I work with Kloudsec [1], and we're a developer-centric CDN platform, and we're moving on an entirely opposite direction from Cloudflare. If Cloudflare is Apple, think of Kloudsec as Linux. Rather than bundling everything as a "magic" product, as you can do with Cloudflare today in this flow
1. Buy domain from CF
2. Automatically, CF is your DNS
3. Automatically, CF is your CDN in a single toggle
4. Automatically, CF is your WAF
We think that
* there is danger to internet neutrality when a monopoly arise out of a single data-trafficker
* that we cannot do everything well
--
Kloudsec says come use our CDN for free. And if you like, you can choose to enable optional plugins. Be it the automatic SSL provisioning (via LE), or our WAF.
But hey, if you don't like it, come build apps on top of our CDN too. Apps like a better PageSpeed, a better WAF, etc. These apps can be a Nginx module, things that you can export to your own build if you scale, or leave the infrastructure [2] to us.
On your pricing plans page [0], there's a misleading statement that Cloudflare's free tier doesn't provide DDoS protection, but Cloudflare's pricing and feature page [1] states that the free tier does come with basic DDoS protection. Whether or not there's a difference in the type of DDoS protection provided by Kloudsec, this feels deceptive.
For what it matters, CloudFlare protected my site against a 200mbps layer 4 attack on the fre plan. That's a small attack but it's great for a free basic offering.
And yesterday we (CloudFlare) protected a free customer against a 400Gbps (that's not a typo) Layer 3/4 attack. DDoS protection should be free at any volume and our scale is allowing us to make that a reality.
Looks good! Just beware that you don't give away too much for free though. A free plan is a good idea, but you've got to be fiscally sustainable and people are less trusting of services' longevity now because of the recent sustained wave of shutdowns.
FWIW It feels spammy to me for the top comment in a story about Cloudflare being someone pushing a competitor they work for. It's one thing to bring up the "too many eggs in one basket" concern, but doing so while pitching your company, on a story that isn't about you, just .... rubs me the wrong way.
These are valid reservations, especially CF MITM-ing half the Internet, but I have much more trust in CF doing things well than I do in other registrars except companies like Google who already only do it on the side.
Domain registration is a thin margin business which probably cannot support serious security efforts on its own.
I work with Kloudsec [1], and we're a developer-centric CDN platform, and we're moving on an entirely opposite direction from Cloudflare. If Cloudflare is Apple, think of Kloudsec as Linux. Rather than bundling everything as a "magic" product, as you can do with Cloudflare today in this flow
1. Buy domain from CF
2. Automatically, CF is your DNS
3. Automatically, CF is your CDN in a single toggle
4. Automatically, CF is your WAF
We think that
* there is danger to internet neutrality when a monopoly arise out of a single data-trafficker
* that we cannot do everything well
--
Kloudsec says come use our CDN for free. And if you like, you can choose to enable optional plugins. Be it the automatic SSL provisioning (via LE), or our WAF.
But hey, if you don't like it, come build apps on top of our CDN too. Apps like a better PageSpeed, a better WAF, etc. These apps can be a Nginx module, things that you can export to your own build if you scale, or leave the infrastructure [2] to us.
--
What do you guys think?
[1]: https://kloudsec.com
[2]: https://blog.kloudsec.com/building-an-anycast-network/