Why Cloudflare is the Best CDN (Even if it’s Free!)

I’ve been experimenting with a lot of different CDNs lately, and I’ve come to a realization. Cloudflare is the best CDN out of all the others in the market. It’s easy to take it for granted. It’s free, after all. All web hosts allow you to integrate directly with Cloudflare for free as part of their web hosting admin interface. Even cheap hosts like Hostgator let you leverage Cloudflare’s CDN, which is pretty amazing if you think about it.

I kept thinking “I should move to a paid CDN”. I don’t know, it was just an illogical assumption that because Cloudflare is free, it must be inferior in some way. So I tried. I tried KeyCDN. I tried BunnyCDN. For a while, I even used the “Site Accelerator” in the Jetpack plugin for WordPress. But time after time, in test after test, I found that Cloudflare’s CDN outperformed them all.

And for one simple reason. No additional DNS lookup and connection.

Table of Contents

Every New Domain Adds HUGE Lag

The problem with using a regular CDN is that they serve their static resources from a hostname that isn’t yours. For example, for my site wp-tweaks.com, the CDN “pull zone” with BunnyCDN was:

wptweaks.b-cdn.net

So if I had a static resource on my site located at:

wp-tweaks.com/wp-content/themes/mocha/somecss.css

It would re-write to:

wptweaks.b-cdn.net/wp-content/themes/mocha/somecss.css

In the code. But because this domain is different from my site, the browser has to perform the connection dance all over again, including the DNS lookup, the SSL handshake, and the actual connection.

Here’s an illustration of the page loading from webpagetest.org using the BunnyCDN:

Additional DNS Lookup with a CDN
Additional DNS Lookup with a CDN

The initial connection time for my site is just over 200ms. Any further assets from my site will be served immediately without any handshake.

However, you can see that when the browser tries to get the resources from a CDN, it incurs an additional cost of 300ms just to resolve the name of the CDN itself!

Cloudflare Incurs NO Additional Lookup Cost

Because Cloudflare functions as a reverse proxy in addition to a CDN, there is zero additional latency when it serves its assets from its CDN network.

Here’s an illustration of the same web page load with Cloudflare:

Only One DNS Lookup with Cloudflare
Only One DNS Lookup with Cloudflare

You can see that the CSS and jQuery files are being served with blazing fast speed from Cloudflare’s EDGE cache. And it starts serving the assets immediately. No DNS lookup. No SSL handshake. No connection time. Because all that’s already been done with the very first request to my site. With Cloudflare, there needs to be just one handshake.

300ms is a LOT of Time

As website owners, even shaving out a few dozen milliseconds of the loading time is a big deal. Which makes the massive 200-300ms of connection time to an external CDN seem massive by comparison. We must always try and clip the low-hanging fruit first. And using Cloudflare as a CDN seems to be an easy decision.

What’s the point of spending so many resources improving page speed by 50ms, when there’s a much bigger target on the table?

Less Processing Load on the Origin Server

For a normal CDN, we’re probably going to use an automated tool or a plugin to rewrite the URLs. This creates an additional load on the server and slows down the response time. If you’re using shared hosting like I am, then you should always be on the lookout to eliminate this factor.

Integrate with Cloudflare’s “Argo” For even Faster Response Speeds

This is something I discovered relatively recently. For $5 a month, you can use a service called “Argo” from Cloudflare that does two things:

First, it makes Cloudflare use more efficient routing paths to your origin server, so everything is quicker. Here’s a comparison from my dashboard showing the benefits of Argo over the past 48 hours:

Cloudflare Argo Performance
Cloudflare Argo Performance

As you can see, my site response time has gone down to 314ms instead of the 481ms it would have been without Argo. That’s 167ms or 35%!

Second, it uses something called tiered caching, which increases the hit rate of the CDN by 60%. What it does is that if an EDGE server doesn’t have a piece of static content, Cloudflare will ask other PoPs if they have it. And if they do, then it doesn’t have to request the origin server all over again – it gets the content from a nearby POP.

This not only reduces the load on your site but also dramatically increases the speed of content transfer since it takes place between Cloudflare servers. Those familiar with KeyCDN, know that they call this an “Origin Shield”.

Argo Proof: Google’s “Page Download Time” Decreases

Ever since I enabled Argo on Cloudflare, the search console graphs in Google show a dramatic reduction in the time it takes for the Google bot to download a page on my site:

Page Download Time Google Search Console
Page Download Time Google Search Console

In September 2018, Google’s John Mueller at Google said in a tweet that webmasters should try and bring their page download time to a “few 100ms”. And Argo certainly goes a long way towards accomplishing that!

Cloudflare Free vs Paid CDNs

Cloudflare works so well and with so little setup, that they dominate the CDN space like no other. So why would you even bother paying money for the Cloudflare Pro plan, or something like KeyCDN or BunnyCDN when Cloudflare is free?

I’ve used both free and paid CDN solutions. And after testing all of them extensively, here are the benefits of a paid CDN over Cloudflare. Whether or not these are worth it, is entirely up to you.

1. Cloudflare Doesn’t Provide Logs for Free

When you turn on Cloudflare, you have to just assume that it’s doing its job. Yes, you can test it by checking the “cf-cache-status” response header, but you have no way of knowing what other requests were served by the cache. Specifically, the following information is missing:

  1. Which files were served by Cloudflare?
  2. Which files missed Cloudflare’s cache?
  3. When were they served?
  4. From which datacenter were they served?

If you want these logs, you need to subscribe to Cloudflare’s Enterprise tier service that’s pretty expensive – over $200/month!

A paid CDN on the other hand gives you these statistics. For example, here’s a screenshot of BunnyCDN’s log screen:

BunnyCDN Log Screen
Log screen for BunnyCDN

A filled green box means the file was served from cache. A hollow square means it was served from the origin.

KeyCDN Fails Miserably at This

I was extremely disappointed when I paid $50 for KeyCDN, only to find that they don’t provide logs on demand. All they have is a screen of “real-time” temporary logs that’s not searchable. Instead, they make you pay $3/day to push your logs to an external service for analysis.

Here’s a screenshot showing the response of the KeyCDN support staff to my request for logs:

KeyCDN Log Monitoring Request
KeyCDN Log Monitoring Request

Considering that my daily CDN cost was $0.02, this was a ridiculous amount. So if you want good log files, use BunnyCDN, and avoid KeyCDN.

2. Free Cloudflare Doesn’t Always Use the Datacenter in the Same Country

You might be surprised to learn that the free Cloudflare plan doesn’t always serve your content from the data center closest to your visitor. Neither do they guarantee that they’ll hit a data center in the same country!

Here’s a screenshot of me accessing my site through a VPN in India using the “cdn-cgi/trace” tool provided by Cloudflare for debugging:

Cloudflare Doesn't Always Server Content from the Closest Datacenter
Cloudflare Doesn’t Always Server Content from the Closest Datacenter

You can see that the “loc” response along with the IP address indicates that the request is coming from India. However, the “colo” key shows that the request is being routed through Singapore instead! Cloudflare identifies its data center EDGE locations via the IATA airport code.

Why Doesn’t Cloudflare Use the Closest Data Center?

The reason is that bandwidth costs around the world vary greatly. In a post on their official blog, Cloudflare pointed out that transit costs in Asia can be 7 times the benchmark. Africa is even worse with bandwidth transits being 14 times more expensive!

As a result, Cloudflare doesn’t make use of all its datacenters to service traffic from its free tier plans. Even though they claim that there’s no hard and fast rule, I have never seen a request from India being served from within India. It either goes to Japan, Singapore, or halfway around the world to France!

The only way to ensure that Cloudflare uses the fastest EDGE server is to subscribe to their Business plan – for $200/month!

But Other CDNs can Be Counterproductive

Paradoxically, the performance of other paid CDNs can be worse if they blindly use a data center in the same country!

Take Africa for example. Most CDNs have a terrible presence in Africa. Usually, the only data center is in Johannesburg, South Africa, deep in the South. So when there’s a request from Morocco or Egypt way up in the north, most CDNs ping the Johannesburg data center, which is very slow.

The free Cloudflare tier, however, services requests originating from North African cities to France, Italy, or Germany. That’s merely a hop, skip, and a jump away in terms of data transit! So in the end, Cloudflare ends up being faster than traditional paid CDNs for poorly serviced areas like Africa and Asia.

Cloudflare’s Paid Plan Does a Lot More than Just CDN Work

In this article, I’ve focused only on Cloudflare’s CDN functionality. And if you’re using Cloudflare only for that one thing, then the free tier should be good enough. But I also use Cloudflare for its amazing Web Application Firewall (WAF), and the multitude of free page rules and firewall rules that help protect my site every day. Here’s a screenshot of my last 24-hrs firewall log. You can see that it saves me from around 3,500 scripts:

Cloudflare Firewall with the Paid Plan
Cloudflare Firewall with the Paid Plan

Among other things, Cloudflare also stops automated traffic, which allowing “good” bots like search engines through. All this greatly reduces the load on my origin server, leaving it free to serve blazing fast pages to my visitors.

In addition, Cloudflare reserves a lot of its special features to paid customers and extends the limits of the billable services considerably. For example, because I have a paid Cloudflare plan, I get a huge rate-limiting quota and other advanced funtionality like worker thread executions. I wasn’t sure initiall if the Cloudflare paid plan would be worth it, but over time I’ve come to see its tremendous value.

So the value of a paid Cloudflare plan isn’t limited to just the CDN funtionality. If you rely on your website for a substantial amount of business, then I think it’s completely worth the cost of the lowest-tier plan.

So Should you Pay for Other CDNs?

Honestly, I went through a phase where I purchased a paid CDN for web hosting simply because I felt I should. I thought that it must be better than the free Cloudflare tier. But after months of data and trying to convince myself otherwise, I had to accept the numbers in front of me.

Cloudflare’s free tier is not only faster in many ways, but it also reduces the number of domain lookups by the visitor’s browser since it acts as a reverse proxy. So despite the few benefits of paid CDNs shown above, I’ve ended up reverting to Cloudflare’s free tier. Hey, it works better than anything else out there, so why not right?

Bottom Line: Cloudflare is the Best CDN

If you’re not using Cloudflare, you should be. Even if you’re currently paying for a CDN, I would suggest you migrate to Cloudflare. The additional DNS and connection times are not worth it. I’m convinced that a reverse-proxy style of CDN like Cloudflare is the way to go. And you can’t beat free!

Pair that with a service like Argo, and we have a no-brainer!

About Bhagwad Park

I've been writing about web hosting and WordPress tutorials since 2008. I also create tutorials on Linux server administration, and have a ton of experience with web hosting products. Contact me via e-mail!

Speak Your Mind

*

WP-Tweaks