I recently got invited to try out CloudFlare, a new free service in closed beta. I checked out the homepage and was greeted with a “Wouldn’t it be cool if your website were protected by ninjas?” header. Why, yes, that would be cool.
So, not really understanding exactly what it was, I signed up and configured it for the Fake Name Generator.
After some poking around and letting it do its thing for a few days, this is what I’ve discovered it does for me:
- Provides a free DNS management. This is included for free with many registrars, but it just so happened that the domain I’m trying this out on didn’t come with DNS management so I’ve been paying $10 a year for it. This alone makes CloudFlare worth using for me.
- Serves my content on a CDN-like intrastructure. This makes my site faster to some users, which is always a good thing.
- Blocks bad guys. This is a huge deal for me. Everyone and their mom thinks it is okay to scrape my site for data. Bots love to hit my site to try to find exploits. CloudFlare does a great job at identifying these people and blocking them for me, or providing a way for them to enter a captcha to prove they aren’t a bot.
- Provides geolocation data on all visitors. I haven’t started using this yet, but CloudFlare adds a request header with the visitor’s geographic location. This makes it easier to target content to visitors from certain parts of the world.
- Makes me more profitable. All around, CloudFlare has made my business more profitable. My site requires less server resources, which means I can keep my site running on my relatively cheap tiny server. Fewer bots are loading my ads, which means my click thru rates are higher, which means I get paid more. My pages respond faster, which means I’m ranked higher in the search engines, which means I get more visitors.
One problem I ran into, however, is occasionally a screen scraper gets through their blocks and starts hitting my site. In the past I would use iptables to block them, but the way CloudFlare works makes that impossible (at least with my limited knowledge of iptables). CloudFlare provides a way to block a specific IP, but it can take several minutes to go into effect.
The solution I came up with is to use Apache to give visitor’s from the offending IP a 403 error:
<VirtualHost *> SetEnvIf CF-Connecting-IP 22.214.171.124 GoAway=1 <Directory "/path/to/your/website"> Order allow,deny Allow from all Deny from env=GoAway </Directory> </VirtualHost>
This snippet, properly placed in the Apache config file, will cause Apache to look at a header set by CloudFlare, and if it matches the offending IP (in this case 126.96.36.199), it denies access to the site. You can add a nearly unlimited number of SetEnvIf statements to block any number of IPs.
Anyways, if you get an invite to CloudFlare, check it out! It is definitely worth it!