> "but we also saw very specific attacks targeted at vulnerabilities in the routers we used on our network. That's pretty clever; you would have to spend quite a bit of time investigating the topology in order to figure out what routers we were using."
My bullshit detector went off somewhere around here: "CloudFlare provides performance and security for any website online.We handle more traffic through our network now than Amazon, Wikipedia, Twitter, Zynga and Aol combined."
Considering Wiki, Twitter and Amazon are all top 10 global sites, I'm having a hard time imagining someone doing more traffic than all of them put together, even disregarding the rounding errors of Zynga/AOL. Anyone have more concrete statistics to confirm/deny this?
Here's our internal data on this. Based on page view data (values below are page views) and using the statistics from Google DoubleClick Ad Planner (http://www.google.com/adplanner/static/top1000/) we have the following for the last 30 days:
Yes. We have detailed stats on page views, hits, bandwidth, cache hits, etc. etc. Looking at the most recent data which I get daily I see in the trailing 30 days: 27B page views and 162B hits.
While I don't have any statistics, I do not doubt their claim. CloudFlare is a CDN, and as such will handle an enormous amount of traffic. As an example of this, Akamai, a large CDN, handles approximately 20% of the total traffic on the internet. In fact, many sites, such as Wikipedia, Twitter, even Amazon and Google, actually host static content through Akamai. All this content adds up to significant amounts of traffic.
My understanding is that CloudFlare runs a CDN delivering content for thousands and thousands of sites. This means it basically has to handle all the traffic for all of its customers. I'm sure that adds up really quickly.
It doesn't seem that surprising. Just digging around in the passive DNS database at work, I see CloudFlare has their name servers in the NS records of several 10's of thousands of domains. I'm fairly sure that given the scope of the sources of this data, that list is nowhere near complete.
My understanding of cloud flare is that they null route you if any major attack comes in- Seems a little bit unfair they didnt do this for lulzsec just to get the press. If you are some boring website that gets the same attack lulzsec does, they will just disconnect/nullroute you.
Correct me if any of this inaccurate, but last I checked it was not.
We only force a site direct if the attack is too large & starts to impact other customers as well. If the attack doesn't impact other customers, then we won't force the site direct (we generally only force a few sites direct per week & these are monster attacks).
I've used it a few times and it works well, it certainly didn't hurt. It's interesting to look at the stats they give and see how much bad traffic is being blocked. They definitely curbed the amount of comment spam on a test Wordpress blog I was using for awhile.
I wish I had more exact, measurable, information to provide but I used it only out of curiosity.
I tried them out for a bit, mostly because of their always-on claim but it didn't work for my sites for some reason so I switched to Amazon.
Their interface is nice, but I don't like the fact that you have to switch your DNS over to them and then re-enter data like MX records. With amazon I just point the parts of my domains I want to use to them and the rest remains with my primary DNS hosting.
I am, as they say, disappoint.