Cloudflare, Inc. is an American web infrastructure and website security company, providing content delivery network services, DDoS mitigation, Internet security, and distributed DNS service.
At Prospect.io, we use Cloudflare:
As a primary DNS server for all our applications
As a reverse proxy providing TLS termination to protect our servers
(without having to handle all the certificates and config)
As a Web Application Firewall (WAF)
As a Content Delivery Network (CDN)
Everything is configured from their web interface:
DNS server
As a DNS server, cloudflare allows us to define a set of record to instruct how to resolve the Prospect.io domains.
This includes:
A / AAAA records to make a domain name point to an IP (v4 / v6)
CNAME records to make aliases
MX to link with mail servers
TXT to store generic text and configurations
TLS termination
Cloudflare is also used as a reverse proxy to enable TLS on our website.
Web Application Firewall
With the Web Application Firewall (WAF), Cloudflare can analyze the content of the request made to our website, and automatically detect intrusions (from well known blacklisted IP addresses or browsers, from their content, ...).
Good news, since Cloudflare is used to terminate our TLS connections, it has access to the full content of the data that we send to our servers.
Content Delivery Network
At Prospect, we also use Cloudflare as a content delivery network, which is, a system to serve our static assets (file images, fonts, ...).
Thanks to a big set of optimization options, cloudflare allows us to serve this content faster that what we could get from serving it from our own servers (using advanced compression, replication, and many other techniques).