My website is actually using Cloudflare. What is Cloudflare? Why do you need it? In this post I will show you this pretty cool and useful service to make your website quicker and safer. Behind this system there are some technical reasons you will have clear after reading this post.

Boosting your website

As you may already know, when accessing a website, things work more or less like this:

  1. The client uses a domain name to find the server IP
  2. The DNS server tells the client the server IP address
  3. The client uses the IP address to request the website to the server
  4. The server returns the website to the client
Domain name

Image: A domain name will be resolved to an IP. (Illustration by Freepik Storyset https://storyset.com/web)

Therefore, we have a centralized point (the server) who receives the requests from clients and has to serve them the website. However, the server is a physical machine located somewhere around the world, so your website may be slow to load from some places far from where your server is located.

On the other hand, the server is directly exposed to the public world, so you will need this server to be as secure as possible to avoid attacks, especially the (D)DoS, where (distributed) attackers will overload your server with requests to turn it down.

Cloudflare: what is it?

Cloudflare is a (free) service that offers a quite extensive infrastructure around the world for boosting and protecting your website. In few words, Cloudflare offers their servers to be put between the clients and your actual server, changing the working process to this flow:

  1. The client uses a domain name to find the server IP
  2. The Cloudflare DNS server tells the client the Anycast Cloudflare IP address
  3. The client uses the Anycast IP address to request the website to the nearest Cloudflare server
  4. Cloudflare checks their cache and requests your actual server if necessary
  5. Cloudflare returns your website to the client

The thing here is that Cloudflare will act as a proxy to your website, and clients will connect to the nearest Cloudflare server thanks to Anycast IP addresses. Therefore, they will not know your actual server and different clients around the world will send requests to different servers.

Hands on: quick start with Cloudflare

First things first, you should create a Cloudflare account here. Then, you will have to select the first option: “Protect your Internet presence”.

Cloudflare getting started

Image: Cloudflare: getting started.

Afterwards, you will need to select the free plan. Of course, if you are an enterprise and you like what they have to offer, Cloudflare has many extra options that you may find useful in their paid plans.

Cloudflare free plan

Image: Cloudflare: free plan.

Finally, you will need to proceed to the migration of your DNS management to Cloudflare. That is, in your domain name registrar provider you have to say that now Cloudflare is going to manage your DNS entries.

A DNS entry is basically a configuration that associates a domain or subdomain you have with some value, usually an IP address. In Cloudflare, once you do the migration, you will be able to manage these entries as usual, but with an extra option: proxied entries.

Cloudflare DNS entries

Image: DNS entries: proxied and DNS only.

These are two types of DNS entries:

  • Proxied entries: the Cloudflare servers will handle the requests and proxy them to your server.
  • DNS only: this will act simply as a DNS entry, pointing the requests directly to your server.

Conclusion

Using Cloudflare has many advantages. The most relevant is the protection from (D)DoS attacks and speeding up the server response world-wide. Moreover, proxied entries will not expose your real server IP, so it will make more difficult for cybercriminals to attack it.

Obri! Now you can go and check my website DNS and TLS certificate :D