CloudFlare Rocks!

I recently got invited to try out CloudFlare, a new free service in closed beta. I checked out the homepage and was greeted with a “Wouldn’t it be cool if your website were protected by ninjas?” header. Why, yes, that would be cool.

So, not really understanding exactly what it was, I signed up and configured it for the Fake Name Generator.

After some poking around and letting it do its thing for a few days, this is what I’ve discovered it does for me:

  • Provides a free DNS management. This is included for free with many registrars, but it just so happened that the domain I’m trying this out on didn’t come with DNS management so I’ve been paying $10 a year for it. This alone makes CloudFlare worth using for me.
  • Serves my content on a CDN-like intrastructure. This makes my site faster to some users, which is always a good thing.
  • Caches my static content (like images and JavaScript). This dramatically reduces my server load, and makes my site faster. My LAMP server with only 1GB of RAM is currently serving about 100,000 pageviews per day and running millions of queries in offline processes. With CloudFlare, my load average rarely goes above 0.10.
  • Blocks bad guys. This is a huge deal for me. Everyone and their mom thinks it is okay to scrape my site for data. Bots love to hit my site to try to find exploits. CloudFlare does a great job at identifying these people and blocking them for me, or providing a way for them to enter a captcha to prove they aren’t a bot.
  • Provides geolocation data on all visitors. I haven’t started using this yet, but CloudFlare adds a request header with the visitor’s geographic location. This makes it easier to target content to visitors from certain parts of the world.
  • Makes me more profitable. All around, CloudFlare has made my business more profitable. My site requires less server resources, which means I can keep my site running on my relatively cheap tiny server. Fewer bots are loading my ads, which means my click thru rates are higher, which means I get paid more. My pages respond faster, which means I’m ranked higher in the search engines, which means I get more visitors.

One problem I ran into, however, is occasionally a screen scraper gets through their blocks and starts hitting my site. In the past I would use iptables to block them, but the way CloudFlare works makes that impossible (at least with my limited knowledge of iptables). CloudFlare provides a way to block a specific IP, but it can take several minutes to go into effect.

The solution I came up with is to use Apache to give visitor’s from the offending IP a 403 error:

<VirtualHost *>

 SetEnvIf CF-Connecting-IP 98.17.241.185 GoAway=1

 <Directory "/path/to/your/website">
 Order allow,deny
 Allow from all
 Deny from env=GoAway
 </Directory>

</VirtualHost>

This snippet, properly placed in the Apache config file, will cause Apache to look at a header set by CloudFlare, and if it matches the offending IP (in this case 98.17.241.185), it denies access to the site. You can add a nearly unlimited number of SetEnvIf statements to block any number of IPs.

Anyways, if you get an invite to CloudFlare, check it out! It is definitely worth it!



                

3 comments

  1. That’s a great solution. You may want to look at mod_cloudflare:

    http://www.cloudflare.com/wiki/Log_Files

    And tweak the solution to use the REMOTE_ADDR directly rather than a header.

    Alternateively, you can also use mod_rpaf and configure it for CloudFlare’s IPs. CloudFlare also sets the X-Forwarded-For header.

  2. My hosting provider put me onto cloud flare after I complained about a sluggish site, so I signed up hoping for better performance but I didn’t really notice any change. Also I have been having issues with random images not loading and some cloud flare error pages not linking properly. I have been programming for about 7 years so I know how to optimise my code etc… anyway after a month I reset my name servers to my hosting provider and all has been great since, no more error pages and images missing!

    • I also ran into issues with CloudFlare. I’ve switched my site back to my registrar’s DNS and things have been much better. I think CloudFlare has the potential to be a great service but has some growing to do first. Definitely not ready for high traffic sites.

Leave a Reply

Your email address will not be published. Required fields are marked *