Cloudflare, Essential Protection for your Business.

Behind the Scenes of Our Tech Stack: Today, we focus on Cloudflare as we delve deeper into our 2025 tech stack. If you haven't heard of Cloudflare, you have probably, if unknowingly, used their services since 19% of website traffic flows through their network. Cloudflare has been a consistent feature in our Tech Stack since Shadowserve launched as an MSP in 2015.

In a nutshell, Cloudflare can protect your business website or e-commerce site by ensuring its security, performance, and availability. We will dig deeper into how they achieve this, but first, some background on the company. Cloudflare was founded in 2010 with a refreshingly simple core mission - to help build a better internet. Cloudflare CEO Matthew Prince is a seasoned veteran in the battle against cybercrime and a significant innovator in the development of security tools, having co-founded valuable internet security projects before Cloudflare's inception.

For business owners with domain names and websites to manage, Cloudflare follows that promise by offering DNS services, DDOS attack protection, and a CDN. Thanks to Cloudflare's commitment to providing an excellent free tier offering, just about anyone with a website can add powerful security features to their online presence. Business and enterprise plans are available as your business scales or for larger organisations with higher capacity and technical support requirements.

At its core, the Domain Name System (DNS) is an intricate system of hierarchical and distributed services that provides a naming system for internet devices. A simple way of understanding how DNS works is to think of DNS as the phonebook of the internet. Before the widespread use of the internet became normalised, people looking for a particular service would look in the Yellow Pages (or something similar) to locate a business, and DNS fits into this analogy rather neatly.

DNS translates domain names (in our phone book analogy, think of domain names as business names) into IP addresses (think of a business's physical address). Without it, instead of typing "shadowserve.com" into your browser, you'd need to remember and enter an IP address like 198.185.159.145. Based on this analogy, it's easy to see why DNS is a fundamental building block of the internet.

In practical terms, DNS can be messy to manage, particularly when a company has a domain portfolio containing upwards of 100 domains from a myriad of domain registrars. This is where Cloudflare shines. With their platform, you can manage all your DNS records in one place, backed by extra security and performance enhancements, including the icing on the cake—Cloudflare has a free tier offering, which is really good.

DDoS attacks can be complex, and hackers can use many methods to carry them out. We'll break down the three most common types of attack and compare them to your local supermarket.

Volumetric Attacks - where an attacker floods your network or website with massive amounts of data, overwhelming the bandwidth you have at your disposal.

Imagine hackers have flooded the roads to your local supermarket with cars that do not contain customers. Your actual customers on the road won't be able to get to you because the roads are clogged with traffic.

Application Attacks - hackers use application layer attacks to overwhelm your website or e-commerce app.

Imagine your supermarket filled with fake customers browsing every shelf on every aisle, asking every customer service rep where a product is when they have no legitimate interest in buying anything. In this situation, real customers would be unable to use the supermarket as it is overwhelmed with malicious, fake customers.

Protocol Attacks - these attacks exploit weaknesses in network protocols to exhaust server resources, such as firewalls and load balancers. The TCP protocol, for instance, which is considered the most widely used protocol on the internet, relies on a three-way handshake to complete a connection. Protocol attacks can exploit this process by starting a handshake but not completing it.

Imagine your supermarket flooded with fake customers who all grab a trolley or a basket. Instead of shopping in your supermarket, they abandon the trolley or basket in the aisles, leaving nothing for genuine shoppers to put their shopping in.

Cloudflare has tools available to protect you from these attacks, and in the case of a volumetric attack, it can open additional roads that divert cars away from your supermarket so that your business can continue to operate as usual. Cloudflare has a 100Tbps+ network capacity, highlighting its ability to absorb massive attacks. In protocol and application-based attacks, Cloudflare can detect the malicious nature of visitors and block them before entering your website (or supermarket).

Determining the financial implications of a DDoS attack requires thought and effort, as many different factors must be considered, depending on the nature of your business. Our fictional supermarket analogy is well placed to help visualise this, as a major UK supermarket experienced a two-day DDoS in 2021. Customers were unable to place or modify existing orders during this time, and many of the customers cancelled their orders or requested refunds. At the time, the retailer received 1.3 million online orders weekly.

Does Cloudflare do anything to protect internet users directly?

Cloudflare already protects internet users by protecting websites and networks. However, they have gone further by offering a free VPN-like service called "WARP," designed to make internet browsing faster, more secure, and private. You can think of WARP as a security blanket for your internet browsing. It's easy to set up, always enabled on your device, and designed to protect your data as it moves across the internet.

A paid version of WARP called WARP+ offers even faster connections by leveraging Cloudflare's ARGO smart routing technology.

What other services do they offer?

Cloudflare's global Content Delivery Network (or CDN) can speed up your website by up to 50% by caching its static content and loading it into your visitor's web browser from a server closest to their location. For instance, if you are hosting your website on a single server in the EU and you have a visitor from the Phillipines, instead of their connection traversing the vast distance to get to your server, the bulk of your website is delivered through a CDN point which is closest to the Phillipines. In practice, this leads to quicker page loading times for your customers.

Another performance boost is Cloudflare's load-balancing capabilities, which intelligently distribute requests, ensuring uptime and optimal performance even during traffic spikes. The "Always Online" feature of Cloudflare ensures that a cached version of your website is displayed to visitors even during a total server outage.

Developers will love Cloudflare Pages, which makes building websites fast and scalable without sacrificing performance or reliability. Cloudflare is a domain registrar that sells domain names at cost (with no markup or hidden fees), so the platform can be used as a cost-effective solution for a static website.

Cloudflare offers an incredible array of tools that every business can benefit from, regardless of size. If you are curious how it could work for your business, check out their website here: cloudflare.com. You can also reach out to us to talk about your requirements.