If we want to talk about the "big name" in free CDN services, I'm afraid it can only be CloudFlare. CloudFlare is an American Internet company that mainly provides CDN acceleration and website security protection. After continuous development, CloudFlare CDN is currently welcomed by all over the world. At the same time, CloudFlare also has in-depth cooperation with large companies such as Google and Microsoft.
Cloudflare provides DNS services to six million websites, among which famous websites include Uber, OKCupid and Fitbit. As of now, Cloudflare has 77 data centers located around the world, including South Korea, Japan, Hong Kong, Taipei, and Singapore in the Asia-Pacific region. wait. In China, CloudFlare is said to be cooperating with Baidu, which is Baidu Cloud Acceleration.
CDN acceleration is only a business of CloudFlare. DDoS protection is the biggest attraction of Cloudflare. If your website is suffering from DDOS attacks, you can enjoy free protection by connecting to CloudFlare. Of course, if your attacker is "powerful" enough you can upgrade to CloudFlare's paying customers. CloudFlare's ability to protect against DDOS is obvious to all.
Historically, CloudFlare has successfully protected against 500Gbit per second traffic attacks. Cloudflare provides all customers with the "I am under attack mode" setting. Once this mode is turned on, Cloudflare requires users to pass the verification of a JavaScript calculation query before they can access the website, thereby mitigating the problem. The impact of advanced layer 7 attacks, thereby preventing DDOS attacks.
This article will share ten tips for using CloudFlare that may not be widely known, including free SSL certificates, DDOS protection, DNS resolution, web firewalls, Cache cache acceleration, etc.
You may also need more webmaster tools:
- Summary list of free DNS domain name resolution services at home and abroad - Find more free DNS domain name resolution
- Three major reasons why I gave up Tencent Alibaba Cloud enterprise email - Attached is a summary of domestic and foreign enterprise (domain name) email addresses
- Summary of VPS hosting providers and computer rooms connected to CN2 lines - reference manual for identifying genuine and fake CN2 line hosts
PS: Updated on December 2, 2018, For information on how to use cloudflare Railgun acceleration, please refer here: Cloudflare Partner Access Management Cloudflare CDN-Enable Railgun Dynamic Acceleration.
PS: Updated on January 4, 2020, Cloudflare Railgun is the ultimate acceleration solution provided by Cloudflare specifically for Business and Enterprise customers. However, it can be turned on for free through Cloudflare Partner: Turn on Cloudflare Railgun acceleration for free - reduce connection delays and achieve dynamic page caching and acceleration.
1. CloudFlare does not need to modify NS to access CDN
CloudFlare official website:
- HTTPS://wuwuwu.cloud flare.com/
1.1 Normal mode-modify NS server
Log in to CloudFlare and add the domain name of the website you want to connect to CloudFlare CDN.
Then CloudFlare will scan the DNS resolution of the domain name. If there is no problem, click to continue.
Then CloudFlare will give you the NS server you want to modify.
After modifying the NS server and waiting for the DNS to take effect, you can see that it has been activated in the CloudFlare control panel. At this time, your website has successfully connected to CloudFlare's CDN.
1.2 Expert mode-modify CNAME access
After reading what I wrote before about joining Cloudflare Partner to provide CloudFlare CDN acceleration service for free, you know that users do not need to enter Cloudflare to use Cloudflare Partner to manage CDN acceleration. There is no need to modify the NS server of the domain name to modify the CNAME access. The effect of use Same as Cloudflare official website.
There are several Cloudflare Partner access platforms. If you have your own server, you can apply to join the Cloudflare Partner platform.
- HTTPS://CDN.我在不了.com/
- https://su.geekzu.org/
- https://cdn.g vs rv.com/
2. CloudFlare Anycast has obvious acceleration effect
CloudFlare uses Anycast technology for acceleration. The advantage of this is that when an attacker launches an attack, CloudFlare Anycast can resolve the "internal force" to different "audiences", thereby maximizing resistance to attacks. The picture below shows the difference between using and not using Anycast technology. (Click to enlarge)
One problem with CloudFlare Anycast is that users access only one IP address. Currently, the website accelerated by CloudFlare CDN when accessed from China shows nodes on the West Coast of the United States, and the speed is relatively fast. The domestic ping value is basically around 200.
This is the response time for accessing CloudFlare CDN nodes around the world. It can be seen that the acceleration effect abroad is also very obvious after using CloudFlare CDN.
In the past, many nodes of CloudFlare CDN were not available in China. However, during the test process, I found that after using CloudFlare CDN, the domestic acceleration was obvious, and the download speed tested with webmaster tools was very good.
This is the download speed of the test website. (Click to enlarge)
3. CloudFlare can perform free DNS domain name resolution
Many people have the impression that CloudFlare is a CDN-accelerated website. In fact, the DNS domain name resolution service provided by CloudFlare is no less than that of a professional third-party DNS resolution service provider. You only need to turn off CDN acceleration in the DNS settings.
4. CloudFlare DNSSEC ensures correct resolution
The full name of DNSSEC is Domain Name System Security Extensions, which is DNS security extensions. Its main purpose is to ensure that DNS can be resolved to the correct IP address. In layman's terms, encrypt DNS resolution like accessing HTTPS to avoid DNS interference.
At present, DNSSEC has not been found to support third-party DNS service providers in China. CloudFlare is also one of the few services abroad that provides free DNSSEC. You can turn on DNSSEC with one click on CloudFlare.
Then, you only need to fill in the key and other files generated by CloudFlare DNSSEC to the domain name registrar, so that you can successfully use DNSSEC.
5. CloudFlare provides free SSL certificate service
Regardless of whether your website server has SSL, you can enable an SSL certificate in CloudFlare with one click.
CloudFlare's free SSL certificates come in three modes. If your server does not have SSL, you can choose Flexible mode. If your server has an SSL certificate installed or has self-signed SSL, you can choose Full mode. Finally, if your server's SSL certificate is a purchased paid SSL, you can choose Full (strict) mode. (Click to enlarge)
6. CloudFlare enables HSTS mode with one click
HSTS stands for HTTP Strict Transport Security. Its main purpose is to solve SSL stripping attacks. As long as the browser has established a secure connection with the server, the browser will be forced to use HTTPS later, even if the link is changed to HTTP.
CloudFlare can enable HSTS with one click, and you can set the HSTS Header expiration time to force the browser to use HTTPS to access your website. However, some caution is required between opening them.
7. CloudFlare automatically turns on AMP acceleration
AMP stands for Accelerated Mobile Pages Project, which is a mobile device acceleration project proposed by Google. Baidu's MIP is modeled after Google's AMP. In order to gain the trust of search engines, many webmasters want to join AMP, such as the AMP that digs websites: https://wzfou.com/qiye-youxiang/amp/
CloudFlare provides one-click activation of AMP mode, so that when your mobile users visit your website, they will automatically enter CloudFlare AMP mode to achieve acceleration.
8. CloudFlare Page Rules custom functions
CloudFlare Page Rules is a very useful tool from CloudFlare. The reason why many friends don’t want to use CDN is mainly because their websites or services have a lot of dynamic content, and once they are connected to CDN, it is easy to cause web page errors or data request errors.
CloudFlare Page Rules allows you to customize page rules. For example, you can customize different policies for different pages, including forced HTTPS, 301 redirect, security level, cache level, browser cache time, permanent online, etc. In this way, you can manually "separate dynamic and static" on your website.
CloudFlare supports wildcards. The simplest one is domain name redirection. You don't need to write complex rules on your own server, just turn it on in CloudFlare Page Rules.
9. CloudFlare’s rich third-party applications
CloudFlare provides third-party applications such as Google Analytics, PACE, Hardenize, etc. You can enable CloudFlare CDN directly on the CDN without modifying the code.
For example, if you want to install Google Analytics, you can directly enable the Google Statistics service in CloudFlare, which is quite convenient.
10. CloudFlare has a free web firewall
Once your website is under attack, you can enable different levels of web firewalls in CloudFlare depending on the intensity of the attack. You can also see the attacker's IP address directly in CloudFlare and blacklist them with one click.
Total knot
CloudFlare can be said to be a very excellent CDN service provider. It not only provides free CDN acceleration services, but also can enable SSL certificates, AMP acceleration, support DNSSEC parsing, Google Analytics and other corresponding services for free, which is equivalent to doing it for your own website. Comprehensive acceleration and protection.
There are also many shortcomings of CloudFlare. For example, the CloudFlare service can only be used by modifying NS. Since CloudFlare CDN nodes are basically located abroad, there is basically no value for domestic websites to use CloudFlare CDN acceleration, and many nodes may not be accessible.