Four years ago I was a reluctant maintainer of a Cloudflare workers setup. At the time, my thoughts were “Cloudflare is not my app, yet because of these workers, it’s performing business logic, which doesn’t feel right. I want Cloudflare to just be a dumb shield preventing DDOS attacks.”
Now that I’ve used it for a few years professionally, my opinions are much more nuanced and hard to put into words. Cloudflare’s products are mostly pretty good, and the cost savings are very attractive. You just have to be willing to work at their level.
Well, I'd be interested to hear what some of those nuances are, personally. I primarily work in highly regulated industries and air gapped environments. I probably bother to do things that are considered a bother by most, like stick with k8s for most deployment scenarios. I play with CF on my home network and I just don't get it outside of ddos protection and fast delivery. It seems like a nightmare to maintain in the long run. What am I missing?
I find their SQL database’s latency to be absolutely unusable, though I haven’t tried in a few months. Otherwise I agree, great free tiers for what I’ve used it for.
Yeah agree, the devex has room for improvement as well. I use it perfectly fine for simpler apps but it could be better.
Big love for cloudflare though - all my apps are hosted with it. Their components and generous free tier have been able to let me ship so many random things.
Or you could just, ya know, rent a $5/mo VPS? For "your shitty todo app" it will work fine, has predictable scaling, and a built-in hard spend cap. Except you're not locked in to one particular "corporate overlord", because you can run it on literally thousands of different providers.
My understanding is that S3 egress is only a problem if you need to take data out of AWS, which you can simply avoid by having some kind of dedicated AWS direct connect or some such to route the traffic yourself?
Cloudflare is a cancer interjecting itself into all sorts of communication I'd rather have directly with the other party, like my bank, email, blogs, health providers etc.
Gatekeeping the broader internet from people in poorer countries, people using VPNs etc.
I predict they will be the first pushing DRM blobs instead of html/js and killing the open web.
Any single US entity trying to MITM such large swatches of global internet traffic is inherently dangerous to global freedom. they're a single point of failure for national security letters and secret gag orders that can compel them to perform targeted censorship, backdoor all sorts of software via HTTP distribution channels, assist in US disinformation operations by rewriting third party content, etc. They could be logging literally every plaintext HTTP request and response passing through their servers and leaving it wide open in some noSQL database for hackers to go steal from someday - users have no way to trust that Cloudflare is even competently qualified to protect what they collect, and there's nothing stopping Cloudflare from blatantly lying about what they collect. This wouldn't be as big of an issue if they weren't collecting your social security / national insurance number, name, age, date of birth, address, contact information, credit card details, usernames, passwords, and every other piece of data under the sun on sites that sit behind CF, including government websites and websites that function more or less as public utilities.
Cloudflare poses an impossible to overstate threat to your right to privacy, your right to freedom of speech, to democracy itself, to say nothing of the threat they pose to the free and open web. They are very nearly as large of a stain on what was arguably one of the crowning accomplishments of the human race (the internet) as the largest evil corporations on the planet - Microsoft, Alphabet (Google), Amazon, Meta (Facebook), etc.
Now that I’ve used it for a few years professionally, my opinions are much more nuanced and hard to put into words. Cloudflare’s products are mostly pretty good, and the cost savings are very attractive. You just have to be willing to work at their level.
also they are becoming cloud service provider that can really threaten many big player because from bandwidth alone is real game changer
Big love for cloudflare though - all my apps are hosted with it. Their components and generous free tier have been able to let me ship so many random things.
Cloudflare is a cancer interjecting itself into all sorts of communication I'd rather have directly with the other party, like my bank, email, blogs, health providers etc.
Gatekeeping the broader internet from people in poorer countries, people using VPNs etc.
I predict they will be the first pushing DRM blobs instead of html/js and killing the open web.
Obligatory resource: https://0xacab.org/dCF/deCloudflare
Any single US entity trying to MITM such large swatches of global internet traffic is inherently dangerous to global freedom. they're a single point of failure for national security letters and secret gag orders that can compel them to perform targeted censorship, backdoor all sorts of software via HTTP distribution channels, assist in US disinformation operations by rewriting third party content, etc. They could be logging literally every plaintext HTTP request and response passing through their servers and leaving it wide open in some noSQL database for hackers to go steal from someday - users have no way to trust that Cloudflare is even competently qualified to protect what they collect, and there's nothing stopping Cloudflare from blatantly lying about what they collect. This wouldn't be as big of an issue if they weren't collecting your social security / national insurance number, name, age, date of birth, address, contact information, credit card details, usernames, passwords, and every other piece of data under the sun on sites that sit behind CF, including government websites and websites that function more or less as public utilities.
Cloudflare poses an impossible to overstate threat to your right to privacy, your right to freedom of speech, to democracy itself, to say nothing of the threat they pose to the free and open web. They are very nearly as large of a stain on what was arguably one of the crowning accomplishments of the human race (the internet) as the largest evil corporations on the planet - Microsoft, Alphabet (Google), Amazon, Meta (Facebook), etc.
As dumb as it sounds, I've witnessed a similar thing not long ago, lol.
(Different company, not CloudFlare. I really like CF.)