What is Cloudflare?
Cloudflare, an industry leading DNS provider.
Powering over 38% of managed DNS domains, Cloudflare runs one of the largest authoritative DNS networks in the world. With an average of a few milliseconds query speed, they have the fastest performance of any managed DNS provider. DNS updates happen within seconds, making DNS propagation delays a thing of the past.
Cloudflare’s DNS is available to everyone. Setting it up takes just a few minutes, and you can add security and performance features at no extra cost.
Cloudflare’s global Anycast network powers our DNS and other products, serving 86 billion DNS queries per day, and growing. More than 5.5 million Internet properties including major ecommerce websites, government agencies, and enterprises, use Cloudflare DNS service to make sure their property is online and always available to anyone in the world.
More information is available at https://www.cloudflare.com/dns/
Why use Cloudflare?
- Best practice for internet security
- Distributed performance caching
- Improved reliability
- Firewall and denial of service (DDoS) security features
- Reduced server costs through Cloudflare’s static asset caching.
Will there be any additional cost to use Cloudflare?
No, this will be set up and managed as part of the website hosting cost. As part of the new website redesign project we'll manage the migration for you.
Are there any risks associated with migrating to Cloudflare?
The migration will not result in any downtime of services that use the domain. The transfer will be managed by us, before migrating to the new website, on your behalf following this process:
- Export DNS configuration from current name servers
- Import DNS configuration into Cloudflare
- Test configuration
- Change nameserver records at registrar
- We'll manage the account for you and make updates to DNS records if requested.
Nameservers for the domain(s) will need to be changed to CloudFlare’s nameservers which we will provide.
Websites not using Cloudflare
Cloudflare provides certain features for websites. Websites that don't go through Passenger's Cloudflare are impacted in the following ways:
No web application firewall (WAF)
Note: a WAF does more than a standard network firewall as it works by proxying the HTTP/HTTPS application layer, not just TCP/IP. Without a WAF, the site is less protected to certain forms of attacks. Sites without a WAF must not be used for ecommerce as a WAF is required for PCI DSS compliance. Sites without a WAF should not be used to collect or process any personal information (such as contact forms). If the site needs to support ecommerce or personal information then we recommend a bespoke WAF is set up by a third party. Using a third party firewall reduces the scope of support that Passenger is able to provide.
No DDoS protection
Cloudflare provides DDoS protection at a firewall level and also - through having control of DNS - is able to mitigate more advanced DDoS attacks. Sites without DDoS protection incur an additional support cost to cover monitoring and investigation and may reduce the scope of support that Passenger is able to provide.
No HTTPS certificate
An HTTPS certificate ("SSL certificate") is required for a site to work properly in web browsers and rank in search engines. Setting up and managing a custom certificate incurs an additional cost.
Reduced caching
Cloudflare provides a CDN as part of the package. This reduces bandwidth costs as static files such as images can be cached. In most cases, this provides faster page loads to end users. Without the CDN, bandwidth costs are increased.