Hacker News new | past | comments | ask | show | jobs | submit login

What problem does CloudFlare really solve except for DDOS?



SSL. SSL is easy on a single server, but gets complex/expensive very fast on cloud platforms. Cloudflare have an incredibly easy solution (branded "flexible SSL") where they handle the SSL between the client and their CDN, and the CDN does un-encrypted requests to your platform.

Yes, this is a security shambles - Cloudflare is officially MITM-ing your traffic. But given the HTTPS-only movement this is a perfectly valid solution for public websites. And this announcement actually makes a big difference because if your platform is Google Cloud, then the un-encrypted portion is now over a private Cloudflare-Google interconnect.

FWIW, I've been using Cloudflare for 6 months and haven't seen any drop-outs. It's improved latency, and the only issue I've had was it mangling email addresses in transit, to prevent scrapers. It took 3 minutes to find the setting and switch it off, so I'm OK with that. Although I would prefer things that modify your HTML should be off by default.


I'm curious about the difficulties you're referring to. If you're referring to secure key distribution, check out Hashicorp's Vault project. Other than that, I can't think of any show-stoppers to deploying SSL across many commodity cloud servers.


Latency, although you can solve that through any number of CDN solutions.


That can be solved by using a cloud service with global POPs, spinning up nodes everywhere, and using a common core config built with Chef, Puppet, or Docker. Amazon, Digital Ocean, Vultr, Linode, Joyent/Triton, and probably a half dozen others will provide global presence with instant provisioning.

Slightly more work but you control it. Cost is probably similar.

DDOS mitigation is harder and is definitely something CloudFlare does well enough to earn some market share, but wouldn't it be nice if we had a more global solution to this problem that didn't involve third party firewalls?


Cost is definitely not similar. Building your own CDN network is not cheap and CloudFlare provides DNS + SSL + lots of locations + better routing + free bandwidth.

The servers, ssl and bandwidth costs alone would be more than their fees for any big site.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: