If you are worried about getting your blog post to the top of Reddit or Hacker News (I've never been there myself); you can have a very modest web server or even a pay per request serverless sort of thing and pay $20 real quick to Cloudflare if you happen to get popular. It's the Bart Simpson method of highly scalability[0], for static content you can have global datacenter coverage in a couple minutes or so if you use them for DNS to start with. It even works if the origin server goes down.
> you can have a very modest web server or even a pay per request serverless sort of thing and pay $20 real quick to Cloudflare if you happen to get popular.
I get the impression that a lot of the critics in this thread don't really understand Cloudflare, how cheap it is, or even the concept of CDNs in general.
$20/month for Cloudflare Pro is a steal for what you get. Spinning up a dedicated server in a single datacenter somewhere isn't going to give the same results, especially if your users are geographically distributed like in this case.
> I get the impression that a lot of the critics in this thread don't really understand Cloudflare, how cheap it is, or even the concept of CDNs in general.
You’re talking past the point here. It doesn’t matter how cheap if you’re fundamentally opposed to enabling cloud flare to reach its meat hooks further into the Internet.
This is no different from arguments about embedding google analytics or “just paying for windows” instead of using Linux.
I don't think the problem is a specific CDN. Is that everyone ends up using the same CDN, so when Cloudflare has problems, it affects everyone. Same with AWS, large swaths of the internet goes down if AWS does, which sounds great for AWS in marketing material, but less great for the general usability of the web.
> What point? Nobody said anything about "cloud flare to reach its meat hooks" in the article or the above thread except you?
The OP mention "cloud flare to reach its meat hooks" in the thread attacking those who haven't jumped into Cloud flare's bandwagon by putting up a strawman on how that's only due to ignorance.
OP clarified that misrepresentation by pointing out the risk of allowing a single company to control the CDN market specifically and serving web content in general.
I figure helping Cloudflare get it's meathooks in the internet offsets all the really big companies that have their meathooks in, or at any rate doesn't worsen the real problem.
> (...) helping Cloudflare get it's meathooks in the internet offsets all the really big companies (...)
What? No. Cloudflare reported a revenue of half a billion dollars, and already controls about half the CDN market.
Let's put things in perspective: in comparison with Cloudflare's business, AWS is a minor player and an underdog with less than half of Cloudflare's market share.
Cloudflare is by no means a small company or an upstart or a David among Goliaths. Cloudflare is in fact and by far the Goliath of the CDN world.
Just to understand you better: are you only talking about CDN activities from AWS here? Because I see websites talking about a quarterly revenue of tens of billions of dollars for AWS.
> Spinning up a dedicated server in a single datacenter somewhere isn't going to give the same results, especially if your users are geographically distributed like in this case.
Maybe not, but is the target audience that shills out $20/month really the type of people who have optimized their site to such an extent that shaving 50ms off the request latency by having your edge cache geolocated is really the type of thing that makes the difference? most of that group could probably do a lot of other optimizations that probably count for more.
> Maybe not, but is the target audience that shills out $20/month really the type of people who have optimized their site to such an extent that shaving 50ms off the request latency by having your edge cache geolocated is really the type of thing that makes the difference?
The common mistake is to pick a server geographically close to yourself, only access it from low-latency connections, and then assume that everyone in the world is seeing the same thing.
Or to only visit your own site with everything already in the browser cache. If you're not seeing cold start loads, you're not seeing what every new visitor to your website is seeing.
Consider the Photopea.com website. The author explained in a comment below that he spends $60/month to host the site without a CDN. Several of us loaded the site and it took 2.5 - 5.0 seconds to load. He could sign up for a cheap Cloudflare account, reduce the size of his server (due to caching), and the load times for everyone would drop by a significant amount.
If you're hosting simple, static content like a blog for an audience that doesn't care about load times, then of course nothing matters. But for modern, content-rich websites (photos especially) it can actually be a substantial improvement to add a CDN even if you have a single fast server. You may not see it, but visitors from distant locations definitely will see a difference.
With some browser security policy that blocks part of the download, the homepage www.photopea.com clocks in at 3.80MB (so it should be much higher in practice). In this case, it's mostly JS, so designing your website properly (without JS, especially if the app itself is wasm not JS) would have much better savings than moving to CloudFlare CDN.
A CDN is more times than not the wrong answer to a real problem. Shave off your website and consider content-addressed protocols for big static asset download (like the textures from the article). If you run your website as a lightweight glorified Bittorrent index you'll notice your costs are suddenly a lot less, and you can still have a smaller "Download over the web" button as fallback.
> Consider the Photopea.com website. The author explained in a comment below that he spends $60/month to host the site without a CDN. Several of us loaded the site and it took 2.5 - 5.0 seconds to load
This is a conclusion i am extremely doubtful of.
Ping time new york <-> tokoyo is about 180ms. So lets say as a worse case the ping time to the single server is 180ms (its probably not that bad), and lets say the latency to cloudflare edge server is 20ms.
So using cloudflare on a cache hit (best case), you save something like 160ms per roundtrip.
Which don't get me wrong is a huge savings and worth it (although this scenario is hugely exagerated).
However say you want to load the page in under 1 second instead of 5 seconds. In this scenario you would basically have to have 25 round trips to bring the site from 5 seconds to 1 second just on rtt savings of having a geo located edge server. If your site needs 25 round trips to load, something else is clearly wrong. (And this is an exagerated case, the real world the benefit would probably be much less)
To be clear i'm not saying that geo located edge caches are bad or useless. They are clearly very beneficial thing. Its just not the be all and end all of web performance, and most people in the demographic we are talking about probably have much more important things to optimize (otoh using cloudflare is cheap and doesnt require a lot of skill, so it is a very low hanging fruit)
> So using cloudflare on a cache hit (best case), you save something like 160ms per roundtrip.
Per packet. If you're doing a cold start, you'll pay that latency cost several times over: first the TCP handshake (3 roundtrips), and then the TLS handshake (2 more roundtrips). That's 800ms of extra latency before you even get to sending the first HTTPx request.
> In this scenario you would basically have to have 25 round trips to bring the site from 5 seconds to 1 second
You’re forgetting that the TCP protocol itself is bidirectional. High latency connections will have lower throughout, especially at the beginning of transmission, because the data isn’t literally just streaming in one direction.
Anything over 100ms [1] is perceived as not-instant by a user. If you wait 2RTTs with 50ms per round trip, then you've already exceeded this threshold.
> last I checked Cloudflare was free too for caching static HTML assets?
If not free then very cheap, as I understood TFA: Wasn't that why they have two separate domains and serve static assets from one of them, to be able to use the cheapest Cloudflare tier for that domain = those assets?
> If you're going to centralize in Cloudflare you might as well just skip the hosting the website bit entirely and make a business account on Facebook as your host.
These responses are getting bizarre. Facebook pages have nothing to do with web hosting or Cloudflare.
Also, hosting on a single server in a single datacenter is, literally, the definition of centralized. Cloudflare distributes the content to a huge number of edge nodes which are spread around the world. How did we end up in this situation where people are calling the distributed solution centralized and suggesting a centralized solution as the alternative?
If cloudflare did that, then you do a simple DNS change and host your content somewhere else.
You are ALWAYS going to be contracting with a third party to provide your connection to the internet... why is trusting cloudflare not to block you riskier than trusting your ISP or the data center that has your server?
> If cloudflare did that, then you do a simple DNS change and host your content somewhere else.
You missed the point. It’s an illustration of how much of the global internet cloudflare intermediates and can eavesdrop, filter. Guess how many tor users you fucked by putting cloudflare between you and them. Vpn users, etc.
Conflating cloudflare's distributed architecture with distributed control is just silly. It is extremely centralized control and the CEO of Cloudflare has already terminated accounts of a business he had a personal distaste for on whim.
"Non-commercial" might be a better way to understand this point of view. Instead of prioritizing profit (the reason for people using cloudflare, it's cheap and good) the idea is to minimize the damage done by large centralizing forces on the internet. So, in the above comment I suggest Facebook as an equal option because it is analogous to using Cloudflare. The intent was to get you to think like a human person and not a business owner or employee on the clock. It's short term gain for long term damage to the internet.
But then again, if Cloudflare terminates your account, the website is still up; it's just going to be slower, and you're going to pay more to serve the same number of users. There's no lock-in there that I can see.
>It is extremely centralized control and the CEO of Cloudflare has already terminated accounts of a business he had a personal distaste for on whim.
As opposed to the CEO of Amazon/Rackspace/your favorite host here who doesn't have the ability to terminate your account? What are you saying? Or are there other non-profit web hosts and CDNs that I missed?
If you have a personal axe to grind against the CEO of Cloudflare, just say that.
Superkuh's point is that depending on any single service to protect/host/route your content is setting up oneself up to be Parler'd or 8chan'd. It doesn't matter how good the technology. If you don't any have any control over it, you're one copyright strike or bad mood from a CEO away from being deplatformed.
There's.no need to grind an axe to observe how past actions have set the course for the future, perhaps for the worse.
>If you don't any have any control over it, you're one copyright strike or bad mood from a CEO away from being deplatformed.
Again, _as opposed to what_? Are you saying polyhaven should go multi-cloud and spend triple what they need? You aren't actually presenting any real solutions, you are just complaining about the cloudflare ceo.
I'm a guy who wants to host a service. You are telling me Cloudflare bad. What is the alternative, and how do I ensure the CEO of that service doesn't null route me?
>Again, _as opposed to what_? Are you saying polyhaven should go multi-cloud and spend triple what they need? You aren't actually presenting any real solutions, you are just complaining about the cloudflare ceo.
I haven't complained or suggested a damn thing in my previous comment. All I've provided is an extended summary of Superkuh's comments and supported those claims with evidence of past events. Exercising due diligence shouldn't be regarded as a controversial position.
>I'm a guy who wants to host a service. You are telling me Cloudflare bad.
I'm telling you that depending on a single service, whether that service is Cloudflare, Youtube, AWS, etc., is a bad idea. If you don't have a credible alternative provider you can migrate to at a moment's notice, you're website and content is at risk.
>What is the alternative, and how do I ensure the CEO of that service doesn't null route me?
>You can't ensure the CEO of a company doesn't null route you.
So the alternatives aren't better than Cloudflare, Superkuh just had an axe to grind specifically with Cloudflare. And there is no an alternative solution that wrests control from a CEO having a bad day.
At the end of the day, he's still at the whims of the Cloudflare/Bunny/Akamai and if he wants to be fully in control he must spend millions building his own CDN.
It's not as if Cloudflare has major switching costs either.
Any alternative is better than everyone using Cloudflare. This would be true even if Cloudflare hadn't already demonstrated their untrustworthiness. It's true for LetsEncrypt even if LE is awesome and really improved the internet and there are other options. If people only use one thing in practice it is a locus of control.
"Why are you using this thing that solves your problems and does it cheaper than you making your own solution to your problems? You're leading to centralization of the internet!" Good luck changing human nature. Writing these comments here is helping, I'm sure of it. /s
To be fair, Parler and 8chan did deserve to get Parler'd and 8chan'd respectively. To also be fair, even if you are not Parler or 8chan, it is a valid concern.
Dealing with fraud and abuse has _long_ been a centralizing force on the internet. Think about email which is the way it is largely because of spam. We need to structurally stop spam not just shame people from embracing solutions that make their life easier.
It's interesting - I see Cloudflare a rising force against network attacks more than its CDN properties. It will become the defacto centralized network. Not sure if I like that philosophically, but practically and as a engineer, most enterprises will choose to get their DDoS, WAF, Zero Trust products. Networks are the most vulnerable part of the internet infrastructure. Cyber warfare isn't just a talking point on a 60-minutes episode, it is a real threat to large businesses and they'll opt for centralized control over decentralized risk. They'll keep Cloudflare CEO in check, if not the shareholders/BoD.
I've had my personal $5/mo Digital Ocean VPS Wordpress site hit the top of HN before. I kept an eye on htop, but it handled it just fine. Exciting times.
As long as you have a decent backend it's no problem. If you're using some python/ruby/JS thing you're probably going to need some kind of reverse proxy to keep up with top of HN. If you're using a Haskell/Rust/C++/etc. compiled backend you're probably fine.
$20 a month for a Static site? that feels like a first world problem. I feel like everything is over engineered, unless you need subsecond delivery of your assets which are very huge, cdn doesn’t even makes sense. For a blog whats the point, your site is not going to receive heavy traffic every hour from global locations everyday. If you are concerned about returning users cache your assets on their machine. If your site is video heavy I can understand. I run a Django site for a zoo on a $10 instance, I have 2 others running on same instance. Never had issue with page speed even on 2G or under load my instance didn’t suffer. My storage on s3 is proxied via Nginx and cached on user device and in Nginx, I never even had a downtime due to traffic. I use fail2ban for basic protection. If it comes to DDOS im behind cloudflare free tier. $20 per month for a blog? Lol.
You missed the point, it's "pay $20 real quick to Cloudflare if you happen to get popular". There is a generous free tier, and for years I have paid nothing to Cloudflare, but I serve 2GB total every month to visitors, YMMV.
No I didn’t miss the point, $20 is weeks worth of meal in majority of countries. People from those countries run successful blogs without paying a penny to cloudlfare. I serve much more than 2GB per month without all that on a dynamic site. Paying cloudlfare for that is like putting a tarp over a dumpster fire to quickly hide it. I would rather think why my static site fails like shit when it doesn’t even need server side processing and correct it. I’m not saying cloudflare/CDN is useless, it shines when you are serving huge assets every hour to lot of people globally, or want to secure from bot traffic, or other useful features it provides. Heck you could even host a static site on s3 or netlify for free and answer all the traffic in the world. Remember Google returned subsecond results much before cloudflare or global CDNs were in place.
One variable you miss is the price of your own time.
To pay USD $20 and unload a problem to some 3rd party service takes under 30min, while running a scalable, high performance web-server on low budget is hard and time consuming - even impossible for devs with no sufficient devops/admin skills, which is sadly a majority.
Back in the day, as a student with no money and a time to spare I used to do it all myself too, guerrilla style. Nowadays tinkering with my private servers would mean taking time from my real job, and that just doesn't make sense financially, my time is way more valuable and scarce now.
That's why we have the economy of specialists in the first place. One can do everything in DIY fashion, but in our civilization it's usually cheaper to hire a plumber's or carpenter's services than to invest in learning the skills, buying the tools and then doing it, if it's not your primary source of income. It's no different with CDN services.
I never spent any other time other than the initial deployment. Like I said if your tap is leaking find a competent plumber or if you have the skill fix the leak, don’t pay for water tanker every time you are out of water. Im not sure why you need high performance, scalable multisharded and other big cloud tech to run a static site. Im not against using cloudlfare, there is a usecase for it. I cant stress more about why cloudflare is such an overkill for static sites. A cheap VPS can go a long way before you have to start worrying about not being able to serve traffic for a static site, its not a blocking call. We would be wasting unnecessary resources, if we don’t fix the actual problem.
My site never failed thats the thing without paying $20. And many developers can actually do it too. If you can’t serve decent traffic for a static site, I would rather fix the leaking tap once and for all than wasting money on a water tanker every time I am out of water.
What does the $20 buy vs free plan? During a spike I was able to handle 30k pageviews per hour with Cloudflare free plan + $40 vps. Pretty much all pageviews were cached by Cloudflare and didn't hit my server. How does the $20 plan help?
Makes sense, thats what I mean too. There is a use case for CDNs which do no make sense to pay for if its a static site. Which can be done much cheaper and for free most of the time. Unless you are running a google scale static site.
Interpreting ‘weeks’ as 2 weeks, the GDP necessary to call that weeks worth of meals is $520 dollars. There’s only like 6 countries with a GDP that low.
If you are only talking about food, it may stretch a bit further, but you’re still far away from the majority of countries.
As a designer, it's really easy for me to put something on Cloudflare... doing what HN does would take at least more than a few hours (and the knowledge) to set up properly.
I had a blog post on the frontpage of hn for more tht 20 hours and my cheap Vps for 3€ a month could handle it perfectly since my website is just a statically generated website with hugo.
Looks like with some dead basic optimisations (free versions of WP Fastest Cache and Autoptimise), my Wordpress site can handle around 1500 requests per second on a $5 DigitalOcean VPS before it starts to slow down.
On the old site, running on a shared host with less optimisations it would crap out at less than 10!
Seems like I don't need to worry about this after all.
[0]https://www.youtube.com/watch?v=aKU3hMvD31w