Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


CloudFlare offers unmetered DDOS protection for everyone
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

CloudFlare offers unmetered DDOS protection for everyone

So today, on the first day of our Birthday Week celebration, we make it official for all our customers: Cloudflare will no longer terminate customers, regardless of the size of the DDoS attacks they receive, regardless of the plan level they use. And, unlike the prevailing practice in the industry, we will never jack up your bill after the attack. Doing so, frankly, is perverse.

https://blog.cloudflare.com/unmetered-mitigation/

Thanked by 1FlamesRunner

Comments

  • ...and when the wine wears off, this post will be removed and declared "fake news".

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @WSS said:
    ...and when the wine wears off, this post will be removed and declared "fake news".

    "Sorry, the CEO was having a bad day".

    Francisco

  • It's good communication "hey look as us, we're better than the competition".

    Might work well though.

  • HarambeHarambe Member, Host Rep
    edited September 2017

    Hmm. Interesting to see what the feature set for free + paid tiers looks like after this. To my knowledge if you were on free and got hit they just disabled mitigation and let you take the brunt of it directly.

    Edit: They already updated the plans. Looks like it's the same DDoS protection as the paid tiers got previously, as I don't see any DDoS-specific stuff on anything except Enterprise offerings. https://www.cloudflare.com/plans/

  • CloudFlare do an awful lot for nish these days.

  • @Nekki said:
    CloudFlare do an awful lot for nish these days.

    Like exposing memory space to large search providers? Hell, the FBI/NSA didn't even need to ask for that service!

  • Is Cloudflare a must If I am using a CDN already?

  • @Windmm said:
    Is Cloudflare a must If I am using a CDN already?

    That depends on how broken you want your network to end up.

    Thanked by 1Aidan
  • Seems like the free tier is effectively a good chunk of their marketing, through WoM and personal recommendations.

    There'll be a day when the rug gets pulled under the free tier, no doubt. It's effectively subsidised by the paid tiers. Their pricing puts me off... I'd pay for stuff, but I don't need unlimited DDOS protection or [whatever warrants the higher price tags]

  • Catch:

    Are you going to DDoS Cloudflare with Layer 3 attack? No, you find the source IP of the server and beat the shit out of it. That's when OVH kicks in.

    So the news today is the Advanced DDoS Protection is now marked starting at $20 with NO SLA, while the rest stays the same.

    Now the one last thing I am wondering is how much traffic we can push from Cloudflare per month: I've heard story that there was one case that one guy pushed 2PB in a month on Business plan - Cloudflare told him if he does not upgrade to Enterprise then he would lost access to some datacenters. Still a bargain for $200: but does the news means I can now push 2PB on $20 if I choose to only use Clouflare's major datacenters?

  • cnbeining said: Catch:

    Catch?

    I'd say it's an improvement over the old plans.

    Thanked by 4jEp maverickp Arch Iam
  • How much is too much for Cloudflare?

    When do they kick you from the free tier?

    When do they require and upgrade within the paid tiers?

  • EdmondEdmond Member
    edited September 2017

    Well at least there's now Layer 3&4 protection without they dropping their protection and showing our unprotected origin IP address..

    There's more to come, they sent a email to all their customers yesterday.
    Here's the summary for the rest of the week:

    Monday: Unmetered Mitigation

    Tuesday: Geo Key Manager

    Wednesday: Cloudflare Stream

    Thursday: Cloudflare Warp

    Friday: Cloudflare Workers

    Layer 7 too expensive or something and they can't provide it for free?

  • RhysRhys Member, Host Rep

    Edmond said: Layer 7 too expensive or something and they can't provide it for free?

    Extremely intensive on hardware and expensive.

  • @Rhys said:

    Edmond said: Layer 7 too expensive or something and they can't provide it for free?

    Extremely intensive on hardware and expensive.

    Ahh... but it's not completed unmetered sorta, but at least for volume of bandwidth it's no longer a problem.

  • KuJoeKuJoe Member, Host Rep

    This almost makes me want to use Cloudflare... almost.

  • raindog308raindog308 Administrator, Veteran

    alilet said: regardless of the size of the DDoS attacks they receive

    There's a segment of the network population that will interpret that as a challenge.

    Thanked by 3WSS Clouvider Janevski
  • @Aidan said:

    cnbeining said: Catch:

    Catch?

    I'd say it's an improvement over the old plans.

    Yes I do agree this is a good move: but how do you know which website is attracting layerb3 DDoS traffic? NTP does not tell you which domain the attacker is hitting. Correlation study could give more insights, but only when the attack is large enough to draw the whole internet's attention. (Highly likely I would be wrong on this part, kindly correct me if I don't have a valid point)

    So yes this is definitely a huge improvement by lowering the cost of layer 7 ddos defense to $20, but I would like to point out that this is not exactly what was offered with the advanced ddos defense coming without Business plan: yes Cloudflare will not kick you out, but you could suffer intermediate downtime of the site, since this lower gear of service comes with no SLA. Still great for $20 - this is something small website owner could afford if the website is under attack, rather than pull the wholewebsite down due to cannot afford $200 for protection.

    @raindog308 said:

    alilet said: regardless of the size of the DDoS attacks they receive

    There's a segment of the network population that will interpret that as a challenge.

    Who knows... China have successfully ddosed YouTube and Github. Last time Cloudflare survived: hope they can keep it up (with some 500, 502 and 522s).

    @Janevski said:
    How much is too much for Cloudflare?

    When do they kick you from the free tier?

    When do they require and upgrade within the paid tiers?

    I believe for free plan the ddos limit is 5Gb.

    Require update? Last time some guys reported they used 100tb and was asked to switch to Enterprise, while Business is good enough - but that was almost 5 years ago. https://archive.is/W2PX8 I know another report saying he pushed 2pb on this Business and Cloudflare said if he doesn't switch to Enterprise his data center would be limited to major ones. Still not kicked out though. For this price with so much traffic and lots of CDN pops, one really cannot complain.

    Off topic: I think Argo is too much overpriced. Considering traffic from GCE to Cloudflare is billed half price, it would be more reasonable to use Google's network: Google promised this is the same one carrying other services. To save more, use railgun - this is available even to free users with partner API, plus cname proxy rather than settling the ns server.

  • Wow that's great news. :)

  • jackbjackb Member, Host Rep
    edited September 2017

    @cnbeining said:
    Yes I do agree this is a good move: but how do you know which website is attracting layerb3 DDoS traffic? NTP does not tell you which domain the attacker is hitting. Correlation study could give more insights, but only when the attack is large enough to draw the whole internet's attention. (Highly likely I would be wrong on this part, kindly correct me if I don't have a valid point)

    I believe they have a system where when a large attack is detected, they renumber half the websites currently using the target IP. Continue until the target is identified - it is possible to identify the target. This would only work reliably if there was not multiple large attacks targeting multiple sites on the same IP simultaneously.

    It does not need to be a huge attack - just large enough to dwarf other ongoing attacks against the same IP.

    Thanked by 1BasementCluster
  • @jackb said:

    @cnbeining said:
    Yes I do agree this is a good move: but how do you know which website is attracting layerb3 DDoS traffic? NTP does not tell you which domain the attacker is hitting. Correlation study could give more insights, but only when the attack is large enough to draw the whole internet's attention. (Highly likely I would be wrong on this part, kindly correct me if I don't have a valid point)

    I believe they have a system where when a large attack is detected, they renumber half the websites currently using the target IP. Continue until the target is identified - it is possible to identify the target. This would only work reliably if there was not multiple large attacks targeting multiple sites on the same IP simultaneously.

    It does not need to be a huge attack - just large enough to dwarf other ongoing attacks against the same IP.

    True, thank for this reminder.

  • Looks like they changed info on their main website.
    What kind of layers the DDoS protection cover? L3-L4 only? Or L7 too? (for free plan)

  • @desperand said:
    Looks like they changed info on their main website.
    What kind of layers the DDoS protection cover? L3-L4 only? Or L7 too? (for free plan)

    Yep, they changed it for some reason, maybe they don't want people quoting them on protecting them from Layer 3/4 attacks anymore. Bandwidth-wise they don't care how much the flood is, but I doubt that a attacker rely on just that. I wonder what they will do with Layer 7 attacks on free plans, it reads on the site that they'll not do anything with your site, even if your a non-paying customer.

    Cloudflare will no longer terminate customers, regardless of the size of the DDoS attacks they receive, regardless of the plan level they use.

    and

    Regardless of what Cloudflare plan you use — Free, Pro, Business, or Enterprise — we will never tell you to go away or that you need to pay us more because of the size of an attack.

  • Cloudflare never told anyone to "go away", they simply don't filter the L7 attack after a while.

Sign In or Register to comment.