What is Cloudflare ? How does it help webmasters ?

I would just like to say that I'd recommend folks against using auto-minify or rocket loader on forum sites.

These features inject javascript into the code which can play up with other parts of your board software.

In my case (though it wasn't a Xenforo board), it redirected the originating tab of external links as well as the new tab. Took me days of sorting before I learned the CloudFlare features were the culprit. I disabled them and problem solved.

Aside from the intermittent downtime with some of their proxies, I had very little problems using their sevice. However, I do think their "potential threat" reports are blown out of proportion. According to their service, they prevented 3k+ "potential threats" to my site from viewing it during my couple weeks of membership with CloudFlare. Yes, 3k+. I haven't had the service running on my site for over a month and I've seen one spammer which was automatically kicked out by my system. Nowhere near the 6k+ attempts I was expecting to see logs about.
 
agreed, i received 300 complaints that they cant access my website when cloudflare security was at medium... and when i set to low i still get hundreds of complaints so i ended up completely disabling the security control when i was using cloudflare a month ago
 
Although cloudflare site offline feature is quite broken. If the server is down it usually ends up with a cloudflare message saying that the site cannot be found try again later etc, also if some times it actually does show cache content from cloudflare system (although very rare) it usually only show front page and nothing more. if you click any link you will get the offline message

The Always Online feature does have some limitations . We're currently in the process of making some improvements to the feature, however.
 
Appreciate the follow up and after reading a bit I was wondering about the wording, In particular..

Does this mean that CloudFlare identifies a denial of service attack and then does nothing other than offer cached content when my site is down ?

Or does CloudFlare both identify a denial of service attack and keep my site online without serving cached content ?

The honest answer is that we're not a full DDoS protection service. The nature of our network does help mitigate some attacks against your site (we really wouldn't be much help right now if you were getting a huge attack).
 
I would just like to say that I'd recommend folks against using auto-minify or rocket loader on forum sites.

These features inject javascript into the code which can play up with other parts of your board software.

In my case (though it wasn't a Xenforo board), it redirected the originating tab of external links as well as the new tab. Took me days of sorting before I learned the CloudFlare features were the culprit. I disabled them and problem solved.

Aside from the intermittent downtime with some of their proxies, I had very little problems using their sevice. However, I do think their "potential threat" reports are blown out of proportion. According to their service, they prevented 3k+ "potential threats" to my site from viewing it during my couple weeks of membership with CloudFlare. Yes, 3k+. I haven't had the service running on my site for over a month and I've seen one spammer which was automatically kicked out by my system. Nowhere near the 6k+ attempts I was expecting to see logs about.

This is actually kind of confusing on the reporting side.

-The reporting/analytics surfaces data about all of the threats across the network that have visited your site (how we use data sources to identify threats).
-Threat control, however, only reports visitors that were challenged based on your security settings.
 
agreed, i received 300 complaints that they cant access my website when cloudflare security was at medium... and when i set to low i still get hundreds of complaints so i ended up completely disabling the security control when i was using cloudflare a month ago

You can always whitelist IPs, IP ranges & countries to override our behavior. Since our data is based on IP address, there will be some false positives.
 
Will CloudFlare accelerate and protect my root domain?

I read following somewhere:
CloudFlare can only accelerate and protect CNAMES. Since your root domain is an A record, we recommend that you forward your traffic to ‘www’ through your .htaccess file. If you do not forward the traffic, then any traffic to www.mydomain.com will be accelerated and protected by CloudFlare (and shown in the statistics) and any traffic to mydomain.com will not be served by CloudFlare.
 
Gentlemen,

We're facing serious DDOS attacks on our site (forum) that have persisted for days now. We are deliberating on our options.
Can someone please throw light on how much protection Cloudflare Pro can provide against DDOS threats.

Thanks & Regards
SG
 
Gentlemen,

We're facing serious DDOS attacks on our site (forum) that have persisted for days now. We are deliberating on our options.
Can someone please throw light on how much protection Cloudflare Pro can provide against DDOS threats.

Thanks & Regards
SG

I wouldn't want you to signup right now simple for DDoS attacks (we're really not a full DDoS solution). If you're getting massive attacks on your site, we will currently go direct to your server.
 
This is actually kind of confusing on the reporting side.

-The reporting/analytics surfaces data about all of the threats across the network that have visited your site (how we use data sources to identify threats).
-Threat control, however, only reports visitors that were challenged based on your security settings.
It's just a bit odd seeing reports about 3k threats on a small board of 100 members. That is a pretty self-serving misrepresentation/inflation imho.

We were barely listed on Google, and to a novice webmaster it would look like every spammer on the internet found us.
 
"Going to? It happened in July."
Huh? I would need more details. I personally don't remember any issues in July with that kind of issue.

I'm also checking with our engineer on the unknown bots issue. But I can assure you that we wouldn't do anything deliberately to be misleading.
 
"Going to? It happened in July."
Huh? I would need more details. I personally don't remember any issues in July with that kind of issue.
Sent via PM

I'm also checking with our engineer on the unknown bots issue. But I can assure you that we wouldn't do anything deliberately to be misleading.
Awesome. :)

Please dont' take my criticism as hatred for what you guys are doing. I appreciate your efforts. I just can't really support it as long as these oddities are lingering about. I'd love to be able to use it and recommend it to others once things are cleared up.
 
Mentioned this in our PM...I'll share for transparency...you helped trigger my memory about one issue.

There was an issue with some Google bot IPs in early July that you helped me remember (they either changed or added new IPs to their bots). Once we found out about the issue, we added all of their IPs to our macro to make sure they didn't get challenged.

Note:
We do have search engine bots in our macro list. If they change IPs or add new ones, however, it might take a day to get them added to our macro (they obviously don't contact us about any changes, but we do rely on the community to help us find these issues out).
 
Top Bottom