Cloudflare is a widely used content distribution network (CDN) which is freely available to help speed up your website by caching various contents at locations around the world.
While I have been taking advantage of the free plan on this website for a number of years I’ve often asked myself “is the Cloudflare Pro plan worth getting?”. At $20 USD per month it costs the same as the server itself. With limited resources available online, I decided to upgrade myself and find out if the pro plan made much of a practical difference to my website.
I’ve performed some basic benchmarks on a number of different file types at different file sizes on this website both on the free plan, and on the Pro plan after I upgraded in August 2016. We’ll take a look at the results and see if any of the Pro features helped speed up load times.
Read more »
Cloudflare is a freely available service that offers CDN and caching functionality. In order to use Cloudflare a domains DNS will be updated to send all traffic through Cloudflare, as a result it will hide the IP address of the actual web server where the website is hosted in order to provide various protections.
By doing this, Cloudflare essentially hides the real IP address of the web server that is hosting the website. There are many times that we may wish to be able to find the actual IP address of a server behind Cloudflare, such as during a penetration test you may want to bypass the web application firewall (WAF) completely by directly targeting the server itself.
The simple methods outlined here will show you how to find the real IP address of a website that is hidden behind Cloudflare. First we’ll cover the manual methods that can be used so that you understand what is going on before looking at automated options. Along the way we provide mitigations that can be used in order to protect yourself from these methods.
Read more »