CloudFlare: verschil tussen versies

CloudFlare is a service for CDN (Content Delivery Network), but also as front-end proxy fore security. I have some mixed feelings about it.

This article is about using CloudFlare for security - Maybe what's called Web Application Firewall (WAF)?

Pro

• Blocking visitors from choosen countries or even continents
• Defense against DDOS
• An extra defense layer
• It doesn't take resources from the actual webserver, as it is a front-end proxy.

Con

Own experience:

• It seems to generate errors: At times, visitors see a CloudFlare error page in stead of the site
• Inconvenient that DNS entries are now administrated somewhere else
• Issues with Klaviyo (email marketing): Some extra DNS-related settings were needed

Some remarkable negative views - halfway the page. They might be all correct, but how significant are these criticisms?

• by using cloudflare, you add a point of failure between web server and visitors
• Cloudflare may not speed up your pageload
• Cloudflare may get your website penalized by Google.
• Cloudflare inject code into your HTTP headers
• Cloudflare may deliver the wrong version of a page
• Cloudflare makes you believe that it protects your server against bots. In fact, a clever bot can start many handshakes with your servers and crash your server even behind cloudflare. (Syn DDOS attack)
• Cloudflare may modify your code and you didn’t want Cloudflare to modify your code. (HTML minify, removing comments, adding JS lines)
• Using cloudflare is like handing over your house keys to someone. You get dependent on cloudflare to deliver your content.
• Cloudflare can spy on your data and the data of your website visitors since their servers stand in the middle between two HTTPS chains.
• Cloudflare can decide to shut down the connectivity to your web server.

Sources

• https://www.quora.com/Why-should-you-not-use-Cloudflare