CloudFlare is a service that webmasters can use to provide better performance and higher security on their websites. High performance websites lead to higher visitor engagement, retention, and conversions. CloudFlare has various tools to help speed up your website. Usually the best way to increase a website's performance is with a Content Delivery Network (CDN). In order to understand how CloudFlare optimizes the performance, it's important to first understand how a CDN works.
This allows the content to be served up quickly as the servers are located closer to the end user. It also helps distribute the load off the application servers, thus making the experience for end users better as well as saving server resources. It's an important part of any website. If you want your website to load fast and scale well, then it's a necessity.
In order to understand the difference between CloudFlare and a traditional CDN, you should know that CloudFlare is not a traditional CDN. A more traditional CDN would be a service such as CloudFront, EdgeCast, or Akamai. In these systems, you would have a CDN to mirror your content. Unfortunately, this approach requires the CDN to know when the content is updated, and be able to separate the dynamic content from the static content.
Typically, the way this works is when a file is requested through the CDN (say an image), the browser will request it from the CDN. If the CDN does not have a copy of the file, it will request it from the origin host (your web server). It is then cached for all future requests. If the file changes, it needs to be explicitly invalidated either manually or as a deploy process. Otherwise it will eventually expire. This requires a fair amount of backend programming to use effectively.
CloudFlare handles this problem for you by running all content through the CDN and it internally figures out what needs to be cached through the CDN and what doesn't. This means CloudFlare is very easy to set up.
The biggest difference between CloudFlare and other CDNs is that CloudFlare serves every request through the site. Other CDNs only serve static content. This allows CloudFlare to optimize much further.
The analytics and apps are able to do this because they act as a proxy between the application server and the user. After the server generates a response, CloudFlare will alter it to include the new functionality that you've added. For example, if you wanted to add Google Analytics through CloudFlare.
Before the Google Analytics app is enabled, the server might respond with a page like the following :
<html> <title>My site</title> <head> <body> <p>This is my content</p> </body> </html>
After enabling Google Analytics through CloudFlare, it will modify the response to be like the following:
As you can see, the Google Analytics code is injected straight into the response. This allows CloudFlare to be very flexible in changing the location of assets as well. CloudFlare has a variety of other techniques that can be enabled to optimize a website, such as the following:
SPDY support: SPDY is a new protocol designed to be much faster than HTTP at transporting web content.
Railgun: This is a compressor used to reduce the data needed to deliver content.
Preloading: CloudFlare can be configured to preload content that's used often before the user reaches a page that requires it.
Local storage caching: This leverages the browser's local storage to be used as a local cache for objects.
Cache header optimization: This adjusts cache information on request, so browsers will correctly cache the content.
Aggressive GZIP: GZIP compresses data across a network. Some gateways and firewalls will incorrectly notify upstream servers that GZIP is not supported. CloudFlare works despite this and ensures that GZIP is supported where it is available.
Browser optimization: This ensures that images and content are served in the most efficient way possible. For instance, serving images specific to mobile only when accessed by a mobile device.
Page prerendering: This starts loading a new page when hovering over links to them.
It's a long list, but it's important to understand that these optimizations are what CloudFlare does to make your site faster.
CloudFlare watches over many websites across the Internet; if it detects malicious traffic from certain places, it will work to protect sites from attackers in those locations:
Denial of Service protection: When a web server is sent a request, the web server will work on a response and then deliver it to the user. Attackers can take advantage of this by requesting the same content over and over again without listening to the response. This can cripple a system very easily. If CloudFlare detects that this is happening, it will require the user to enter a captcha to continue browsing the website (which a bot will be unable to pass). Since CloudFlare is between the user and your website, this traffic will never hit your site.
Other threats: CloudFlare also monitors for cross-site scripting and SQL injection attacks. There are extensions that we can enable to protect against comment spam and e-mail harvesters as well. CloudFlare can check against browser integrity. This means they will analyze the HTTP requests to see if the headers contain headers associated with malicious actions. There can also be explicit IP address blocks in order to ban some ranges or countries from accessing a website.
SSL: Any website that uses logins/sessions needs to be behind SSL. Without using SSL security, it is easy to hijack a user's session on a public Wi-Fi network, by allowing an attacker to pretend to be a different user. CloudFlare has some tools to easily enable some basic SSL protection for your users. For more information on how this attack is done, read up on the Firesheep exploit at http://en.wikipedia.org/wiki/Firesheep.
Blacklisting: CloudFlare has a database of IP ranges that are known to be harmful traffic. CloudFlare can be enabled to prevent users from these IP addresses from reaching your site without passing a captcha.
Often, it can be cumbersome to have engineers add in services to an application such as Typekit or Google Analytics. CloudFlare has a marketplace of apps that can be installed to an application without deployment or changing code on the servers.
Not having to change the code to put an app onto a site lets you to easily try out new analytics, advertising, and social tools.
It's also safe because CloudFlare ensures that the apps are safe and won't cause issues on your site. If you try to enable two conflicting apps, the console will protect you from making that change.
As you can see, CloudFront is more than a traditional CDN. This does not mean that it will solve all scaling problems, but it will solve many of the easier scaling issues with little effort. The security, analytics, and apps functionality are some nice additions to enhance your website as well.