Hacker News new | past | comments | ask | show | jobs | submit login
Cloudflare Raises $150M and Adds to Board of Directors (cloudflare.com)
213 points by migueldemoura 43 days ago | hide | past | web | favorite | 152 comments

CDNPerf[1] provides a real-time performance analysis of all major CDN providers.

I have researched this space a lot, and my conclusions are:

- Cloudflare: the best all-in-one solution, as long as you don't go above the Business tier

- Fastly: the most technically advanced CDN, but also one of the most expensive ones (there is a reason why StackExchange and Reddit moved from Cloudflare to Fastly)

- KeyCDN: the best fully-featured value-for-money CDN, if you just want to replace AWS Cloudfront CDN / Google Cloud CDN / Azure CDN

- BunnyCDN: the best value-for-money CDN for distributing large static assets across the globe (can get as low as $0.0025 / GB)

[1] https://www.cdnperf.com/

> - Fastly: the most technically advanced CDN, but also one of the most expensive ones (there is a reason why StackExchange and Reddit moved from Cloudflare to Fastly)

Especially with the crazy SSL pricing. I appreciate there are technical difficulties, but LetsEncrypt has been out what - 2 years? And Fastly still want $100/month for a shared certificate.

Yup, that was a major barrier for us. Worth noting that they charge this much even if you want to use a Let's Encrypt cert [0].

[0] https://support.fastly.com/hc/en-us/community/posts/36004016...

Fastly also don’t support proxying WebSockets. They told us we should switch to long polling which would have driven up our costs with them significantly since they charge per request — funny how that works.

Still, definitely the most interesting CDN if you can’t do your own thing. Network still isn’t where Akamai or EdgeCast are. Lots of good people there, though.

And if anyone needs more than just proxying WebSockets, there's Fanout Cloud which can manage WebSockets without requiring 1:1 connections with the origin.

Seems like a pretty clever way to filter out cheapskate customers. I don't think most large organizations would care about that kind of rate

It's less a filter but more of a tack on. What I mean is that if you're already on Fastly and find their features compelling, $100 for a certificate is nothing and generates huge margins for Fastly. It's a bit like the BMW/German car model: their base price is not too bad but if you want even the most basic features the mark ups are insane.

Even worse when you consider that their biggest competitor gives SSL away to free tier customers.

I happen to like VCL and what you can do with it. I would rather Fastly got coverage for what's possible, rather than Cloudflare Workers getting all the blog articles.

But without a cheap/free tier for smaller projects (and all my tech skills have been honed on small projects and then applied to large clients) they are not going to attract that coverage.

CDNPerf is great. I actually used them to choose which CDN to use for video on demand streaming. I ended up going with Google CDN. My benchmark was how many complaints I got from students on my platform[1].

- Cloudflare doesn't distribute hls segments they will just route everything to LAX

- Bunny CDN had a few

- KeyCDN had a few but better than Bunny CDN

- StackPath had a few but better than Bunny CDN

- Google CDN had 0 complaints

No youtube, Vimeo etc...

All video streaming / hosting is done in house. Streams about 500GB to 600GB / month.

I pay about 40 USD / month for Google CDN bandwidth. I used CDNPerf pricing calculator, it's spot on.

[1] https://www.codemy.net.

At Mux we use Cedexis Openmix to dynamically select between Fastly and Highwinds (now Stackpath) CDNs to stream a lot of video. The end-user experience with a CDN is going to vary dramatically depending on where your users are located around the world, which ISP they use, and many other factors that change by the minute. I wrote a blog[1] post about how & why we use multiple CDNs with our video service.

You might also want to evaluate a video QoE service to see what your users are experiencing in terms of video start-up times, rendition switching, buffering, etc.

[1] https://mux.com/blog/multi-cdn-support-in-mux-video-for-impr...

That is cool. I've been stalking Mux for a while. Since I've had to implement some of the things Mux offers on my own.

I actually completed the video streaming part of my CMS right before Mux offered /video service. By that time it was too late lol I had already solved most of the problems.

Also saw that you guys use elixir on your backend which was coincidentally was also my language of choice.

(edited: I work at Cloudflare)

Can you clarify the problem you had with Cloudflare? It should work for this sort of use case.

A major client of mine was recently shut down (without notice) because one of our major products is video streaming. Apparently that’s now against the Cloudflare’s TOS (unless, of course, we used CloudFlare’s streaming product at rates that make us unprofitable).

We left without looking back, because interrupting our primary product without notice is unacceptable in every situation (except the very, very few aggregious fringe cases).

Hi Luke, late to the show here, but agreed this should never happen. Can you reach out to me directly with the domain name you used? You can DM me at twitter.com/jplevine

I don't think you can, because Cloudflare Video CDN is a separate product. So offering it a long with your business / free package is against your business interest. Cloudflare basically tried to sell me a $1000 / month (minimum) Video CDN. But if it was a mistake and should this be able to work using Cloudflare I would happily pay to upgrade to the business plan. I can afford 20-40 USD / month not $1000

I'm not sure what our minimum plan level that allows using us for mostly video is, but it's almost certainly independent of Cloudflare Stream.

>Cloudflare doesn't distribute hls segments they will just route everything to LAX

HLS segments?

HLS = HTTP Live Streaming

Coverage is a Big Deal. Fastly used to be pretty unavailable in South America but has since last year improved coverage (esp via west, in Chile).

I'd also like to add that with Cloudflare workers the technology lead of fastly (VCL, edge configuration) has reduced significantly.

Note about bias: I've used both cdn's for years but mostly opt for Cloudflare today.

I wish they'd show at least 99th percentile latency (if not higher) in the comparison charts, not the average. Average is the wrong way to measure latency.

CDNPerf and DNSPerf services most likely do testing from some pool of VPSes or hosting services, although I can't see such details in their description. If you are interested how your service performs when serving to other servers, you can use it. If you are interested how it performs when serving to real people (home, mobile, offices), I wouldn't trust it.

Your comparison is missing Akamai which is probably the most feature-rich and largest CDN.

I believe they used to benchmark via their own pool of test servers, but according to the sidebar they're now collecting "real user metrics" somehow:

> All results are based on RUM (Real User Metrics) data from users all over the world

> We gather and analyze more than 300million tests every day

> "RUM Uptime" shows the uptime of CDN providers as measured by real users. Due to bad Internet connections this number can contain false positives.

Agreed about Akamai, though — it appears to be clearly faster than those listed (they certainly had a HUGE head start). But also by far the most expensive. You get what you pay for in this industry!

I see CDNPerf and DNSPerf as a way to compare the providers relatively to each other, not as a trustworthy tool go get the real indications of time.

I skipped Akamai, because it seems to be from the period of time, where the number of points of presence (PoPs) was used as the best indicator of the quality of a CDN. It might still be true in some of the third-world countries, but it's no longer the case in the developed world[1].

As for DNS providers: NS1 is like Fastly (the most advanced / premium), Rage4 is like KeyCDN (the best fully-featured value-for-money), and ClouDNS is like BunnyCDN (the best high-volume value-for-money). And Cloudflare is still Cloudflare.

[1] https://www.fastly.com/blog/why-having-more-pops-isnt-always...

You're right. I was wondering how this company is able to collect such data from real users. It's registered in an apartment in Cracow, Poland, a 1-person company till last year (here is their company info in polish: http://www.krs-online.com.pl/perfops-sp-z-o-o-krs-10397838.h... , still an apartment address) . Now looking at the Network tab in Developer Tools I can see they are running the tests from JS on their site using visitors of cdnperf.com. I can see requests for URLs like /500b-bench.jpg?t=1552402827417 to various domains.

CDNPerf is owned by PerfOps, a VC funded startup. Lots of info here https://perfops.net

>NS1 is like Fastly

Except NS1 don't actually offer any pricing.

Rage4, are they being used by any big players site? I mean KeyCDN, despite its price are actually pretty decent and have quite a few Enterprise customers.

And no mention of DNSMadeEasy?

> Except NS1 don't actually offer any pricing.

That's true, and it might have been a good enough reason to exclude it from the comparison, as I did with Akamai for CDN. Yet, unlike with Akamai, nothing seems to come really close to NS1 in DNS space.

> Rage4, are they being used by any big players site?

That's its major downside. It has no competition in terms of the price / performance ratio, but might be not big enough company for major players to put a trust in.

Still, Rage4 is regarded with respect by others in its own industry: BunnyCDN uses it for distributing the traffic, and Cloudflare's employee recommends it when Cloudflare doesn't fit[1].

> And no mention of DNSMadeEasy?

I found it to be neither the most technically advanced, nor the best value-for-money. It might be a good option for those who don't have enough justification for NS1, and enough confidence in Rage4.

[1] https://news.ycombinator.com/item?id=12052830

They’re a good macro view of latency though. You need to do your own testing to get real world results.

(I work at Cloudflare)

The Reddit and StackExchange stories are before my time, but I believe they related to reliability issues we were having at the time. It was over three years ago at this point, a lot has changed.

I have a personal connection with your comparison because my company actually used Fastly before I joined Cloudflare, I had the exact perception you're describing. Four years later, being able to write JavaScript with Workers would have made my life so much easier than trying to do failover in VCL as I was then.

Not arguing that VCL doesn’t suck hard, but check out:


Thank you for not making us read a blog post to learn this. I appreciate the information.

> Cloudflare: the best all-in-one solution, as long as you don't go above the Business tier

Do they require you to go above the Business tier for high CDN traffic levels?

A very high traffic CDN customer is likely to run afoul of section 2.8, Limitation on Non-HTML Caching, of the Cloudflare Self-Serve Subscription Agreement:

> The Service is offered primarily as a platform to cache and serve web pages and websites. Unless explicitly included as a part of a Paid Service purchased by you, you agree to use the Service solely for the purpose of serving web pages as viewed through a web browser or other application and the Hypertext Markup Language (HTML) protocol or other equivalent technology. Use of the Service for the storage or caching of video (unless purchased separately as a Paid Service) or a disproportionate percentage of pictures, audio files, or other non-HTML content, is prohibited.

This limitation does not exist on the Enterprise plan, and Cloudflare salespeople are likely to make that point when selling the upgrade.

Oh wow, they added that back. Bummer.

It used to be SECTION 10: LIMITATION ON NON-HTML CACHING. [1] Then with the May 25, 2018 update to the terms [2] they removed that limitation. It has a section 2.7 Acceptable Use but no 2.8. Then they announced their Bandwidth Alliance on September 26, 2018 [3] offering some interesting free bandwidth options, including with places like backblaze which are primarily for storing non-html content. At the time of the announcement it seemed pretty mind blowing, especially because the non-html limitation had been removed previously. However it looks like they later updated their terms again on October 26, 2018 [4] to put back the limitation as section 2.8 Limitation on Non-HTML Caching.

Quite unfortunate. I was actually looking forward to using the bandwidth alliance benefit to access my B2 buckets, however looks like it's against the rules again.


[1] https://web.archive.org/web/20180413184130/https://www.cloud...

[2] https://web.archive.org/web/20181002020343/https://www.cloud...

[3] https://blog.cloudflare.com/bandwidth-alliance/

[4] https://web.archive.org/web/20181102014745/https://www.cloud...

Yes, if you use too much bandwidth a business rep will reach out to you and tell you that you must upgrade to a per gb plan to continue using their service. In my case, I think I was at about 40TB a month

If one of our reps told you that you are forced to upgrade then I would like to see that email because you will not be forced into upgrading.

I'm happy with CF's service and this isn't a complaint. I was serving ~80TB of data (mostly in South America) and paying 80 or so dollars/month, so I completely understand why I was contacted. But I keep seeing these messages that people aren't forced to upgrade and that traffic is truly unlimited...

This was the first email: https://www.celsoazevedo.com/files/2019/01.png

I then replied that I couldn't afford an Enterprise plan and that I understood about the costs of serving 80TB. I was offered a $3000 plan: https://www.celsoazevedo.com/files/2019/02.png

I explained that 3k was too expensive for me, but I would be fine with something up to $500 even if that meant less POPs/features. Or I could leave Cloudflare too. The price dropped to $1500: https://www.celsoazevedo.com/files/2019/03.png

I asked for a few days so I could move some heavy files (under the 512MB limit) to a ~$120 OVH server and reduced CF's usage to under 2TB/month.

Again, I'm not complaining. I still use CF's service (last month I used over 150TB with Backblaze B2), but it's true that some users receive emails telling them to upgrade and that sometimes these emails imply that the site will be kicked out if nothing is done.

This was looked into. This apparently occurred in early 2017. This is a not a sales practice that we endorse and I'm sorry it happened to you.

No problem :)

Thanks for your insight! I've been thinking of building a data heavy service myself and have been considering using Cloudflare. Your comment is very valuable.

Now when you say that you still use Cloudflare & also that you used over 150TB with B2 last month, do you mean through Cloudflare thanks to their Bandwidth Alliance? If so, is this with a regular $200 Business plan or something more expensive? I've been wondering how much of this Bandwidth Alliance traffic would truly be free like they're advertising until they want me to start paying by the GB.

Yes, Cloudflare + B2. Since they're part of the Bandwidth Alliance, traffic between Backblaze and Cloudflare is free. I also cache all files on Cloudflare with a "page rule" (they cache files up to 512MB), so the heavy lifting is done by them.

What am I hosting?

There's modified Google Camera app that unlocks Google's HDR+ on non-Google phones. It's an amateur thing for people that like to thinker with their Android phone. People were having issues downloading the files so I started hosting them (https://www.celsoazevedo.com/files/android/google-camera/). I also host other stuff which is used by people that install custom ROMs. Eventually all this got popular and now my personal domain uses this massive amount of bandwidth. Here's the weird thing: this domain is on a "pro" plan ($20) and they haven't said a thing (yet?).

This is not a business or a service. I have Adsense, but sometimes it's not enough to pay all expenses, so if an upgrade to an enterprise plan was required, I would be forced to close down the site or (with community support) move all this to one or two dedicated servers (you can get at least two 1Gbps servers on Hetzner or OVH for less than what the Business plan costs).

I really mean it when I say that I'm happy with Cloudflare. Without them this little hobby wouldn't exist. I only showed the email because jgrahamc asked for it and because it's not the first time I see someone mentioning "forced" upgrades.

Now, while "unlimited" is nice for what I do and for when you get popular overnight, not having a limit creates some insecurity. 80TB wasn't okay before, but 150TB is okay now? Was the email sent because CF was proxying/caching .jpg and .mp4 files? If so, do .zip and .apk files have different limits? We don't know if we have crossed the line if we don't know where the line is.

If Cloudflare does what you need, go for it. If you want a plan b, look into dedicated servers, after all not all content needs a CDN.


I tried to edit my original comment, but the "edit" button is gone: the email was sent almost 2 years ago. At the time they also claimed to have unlimited traffic, but I received that email anyway. Maybe something changed between then and now?

I really appreciate you taking the time to reply. Thanks!

Yeah my original plan was to use B2 as storage and build my own caching system on Hetzner dedicated machines, as you suggested. Excess traffic was very reasonably priced at Hetzner at 1€ per TB. Since October 4, 2018 they've made traffic completely free. [1] However it's the B2 traffic pricing that was bugging me, as they charge $10 per TB.

When the Bandwidth Alliance got announced between Cloudflare & B2 to make B2 traffic free, it was like a dream come true. Especially because at the time this was announced the Cloudflare terms allowed for caching all legal files.

Unfortunately on October 26, 2018 Cloudflare changed their terms again to prohibit non-html caching. [2]

Thanks to your comments here and also jgrahamc saying that forcing to upgrade shouldn't happen anymore, I'm now a bit more optimistic again about using Cloudflare. I need to research & think some more to decide the exact plan, but even something like using Cloudflare to tunnel data from B2 to Hetzner for free sounds pretty nice.


[1] https://www.hetzner.com/news/traffic-limit/

[2] Use of the Service for the storage or caching of video (unless purchased separately as a Paid Service) or a disproportionate percentage of pictures, audio files, or other non-HTML content, is prohibited. https://www.cloudflare.com/terms/

Hetzner have Storage Boxes with free internal traffic.[1] Assuming they are enough for what you're trying to do, they might be a better solution than B2.

[1] https://www.hetzner.com/storage/storage-box

Other than, "please reply" I don't see where you were forced to upgrade.

Check the other two screenshots.

The reason for the email was the bandwidth I was using. Since I could only spend up to $500/month, I asked if they had any plan inside my budget. I was open to have less features, less POPs or POPs only in cheaper places (eg: US or EU). If not, and since I couldn't afford the $3000 plan, I would have to leave the service and move everything to a new server (I was using a VPS, was in a place with bad internet, and asked for a few days to migrate everything).

The 3rd screenshot shows their reply to this:

> At the moment we offer the plans that are listed on our website and the Business Plus plan, which I cannot offer for less than $1500. If this is not an option for you please let me know when you have moved your traffic to a new server.

English is not my native language, so I might be missing something here. I understood it as "it's either the $1500 plan or leave the service".

As I said, traffic costs money and I don't really expect unlimited bandwidth. I'm also aware that it using something like Cloudfront would cost more than $1500.

I only replied to jgrahamc because he asked for the example and because it's not first time that I see CF people saying bandwidth is not a reason to force an upgrade. Since Matthew (CEO) and and jgrahamc (CTO) keep saying that bandwidth is not an issue, I assume that they don't know about these emails.

> The reason for the email was the bandwidth I was using. Since I could only spend up to $500/month, I asked if they had any plan inside my budget. I was open to have less features, less POPs or POPs only in cheaper places (eg: US or EU).

As of October 2018, Hetzner is the best choice in such scenario[1]:

"Hetzner Online has permanently removed the traffic limitation for all Dedicated Root and Managed Servers with 1G Uplink. This means that outgoing traffic is now unlimited and free of charge. Therefore, we will no longer throttle the connection if you have higher levels of traffic.

In the past, if you permanently wanted to exceed the traffic limit on your server, you could pay an extra fee for each additional terabyte of traffic you used. But now this is not necessary. We will no longer invoice you for using more traffic."

[1] https://www.hetzner.com/news/traffic-limit/

I checked your screenshots before replying to you (and regardless of jgrahamc apologizing with a convenient "we don't do that anymore"). It seems like the second screenshot came after you told them you were thinking about leaving the service. At least that's the way the screenshots are linked in your post. I think your english skills (from two years ago) failed you here. You told them you were possibly going to leave the service, and in their follow-up they asked you to notify them if/when you moved off the service. I don't see any threat here.

You told them "If you have nothing cheaper, I'm going to have to leave" and they replied with "We have nothing cheaper. Let us know when you leave". That's not a threat, that's calling you out on >your< threat.

On my first reply I asked them: "So, tl;dr, my website uses too much traffic and I need to upgrade to an enterprise plan?" Then I explained that I probably couldn't afford an enterprise plan, explained why, and said if the business plan ($200) or a solution that reduced their costs (eg: no expensive POPs) wasn't possible, my only option (since I couldn't afford it) was to leave.

When I noticed that they had plans not available on their website, I asked if they had anything up to $500 and if not, if they could give me a few days to migrate everything to a server that could handle the traffic.

I was simply explaining my position, but I guess their sales representative could have perceived it a "threat". That wasn't my intention though. Also, I should have asked "what happens if I don't upgrade?".

Anyway, all this saved me some money and allowed me to learn a lot.

And I appreciate you sharing this. We are looking into this internally. This _should not_ happen.

That's what I was suspecting but couldn't find any claims of that on their site. Is a per-gb plan different from Enterprise? How much do they charge per gb?

No, any amount of traffic can be served at any plan level.

We use Cloudflare and AzureCDN together

I'd rather see some serious competition for Cloudflare to be honest. They're slowly becoming the best and only choice. Competitors exist (like Incapsula) but they're usually just not that good.

I'm VP, Product Engineering at https://www.stackpath.com and we feel like our products compete nicely alongside Cloudflare in DNS, WAF, CDN and Serverless (our EdgeEngine product uses v8 just like Cloudflare workers).

Our Edge Containers product launch was also on HN last month: https://news.ycombinator.com/item?id=19089614


I am a user of MaxCDN (which was bought by Stackpath) and on every page you write "Everything customers loved about MaxCDN has been integrated into the StackPath CDN Edge Service" which isn't true and just marketing speech.

MaxCDN had an API called the "raw logs api" that let my service query yours to get an understanding of what requests you have served for us, but that feature is missing with Stackpath, the feature is described here: https://reseller-docs.maxcdn.com/#raw-logs-api


This is super helpful, really appreciate it. I will say that this feature along with reporting delivery by file is among the top feature requests on the new SP// platform.

We do have the ability to provide you with access logs, but it's not as convenient as the API above.

We also have several users creating real-time CDN logs with our Serverless EdgeEngine so that's an option as well.

Anyways, I've noted your request around the raw logs API going to the new platform and will be sure to stay on top of it.

Feel free to email me anytime, always happy to help - ben.gabler (at) stackpath (dot) com

When it comes to bandwidth, you can't really compete with Cloudflare.

Your $200/month plan gives us 10TB. I've served over 50TB on Cloudflare's $20/month plan, which probably makes me a "bad customer", but it's nice not having to worry about this when someone decides to use a direct link to a video or image I host.

They don't allow video streaming on their regular plans. How are you able to serve up videos on the $20/month plan?

Cloudflare works as a reverse proxy, it loads what's on your server. We can cache videos by using a page rule.

I guess they only ask you to upgrade if you serve a huge amount of bandwidth.

Failover is a major difference I find between Cloudflare and Stackpath. Just a WAF with more options for failover or load balancing would put things on equal footing. This was based on my last trial back in November.

It'd be great to understand a bit more about how you'd like to see this working. The WAF product team report into me so I can get a discussion going with the right people if you'd like to email me: david.mytton@stackpath.com

I've talked with your sales teams a couple of times about tag-based purging, which is the one Varnish/Fastly feature I cannot live without.

I understand it isn't implemented on one of them (MaxCDN IIRC) and StackPath does not provide pricing suited for smaller projects (where the traffic is GBs/month, but the speed gain from caching dynamic content is the reason for using a CDN).

I'd be more than happy to work with you on this. I run Product & Software here at SP// so I know the right people ;) feel free to email me ben.gabler (at) stackpath (dot) com

Fastly? Akamai?

Pretty good competition.

[1] https://www.fastly.com

[2] https://www.akamai.com

> Pretty good competition.

Not when it comes to pricing.

Both have better networks and features though. Sometimes you get what you pay for.

Cloudflare is the Heroku of the CDN space. They are easy to setup, they give away free or cheap accounts to get people on their service. Once a company gets big and starts having real traffic they move off of Cloudflare to a better provider.

Akamai isn't competing with Cloudflare on price, much like The French Laundry isn't competing with McDonalds on price.

Fastly has a very comparable network to CloudFlare:


CloudFlare’s $200/month plan is the best CDN per $ money can buy.

Once you get into “Enterprise”, then you should move somewhere else as they stop being competitive.

Fastly has been wonderful to work with. Excellent support, being able to write VCL and deploy it to the edge has been great, and the network is fast and reliable. Also haven't had a Heartbleed type event yet.

But that's not what it means to have competition.

Walmart is still Amazon's competitor, despite being much cheaper in many cases.

Do they have a WAF? Fastly seems to have one in limited availability at least...

* https://www.akamai.com/us/en/resources/waf.jsp

* https://www.fastly.com/products/cloud-security/web-applicati...

Not saying they are better than Cloudflare. I use Cloudflare myself. But they are good alternatives.

I too was curious about competitors so I searched and found the following (there are lots more). Granted some of these probably don't overlap perfectly with CF, but they do offer at least "hosted dns":





https://www.namecheap.com/domains/freedns/ (free option)

Cloudflare's DNS is probably the least exciting aspect of their product. The real value add is in their proxy/CDN, which is pretty difficult to compete with.

The cloud services all have their own CDN/Proxies/WAFs - AWS has Cloudfront, Azure has edge cdn etc.

None of those services is offering a low-hassle, free CDN & proxy for smaller sites. Nobody offers one for free anywhere on earth that is of the quality and scale that Cloudflare offers. That's what lured so many sites to their service so quickly in a very competitive landscape. If you've got a site that needs $0.50 per month in CDN service, they give it to you for free, along with various other benefits included at no cost. You can throw a cheap, low traffic site (or 20 of them) onto Cloudflare and never worry about cost (whether on the CDN side or otherwise), period. It's an immense cost benefit for lower traffic sites.

I haven't tried namecheap DNS recently, but I used to use it. I hated DNS. It would just take hours and hours for any change to propagate, regardless of TTL and it was just extremely painful to work with. I thought this was just the way DNS was, until I switched to cloudflare. Suddenly, new records appeared instantly and changes applied in seconds or minutes it felt like pure magic.

So, that's my review of Namecheap freeDNS. I suppose they make it bad on purpose so people upgrade to their premium DNS?

+1 love namecheap but DNS would regularly fail esp "v2"

I’ve been using namecheaps free DNS work in recent weeks and it propagated super quickly (2 or 3 minutes, I used a dns checker to see and various hosts around the globe all saw the changes).

For my own stuff, I use digitalocean for hosting so use their nameservers for DNS.

I'd suggest Cloudflare's main product is the WAF / DDoS protection / concealment, the CDN is a nice plus of course but as soon as you start to really use it they ask you to upgrade anyway.

It is also the most dangerous if they become the only dominant player. They could theoretically prevent any Google competitors from popping up.

Are they even close to becoming the dominant player? Most startups I know use fastly or CloudFront. The big players all use Akamai. I read somewhere that Akamai serves 350 of the top 500 ecommerce sites in the US.

For DNS there's also https://ns1.com/ .

They appear to skip directly from a free tier to "Contact us for pricing". That does not inspire confidence.

I found the enterprise pricing quickly when I wanted CDN inside China.

DNS is a sideline for CF, it's the DDOS-resistant CDN that people choose them for.

For us it came down to supporting various technologies we need for our application and a few extra that we are actively using.

1. mTLS 2. Websockets 3. Bot Mitigation (credential stuffing) 4. Workers

We need mTLS and Websocket support. Other providers in the space may support one but not the other which is a problem.

Curious to learn about your websocket CDN needs. Mind elaborating on the use case.

The CDN aspect isn't really vital to our application or business needs at this time. We really liked the security aspect more and we could check off quite a few boxes without having to build that ourselves, ie, IPRM, WAF, DDOS.

Websockets was a requirement in the application at that time and of course we knew we we needed to remove it as a dependency and we have for the most part.

I agree. I do love some of what CloudFlare does, and they definitely contribute back to networking infrastructure in ways I wish other companies did and that's why I'm not entirely against them. Competition is healthy definitely. I do appreciate what they're doing with Go as well given that they've contributed code to Go itself (iirc).

CloudFlare's free service basically keeps any competitors from up and coming. Plenty of techies use it for personal sites and projects. It then later drives their decision to use the paid tiers for more businessy things.

AWS Cloudfront


Cloudflare is what Digital Ocean is compare to AWS. Akamai is better for example.

I spent a decent part of last year testing various CDNs and this is not what I found. Cloudflare, Verizon were both better (performance, cache retention) than Akamai based on my testing. And cheaper, not even considering the cost of features that you'd have to buy from Akamai to make it a feature-equal comparison.

Performance testing for CDN is difficult, I'm not sure how accurate your tests were. It depends on many many parameters.


Cloudflare is undergoing a lot of big projects to break away from the image that they are "just a CDN". Raising a round now instead of going public allows them to invest more on those projects instead of focusing on quarter to quarter results. Also, avoiding brain-drains post-IPO while they need those talents the most.

Raising another round also allows them to have a higher per-share value which helps hiring. It's been a long time since the last round and the real value of Cloudflare's stock offers was higher than what the last funding round would suggest. Now it's easier to point to this round rather than just give vague promises.

I do wonder how people feel about this internally though. There's a lot of expectation that the company would go public this year (and some even expected it would go public last year). Hopefully no one needs the money they put in to early exercise any time soon!

According to the news Cloudflare was planning $3.5 billion IPO this year.


Well let's see about that. I've heard about companies "planning" IPOs...

> Mar 12, 2019 - Series E - $150M

> Sep 22, 2015 - Series D - $110M

> Dec 17, 2013 - Series C - $50M

> Jul 12, 2011 - Series B - $20M

> Nov 25, 2009 - Series A - $2.1M

> Jun 1, 2009 - Non Equity Assistance - ?

Seems like their rounds of fundings are slowing down.

There were also rumors of a $3.5B IPO.

I wonder if the founders still have a majority stake in the company.


Many startups that raised in 2015 did so at very high valuations and either never were able to raise again or took some time to meet the lofty expectations set by 2015 prices

I'm still waiting on this "Bandwidth Alliance" pricing. I'm on Azure and have seen no downtick in my bandwidth bill, though we use Cloudflare pretty much exclusively.

Doesn't raising this kind of money scream that you're eventually going to start to monetize the data flowing through your network (e.g. telecoms selling location data to bounty hunters)?


To go into more detail: no. We make our money by selling our service to our customers.

While you're on this thread... some quick feedback.

I'm a fan of your registrar service. I started experimenting with it not long ago and have begun moving most of my domains over. I understand it's still early days there. Any chance you could build up & clean up the billing reporting and controls for domains (separating it out better, making it easier to view just domain billing information & renewal info)? It's a bit haphazard currently. It would also be very nice to be able to register domains further out than a year (right now it's just a basic one year autorenewal on/off) - even if that offering cost extra per year to push the duration out. I'd guess the issue on wholesaling and allowing longer renewals, is that if the price goes up on you in the meantime, you can't pass that along (no buffer / profit margin built-in); so throw a reasonable fee on top for pushing the renewal out. As it is, I've been adding years on my existing registrar, before I move domains over to Cloudflare. Why do I want the longer duration? Peace of mind, instead of renewing every year. Not having to worry about domains expiring is a mental positive.

Yep. I understand. Billing has been a frustration around Cloudflare Registrar. We are working on it. Stay tuned and sorry for the frustrations.

Your customers might pay to identify the people sitting at the browsers pulling down your data. A CDN is the ultimate unblockable cookie that could correlate everything else.

So does Comcast.

Cloudflare generates their revenue through their paid plans and enterprise customers. I think the selling location data to the bounty hunter market against the terms of their privacy policy is rather a bit small of a market opportunity to be worth it to any rational actor...

But we have already seen it happen with the telecoms, so while they may not be "rational actors" clearly it's not too small a market oportunity to be worth it for some spineless businesses.

Telecoms also generate their revenue by just keeping the power turned on with their existing infrastructure (yes it does require maintenance and monitoring), but that didn't stop them from trying to find additional revenue streams by further exploiting their already paying costumers.

I do use Cloudflare on their free tier, and I don't think they are spying on everyone and selling ads against some profile they have built up. We'll just have to be vigilant because the status quo right now is to be big brother and sell targeted advertising.

I've been at Cloudflare just over a year now, and if there's one message that's been drilled into my head it's Trust. We understand that we're in the position that we're in largely due to trust. I like to believe that even if our CEO is a secret lizard person you'd get whistleblowers coming out of the woodwork if we tried to exploit our users.

Interesting idea: employee canaries. You have a way to follow 1-5 employees of a company you think are honest. If they quit, you get a message.

There's no reason to believe that Cloudflare, a company whose profits come from selling an _actual service_, would do this.

I would strongly suggest that you reconsider your choice of metallic headgear.

While I do think CloudFlare has earned quite a bit of trust in this regard, this is a bit of a silly argument.

Cell carriers have been selling location data, despite making plenty of profit off selling a service. It's quite clear "we could be making more money" is a (potentially) compelling argument for large organizations sitting on lots of consumer data.

You want to look at the comparative money made selling the service vs. selling the data or other secondary data streams. Cell phone companies sell the data because they are able to make quantities of money somewhat comparable to their profit from the service. Places like Google sell the data (or advertising-based access to the data, which isn't exactly the same, but from this perspective is close enough) because that's their primary revenue stream.

But a place that is making a healthy profit on customers, and have no way to monetize a secondary stream at anywhere near the same amount of profit, have several incentives to not to deal with it. One is something that a lot of people have trouble wrapping their mind around, but as a business grows, it gets to a point where it isn't necessarily worth grabbing every penny, because while the business is exerting the effort to grab that penny it's missing a dollar. (This is one of the reasons why there's no chance that Google will simply one day be the entire software industry, or why Amazon still has parters in AWS providing services that you'd think Amazon could just provide.) Another is the risk of exposure or pissing off your profitable customers when they find out about your secondary monetization; if 98% of your possible profit is the business profit and 2% the secondary monetization, then it doesn't take much perceived risk before that's a bad plan.

(One of the reasons not to get too upset when some companies make a decent profit; it helps keep them from scrabbling about for ways to extract every last penny from you, which is when they start getting really destructive. You're often better off when companies are not motivated to do that, rather than trying to starve them too hard. I really wish Google and Facebook had found more productive ways to make a profit; we'd all be better off for it.)

OK, fair point.

I think Cloudflare can still do plenty for their core paying customer base. You see less and less features making it to the free plan (mostly because there would be too much cost associated with giving it out for free).

Some stuff I'm just not sure why it's not on a free plan, or even just on an Enterprise plan. I'd love to be able to send a custom 502 for instance, but instead I just remap it to 500 in nginx now... because my choice is between customization or sending the semantically correct status code. (Hey I know you browse HN CF staff, I'd drop $20 in a heartbeat to get stuff like this that's low cost to you across my account)

Argo is really cool, but enabling it on my Mastodon instance would add about $200 for traffic to my bill...

Mind elaborating on "stuff like this"? I'm all ears (eyes): pat at cloudflare.

Aren't they more of a cloud services business model like AWS?

Found a CDN comparison page with a repo on github. Strange no Cloudflare in the table.


Perhaps this is because CF doesn't actually provide a location to host random files. When people say CF is a CDN, they're talking about its caches. You still need your own server. (although they seem to be pushing dedicated workers @ https://workers.dev)

FYI that workers are already available, they just currently require a domain on CF https://www.cloudflare.com/products/cloudflare-workers/

Wish they would fix integrations with 3rd party hosts - Dreamhost integration has been broken for over 5 years.

... so, what's the money for? I assume they're already profitable...

Continued massive network expansion. https://twitter.com/eastdakota/status/1104827226963361792

Investing so you can make more money? Even Microsoft has raised money to be reinvested, and they've been profitable for decades.


Well yeah, I figured that they wanted to spend the money on something for their business to make /more/ profit. But what?

Edit: (at least) part of the answer is listed by jasoncartwright above.

I'm just speculating but cloud hosting might be their next big leap if they go that route? They've already got a domain registrar and other interesting services.

I doubt that. But we do have a very large network that keeps expanding and expanding...

Maybe not yet, but I could see you guys going that route. Digital Ocean used to only be VPS' now they've got plenty of other offerings. You're still in a good business regardless.

Cloudflare does have a form of hosting: https://workers.dev

They could add features and compete in new markets. Smaller ones like bot/scraper blocking, or bigger ones like cloud compute.

They already offer bot blocking and a scrape shield, and they’re getting into Compute on the Edge with Cloudflare Workers and Coudlflare KV. Upgrading all their points across the world might open beefier compute options.

Ironically this page timed out when I clicked the link.

Meanwhile I am still waiting for a free tier on the serverless workers [1] stuff they've been advertising whole of the last year. There is no real reason in paying $5/month for 10M requests when you can't even get accustomed or do a proof of concept beforehand.

[1] https://developers.cloudflare.com/workers/about/how-workers-...

Respectfully if you can’t afford the $5 you shouldn’t be wasting dev time on a POC. And further you are signaling to cloudflare that you would be a terrible customer.

If I were them I’d raise the price tier.

For some people $5 is a lot of money. I sympathize.

I too sympathize with people for whom $5 is a lot of money.

I would suggest to those that have the skills to make use of cloudflare workers that there are more straightforward ways to change that problem than building proof of concepts against them.

Not every one is paid in $. There are devs who live in countries with currencies that have lower value when compared to $.

Dollars are the international reserve currency, like it or not (and believe me, Russia and China don't and are trying to change it). But for now, that means dollars are the most convenient form for buyers and sellers, typically.

Also, if the currency is of lower value, they get paid more. Example being the English pound is of a higher denomination than a dollar, but whether it's "worth more" is dictated by purchasing power, relative movement over time, etc.

If you're building something that requires workers you're surely already spending far more than $5 on other architecture?

"Requires"? Maybe. In a business setting, sure, $5/month should be nothing.

But for "let's play with this serverless stuff and maybe use it for something real in the future", $0 AWS lambda wins over $60/y Cloudflare workers. Or for hobby projects, doing it traditionally and running it on the $60/y VPS I already have instead of spending the money. And if asked later, CF is going to be the one I can't give a direct assessment of.

My reason: I want to create things that other people can run on their own for ~free and scale with usage. Services that can spin down to 0 (or under a free tier) are ideal. Examples: Lambda, S3, DynamoDB, Cloudflare DNS.

If you have to pay $5 for Cloudflare Workers, $5 for some more page rules, $13 for your (light usage) Postgres instance, $7.50 for your t3.micro, you're already at $30/mo baseline and you're not close to high availability.

It’s a tough market when spending $5 bucks/month brings such anguish. Even if you only save 20hrs of development time per year at the USA minimum wage, it should be worth it. Is breakeven analysis really that difficult for so many people? For god sakes, somebody make a breakeven analysis app.

It doesn't work that way. A thing you have to experiment with to even know whether it could potentially work for you is just one of many such things that have to be considered and evaluated too, but you simply ignore them in your idea of analysis. You are literally justifying committing to something without knowing what it actually is.

It’s five bucks a month!

Is the cost of $5/month really that high for a trial ?

It is, when I don't know what I'm buying. Sure, I can modify my response in-flight using a worker, but how exactly? What can I do with it?

It wouldn't be a big deal if I wanted to evaluate it for my company, we'd just pay the negligible fee and be done with it, but when my weekend sideproject's marginal cost goes from $0/mo to $5/mo, that's a barrier to entry I will never overcome.

It's not about the $5, it's that there's very little incentive to pay it when the app is making no money.

Not sure if someone else mentioned it already, but you actually can play with it for free on https://cloudflareworkers.com/.

Sure, it's a limited version without binding to a specific domain and, correspondingly, without APIs to control Cloudflare-specific features, but it's often sufficient for POC transformations.

Exactly, I should have explained like you did to prevent the downvotes! Thanks for "reading my mind" on this one

No problem, I have exactly the same issue, and sure, Cloudflare can say "we aren't interested in the cheapskate market", but every technology I've introduced in my job where we pay tens of thousands per year for is one I was familiar with because they had a free tier.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact