Good question and one that is easy to answer. We came across Cloudflare around 10 years ago. It was formed in 2009 with the goal to “make the Internet work the way is should”. A long standing client of ours contacted us in somewhat of a panic. They were being “attacked” or to be specific, their website was the target of a Distributed Denial of Service (DDoS) attack. In simple words, a DDoS attack involves multiple connected online devices, collectively known as a botnet, which are used to overwhelm a website with fake traffic.
Cloudflare can block DDoS attacks of any size and kind
This was a definite attack on my client, as they were asked to make a ransom payment. Back in those days, this was probably more common that you might think. Nowadays there are lots of services like Cloudflare that are built to protect from such attacks. It still happens and in some cases there is still disruption, but it is less frequent.
We immediately picked this up with the hosting provider, who suggested we move the client’s DNS over to Cloudflare. Happy to try anything to help the client, we quickly actioned. We then enabled proxy mode so all the client’s traffic was routed through Cloudflare’s infrastructure. Given the fairly unsophisticated nature of the attack, within seconds, the malicious traffic was being blocked. At the same time the performance of legitimate traffic was not compromised.
Great… that was a very welcome introduction to Cloudflare. But this was just scratching the surface of what it can do.
Cloudflare provides fast, secure and resilient DNS
That’s twice that we’ve mentioned DNS now, so for those not familiar with the term, think of it as the phonebook of the Internet. The Domain Name System (DNS) is how web addresses like meltedmedia.co.uk are translated to IP addresses. Each device on the Internet has an IP address and a DNS lookup is used to tell the web browser what IP address to find the website on. Within a few week’s of our initial introduction to Cloudflare and we’d migrated all our customers over to them for their DNS management.
It was so much easier to make changes than with our previous DNS tool, so we were very happy.
Cloudflare also offers a content delivery network, website security and much more…
But there are even more reasons why we love Cloudflare!
The first is its flexible SSL feature. Many of our clients are small businesses and the cost of a dedicated SSL is one they can avoid by using Cloudflare. Once you have set up your domain on the Cloudflare system, it automatically creates a universal SSL certificate. You can then configure Cloudflare to serve all traffic on HTTPS and automatically fix mixed content by changing “http” to “https” for all resources or links on your site. All for free!
The second is Cloudflare’s firewall and page rules functionality. Cloudflare can be configured to allow, reject or challenge traffic based on various criteria such as location, IP address or user agent. The free plan allows you to have five active firewall rules. You can upgrade for more, plus take advantage of the web application firewall (WAF). This provides enhanced security through a built-in ruleset to stop a wide range of application attacks. Page rules allow you to control Cloudflare settings on a given URL. This is very handy when you need to add additional security on a certain part of your site like a login page. Alternatively, you might want to disable caching on an admin area for example.
And did I say that most of the Cloudflare functionality you would need is free? That’s right! It’s only a handful of our clients that need to use a paid plan for more advanced configuration. We are talking large ecommerce clients with multi million turnover here. Most small businesses would have absolutely everything they need with the free plan.
Using Cloudflare and Wordfence together for WordPress sites
We’ve talked about why we use Wordfence on another post and yes, there are some things that they both do. However, that is not to say that we don’t use Cloudflare on our WordPress builds as we do. Firstly, using a WordPress caching plugin as well as the static asset caching from Cloudflare is a great match for performance. On top of that, Wordfence is designed specifically for WordPress. Yes, Cloudflare does have some specific firewall rules designed for WordPress, but they are only available on its paid plans. We find the combination of both Cloudflare’s free plan and Wordfence is perfect for the majority of our WordPress clients.
If you would like to speak to us to discuss a project or have any questions about Cloudflare, then don’t hesitate to contact Melted Media to speak today.