Cloudflare

My many ramblings

Cloudflare

Cloudflare – What is it and why would I care ?

I have been using Cloudflare for a long time.  It is one of my goto services and I use it to protect all of the public services I run for myself and other sites/ organizations.

The basic premise of what Cloudflare do is that they are a distributed Web Application Firewall (WAF) and CDN but they also offer so much more. Because they have a large number of POP’s they can cache and push content closer to your end users to give them a better experience. This also offloads work from your firewall’s, DNS, Web and Database servers.  At present they have 139 sites globally allowing you to host a site anywhere and get good global performance.

Cloudflare has an amazing free tier so you can get started easily.   I use this to host all of my public DNS records. So what does that look like?

host -a jameskilby.co.uk
Trying "jameskilby.co.uk"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37213
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;jameskilby.co.uk.		IN	ANY

;; ANSWER SECTION:
jameskilby.co.uk.	3789	IN	RRSIG	HINFO 13 3 3789 20180328104110 20180326084110 35273 jameskilby.co.uk. 8LRbQkBeJL/oW1JqL7zo60C9q0CfwolpiGCK12+Ox0kR0t8k2mnFZenS yb2dSEO8HUQNF6vrALIp80uBi8Ud0g==
jameskilby.co.uk.	3789	IN	HINFO	"ANY obsoleted" "See draft-ietf-dnsop-refuse-any"
jameskilby.co.uk.	211	IN	RRSIG	A 13 3 300 20180328103941 20180326083941 35273 jameskilby.co.uk. IbT3QYzc5fdlUIMOanRYN+LPJEuPfx1G3H/rW9eft0cKDAd+tzizbIOt t5hlnVFXLJGe6YnZ+ZwMSssGU9ZDAA==
jameskilby.co.uk.	211	IN	A	104.28.5.56
jameskilby.co.uk.	211	IN	A	104.28.4.56
jameskilby.co.uk.	172711	IN	NS	matt.ns.cloudflare.com.
jameskilby.co.uk.	172711	IN	NS	fay.ns.cloudflare.com.

Received 402 bytes from 80.87.16.117#53 in 40 ms

As you can see they have given me 2 Nameserver records (Matt and Fay) and also 2 A records Neither of which are my source web server.

Then within the Cloudflare portal you input where the real webserver lives cloudflare will do the rest.  My blog is still a little bit light on readership but you can see Cloudflare handling the spike in requests.

Cache in action

They are also handling the SSL cert for me and the redirect so all traffic is HTTPS to my site allowing me to close port 80 on the firewall all within the free tier.

If you are using with wordpres I would strongly recomend the Cloudlfare plugin is installed.  This way when you make changes to your site it wil automatically purge the cache if required

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *