Improving Website Security with Cloudflare

Cloudflare is a CDN (Content Delivery Network), and Security Company that helps small to enterprise businesses to supercharge and secure their online assets. Cloudflare is used by millions of websites to decrease the web page load time and protect from online threats including DDoS attacks.

As one of the largest CDN providers in existence, CloudFlare powers over 10 million websites and have a huge global network. Currently, Cloudflare has 154 data centers on all the continents where people actually live. Another big benefit of Cloudflare is that it’s free for most websites. While Cloudflare does have paid plans with more advanced functionality (like a web application firewall and more custom page rules), most users will be completely fine with the free plans.

The following are some of the benefits you can leverage by implementing Cloudflare.

1. Minification

Remove unwanted characters like whitespaces, comments, new line characters, block delimiters which are not needed for a web page to serve. By eliminating those unnecessary characters, file size gets reduced. Hence it helps to load the page faster. Cloudflare supports three file types of minification.

2. HTTP/2 Protocol

Newly introduced HTTP/2 protocol are two times faster than HTTP/1.1. It helps to load multiple page elements parallelly over single TCP connection and have another advantage like header compression, push technology. HTTP/2 acceleration is by default enabled, so you don’t need to do any configuration.

3. Free SSL

SSL is not just for an eCommerce website, or if your site has sensitive information transaction, it’s for everyone. Having your site accessible over HTTPS ensure data is encrypted from user computer to your server.

SSL is also new Google search engine ranking signal. Cloudflare offers free universal SSL certificate but if you need custom one from Thawte, Symantec, Rapid, GeoTrust, Comodo then you can always buy and upload your certificate.

4. DNS Security

Add DNS security to your domain by enabling DNSSEC (Domain Name System Security Extension). DNSSEC help to mitigate the request forgery vulnerability.

The Domain Name System Security Extensions (DNSSEC) is a suite of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by the Domain Name System (DNS) as used on Internet Protocol (IP) networks. It is a set of extensions to DNS which provide to DNS clients (resolvers) cryptographic authentication of DNS data, authenticated denial of existence, and data integrity, but not availability or confidentiality.

5. Cloud WAF

WAF (Web Application Firewall) help to keep your site secure from OWASP top 10, CMS (WordPress, Joomla, etc. ) vulnerabilities. Cloudflare WAF got more than 145 rules to protect from almost all types of web applications attack.

General myth is adding security will slow down the website, but that’s not true. Cloudflare WAF is built while performance in mind. It adds less than 1 ms latency.

The benefits of using Cloud WAF is you don’t have to worry about updating ruleset for any new vulnerability as cloud-based security provider will take that care.

6. Image Optimization

More than 60% of web page size is contributed by images. If you have lots of images on your website, then Cloudflare Polish can help to optimize them to a smaller size for fast loading. You can either choose to compress lossless or lossy.

Polish also support WebP compression. WebP is a new image format developed by Google and supported in Chrome, Opera and Android that is optimized to enable faster and smaller images on the Web. WebP images are about 30% smaller in size compared to PNG and JPEG images at equivalent visual quality. In addition, the WebP image format has feature parity with other formats as well.

7. Browser Caching

Browser caching stores webpage resource files on a local computer when a user visits a webpage. “Leveraging” browser caching is when a webmaster has instructed browsers how their resources should be dealt with. When a web browser displays your webpage it has to load several things like your logo, your CSS file, and other resources.

Cloudflare instructs visitor browser to cache the static resources for a longer period, so repeat requests are loaded from the local cache to speed up the web page loads. Don’t bother about using any third-party plugin or writing .htaccess to leverage browser caching instead you can get this done using Cloudflare

8. Load Balancing

Cloudflare recently announced cloud load balancer to distribute your web traffic to multiple servers. Load balancing ensures a website is always available when one of the backend servers goes down.

Load balancer not just helps in better availability but also decrease the page load time by serving the content from nearest origin server based on the user location. Cloudflare load balancer supports automatic failover, geographic routing, health checks.

9. Optimized Network Routing

Argo, a new Cloudflare service to route the site responses over Cloudflare optimized network to deliver the content faster and securely. Argo aims to reduce the latency to deliver the best possible user experience.

Web Security & Optimization is challenging but leveraging right solution make that easy. If you are looking to optimize your site for speed and safety, then give a try to Cloudflare and see how it goes.

10. DDoS Protection

DDoS is short for Distributed Denial of Service. DDoS is a type of DOS attack where multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack.

Cloudflare offers unmetered DDoS mitigation to maintain performance and availability. Denial of Service attacks continue to grow in sophistication and force: more distributed, greater volumes of traffic, and encroaching on the application layer.

A successful attack increases unnecessary costs on your infrastructure and IT/security staff. More importantly, it hurts your revenue, customer satisfaction, and brand.