

CDN and saving bandwitdh

CloudFlare caches your static content (images, CSS and javascript) and copies it to their different servers around the world. Then a visitor gets the images from the server closest to them (see a map and nice stats here).

I am hosting static content via my domain staticjw.com. It is hosted by a nginx server in Sweden. The subdomains images.staticjw.com and uploads.staticjw.com are pointing to Amazon S3 buckets in which I host images and uploaded files from users of N.nu. I didn't use a real CDN until now meaning that content from S3 is now loading faster for my users in Sweden and all content loading faster for users outside Sweden.

See the graphs of my server (without the subdomains):

Stats from CloudFlare for this domain + subdomains the last 7 days:

And I did not yet receive any email asking me to upgrade to their Pro version.

Speeding up your website

If you already have optimized your website for speed and you are already using a CDN it might not load so much faster with CloudFlare (like in my case). In fact it can actually in some rare cases load slower if you have a fast server in the same country your visitors are located in and CloudFlare does not have a datacenter in that country. This is due to the extra added latency of around 0,2-0,3 seconds.

Also remember that CloudFlare does not cache HTML, only static content.

Read more about their speed improvements here. If you have not done speed optimization you have a lot to gain here.

Higher uptime

If your server or website goes down CloudFlare will keep it up by showing a cached copy of the HTML. Of course if CloudFlare goes down so do you. But I think CloudFlare has a higher uptime than what you are hosting with now unless you use for example Amazon EC2 or a similar high end solution.

There are some limitations, such as:

In order to trigger Always Online, your web server will need to be completely unresponsive, or return a 502 or 504 HTTP error response code. Always Online will not be triggered for other HTTP response codes, such as 500.

Read more limitations here.

Protection against DDoS attacks

CloudFlare protects you from DDoS attacks by blocking if before it reaches your server. But it might take some days before CloudFlare "learns" that the traffic spike is a DDoS attack and blocks it as shown by this graph of a real world example (not me):

You can however activate the "I'm Under Attack Mode" any time you want, read more here.

Free DNS tool

CloudFlare provides a very slick and easy to use DNS tool for unlimited number of domains with anycast and fast update of records. This alone is worth the signup for me. You can easy put CloudFlare on and off on a domain or subdomain.

Use this PHP code

Because CloudFlare acts as a proxy it will show their IP in the backend. With PHP use this code:

<?php
if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) {
	$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];
}
?>

If you use WordPress you can simply activate their plugin.

Conclusion

Give it a try, it just takes a few minutes and there is nothing to install. If you don't like it you can easily turn it off.

17 May 2012

About the Author Jim Westergren Jim Westergren is a Swedish web entrepreneur currently living in Spain. He is happily married and has three lovely children. Some of his interests are web development, SEO and writing.
He is the Founder of DomainStats and N.nu. Read his .