CloudFront vs CloudFlare

The "We have a winner" makes me expect something substantive, but this post is just the author rambling about a tentative choice he made.

Just wanted to mention a tiny correction.

CloudFlare does have a single file purge option available: http://blog.cloudflare.com/introducing-single-file-purge

Single file purge is also available via our API here: http://www.cloudflare.com/docs/client-api.html#s4.5

I have mentioned this correction to the author as well.

Some cloudflare cons:

Cloudflare makes websites unavailable if you use services like unblock-us.com (see below)

High amount of 404 I get from cloudflare when browsing /r/pics makes me wonder who is to blame.

Cloudflare is short on locations.

Cloudfront is cheaper if you use SSL.

============

➜ ~ dig cloudflare.com

; <<>> DiG 9.8.3-P1 <<>> cloudflare.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 3675 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION: ;cloudflare.com. IN A

;; Query time: 4847 msec ;; SERVER: 208.122.23.22#53(208.122.23.22) ;; WHEN: Sat Dec 1 18:42:43 2012 ;; MSG SIZE rcvd: 32

Here is a good submission by saurik, highlighting some of the risks involved in using CloudFlare:

http://news.ycombinator.com/item?id=4235893

The blog post is titled "When 'Dumb Pipes' Get Too Smart"

Article fails to mention that when CloudFlare has issues, they present Captcha's to the Google Bot, and your site gets delisted.

Also fails to mention that if the CDN gives you an IP that is the same as a Kiddy Porn site, or a pirate site that you could have Law Enforcement on your doorstep (worst case) or be delisted by Google, or blocked by NetFilters.

CloudFlare is not worth the headache. Put a squid on Azure, Rack, AWS, or Google Cloud Compute and you can have nearly the same features, for nearly the same price. And not have any of the negatives.

Unfortunately, CloudFlare requiring root authority for a domain is simply a non-starter for me (or $dayjob). However, I understand why they do it -- DoS protection and ease of maintenance on their side.

I do wish they supported taking authority of a subdomain, or simply required a CNAME like many CDNs.

CloudFront offers HTTPS (on their domain). For low volume sites, paying for CloudFront is cheaper than paying at least $20/month for CloudFlare's HTTPS (which is also on their domain unless you pay $200/month).

Note: For this CDN HTTPS to be useful, you also need to have your main site URL have it, say, via a certificate from StartCom and a VPS or a good shared hosting site. It is a good deed to offer HTTPS even on static sites because it helps protect users' privacy (if they are using WiFi, Tor, or a sketchy ISP; which is likely). If you're distributing software or code, having some sort of signing -- HTTPS and/or GPG -- is critical to protect your users from malicious MITMs; more users are going to verify HTTPS because they don't have a choice about that one.

I love CloudFront because it automatically fetches assets from my deployed application and then caches them. I don't have to manually move stuff to S3 at all! Can CloudFlare do something similar?

A lot of these comments seem misinformed. So, as a user of CloudFlare, let me speak:

CloudFlare takes over your domain and reverse proxies your site, to your control. They cache resources for you, selectively, to your complete control. They have some security features, like presenting captchas to dodgy IPs. The base service is completely free, albeit restrictive, but there are no bandwidth caps. They also have "apps" that provide extra features, like asynchronous JS loading, automatically adding Google Analytics to every page, email scrambling, etc. Everything is customisable - if you want, you can completely disable the security features, caching, apps, in fact, you can also disable the reverse proxying for subdomains (which of course removes all the CF benefits).

My web app, http://ponyplace.ajf.me/, has benefited greatly from being on CloudFlare, since it has relieved the burden of serving most static content from my server. It's a really great service, especially for the price. My only complaint is that SSL usage on CloudFlare is pretty pricey.

The other thing this article really fails to highlight is the DDOS mitigation service Cloudflare provides.

Cloudflare are disrupting a very established and lucrative industry. Companies like Prolexic charge a lot more for a lot less. Not to mention the whole "Are you currently under attack?" bullshit they pull where they charge you significantly more if you are currently a DDOS victim.

Sometimes I'm asking myself the same thing: why pay Akamai the bill when CloudFlare is so much cheaper. However, the cost of the unavailability is far greater. I guess the old saying that nobody got fired for choosing IBM still applies in a different form. It isn't bias. Just a business decision. Running CF for personal stuff though. Guess it's a proper tryout.

The article is an Apples to Oranges comparison...

CloudFront is a content delivery network, CloudFlare is part content delivery network, part front-end optimisation service.

What CloudFlare do it optimise the content so that it loads faster e.g. by minifying JS/CSS, merging files etc. i.e. many of Steve Souders rules.

There are other services around which do much the same thing Google's PageSpeedService, Strangeloop Networks, Torbit etc.

You could perhaps achieve much the same thing using mod_pagespeed, or Aptimize etc. on your webserver and a CDN in front.

If you chose a CDN that allows you to push your dynamic pages through it e.g. Fastly, then even the HTML delivery can be speeded up in many cases (even if the CDN doesn't cache the HTML, which perhaps it could for many sites)

Real challenge that the article doesn't cover is where do CloudFront, and CloudFlare have slow performance e.g. due to peering arrangements etc. That's where multi-CDN providers (ala TurboBytes) can help

I have set up and run cloudflare on all our sites, very happy with it. Super easy to use and gives me piece of mind.

I've been using CloudFlare for a site with >20m hits per month.

4TB of bandwidth saved in the last 30 days for a measly $20.

I do have small issues that arise, mostly false positives and occasional outages, but nothing too bad at all.

Compared with the costs of any other CDN and I would be looking at a rather large bill.

I wonder if everyone is missing a piece of the Cloudflare pricing puzzle.

What if they have negotiated contracts with wholesale data providers where they get a revenue share for any traffic they bring into the network? This would mean that the more sites they have hosted, the more money they bring in for their carrier (which they bill the downstream for) and in turn, the more they make.

I dont not work for Cloudflare and have never worked in the carrier/hosting biz, so this is just a theory. I am however, a very happy enterprise customer.

Having used CloudFlare for multiple sites I can say it's not for everyone. In my experience it's great for sites running on shared servers and can really pick up the speed of these sites. But on some of our larger sites it had the effect of reducing the speed of our service. I think it's worth trying and using for a few weeks at the very least as your experience may very.

I've avoided CloudFlare since it seems to good too be true, which means it probably isn't. I've been burnt in the past with overselling - if I'm not paying for the bandwidth, I'm also probably not getting it. In addition, I've seen those CloudFlare captcha pages a few times, and they look really scummy, like domain parking pages, full of ads.