At Prospect.io, we use Cloudflare:
As a primary DNS server for all our applications
As a reverse proxy providing TLS termination to protect our servers (without having to handle all the certificates and config)
As a Web Application Firewall (WAF)
As a Content Delivery Network (CDN)
Everything is configured from their web interface:
As a DNS server, cloudflare allows us to define a set of record to instruct how to resolve the Prospect.io domains.
This includes:
A / AAAA
records to make a domain name point to an IP (v4 / v6)
CNAME
records to make aliases
MX
to link with mail servers
TXT
to store generic text and configurations
Cloudflare is also used as a reverse proxy to enable TLS on our website.
With the Web Application Firewall (WAF), Cloudflare can analyze the content of the request made to our website, and automatically detect intrusions (from well known blacklisted IP addresses or browsers, from their content, ...).
Good news, since Cloudflare is used to terminate our TLS connections, it has access to the full content of the data that we send to our servers.
At Prospect, we also use Cloudflare as a content delivery network, which is, a system to serve our static assets (file images, fonts, ...).
Thanks to a big set of optimization options, cloudflare allows us to serve this content faster that what we could get from serving it from our own servers (using advanced compression, replication, and many other techniques).