Let's talk about Cloudflare

- Reading time: 9 minutes

Heads up - this is going to be a fairly opinionated article. The views expressed in this article are purely those of the writer, and there is some content towards the end of this article that may make the reader uncomfortable. Some discretion advised.

What is Cloudflare?

I'm willing to bet most of you have, at the very least, heard the name Cloudflare - but in case you didn't know, they provide domain and DNS services, as well as protection and content delivery to a large amount of websites throughout the internet - in fact, it's estimated that around 20% or more of global internet traffic passes through Cloudflare. Needless to say, they aren't exactly a small provider.

It's also worth noting that they are not a direct competitor to Dusk Hosting, but as mentioned before they do offer domain registrar services as well as various cloud and network security services.

That all being said, there are a few things you should consider before putting your eggs in the Cloudflare basket:

Consider your needs...

One of the biggest things I would say, if you are going to just be running one or two websites and want to keep things simple, utilizing Cloudflare is likely going to be a bit overkill. 

No such thing as "Free"

As of the time of writing, Cloudflare offers a "Free Tier" of services that includes limited, basic access to DDoS Protection, basic WAF, E-Mail Routing, as well as various other products. But, as we've seen throughout the history of the world, there's no such thing as free. In the history of the internet especially, free services eventually being axed and either becoming paid or being removed altogether is not uncommon.

This is fine for some services, but is a bad place to be in if you end up setting up a complex network or system with the free services Cloudflare offers. There may not be an easy way out if, and I would argue most definitely when, these "free" services are no longer free.

One of the biggest things you have to watch out for is company buy-outs, this is one of the most common reasons for major restructurings, this has happened to many companies in the past, Sun Microsystems, Wave, LogMeIn, just to name a few are companies that have had major pricing changes to their free services after acquisitions by another brand. Even if Cloudflare manages to remain independent indefinitely, a change in leadership could result in the same outcome. 

A Dangerous Position

Another thing worth potential concern is Cloudflare's dangerous position in the market, and how transparency has not always been their strong suit - there is another article that goes way more in depth into this than I will here, but Cloudflare is in an especially unique place in the Internet Market. As we discussed before, 20% of internet traffic globally through their networks.

This position comes with two major caveats the way I see it. The first is that because so many services and pieces of the internet rely on Cloudflare, an outage of any of their services (like the DNS Outage that occurred recently on July 14, 2025) has the potential to render many pieces of the internet inoperable. The second is that they have massive power to deplatform or terminate the services of customers relatively arbitrarily.

Politics... no, not those politics.

Cloudflare has been known to have protected or provided services to some pretty objectively awful sites, including sites that were used facilitate severe harassment campaigns and doxxing against people. Most notably, Kiwi Farms and The Daily Stormer. In the Kiwi Farms case, Cloudflare originally defended their position and claimed they would continue to provide services to Kiwi Farms, only taking action after severe backlash from online groups.

To be fair, Cloudflare is far from the only to come under scrutiny for the websites they've served, or failed to serve - OVHCloud was known to be hosting Islamist "Jihad" content for a long time before responding to requests to take it down. Amazon Web Services (AWS) decided to take down "Parler", a Social Media platform, because of it's political views.

I'm all for free speech, I really am - but there is a point where words have actions that can lead to people getting hurt in person, and such situations need to be handled with some level of discretion. 

Why I wrote this article

I'd like to bring up the primary reason that led me to write this article. I was recently made aware that Cloudflare is currently, at the very least, providing DNS Services for a notorious online site that has horrific imagery of real-life gore, including images of abused children and more things that I absolutely don't care to get into here - I won't name the site for obvious reasons but the domain was registered in 2016 and the nameservers currently point to Cloudflare.

I can't imagine that Cloudflare has not received many complaints about this website, but they clearly have not taken action against the services provided for this site at the time of writing. It is worth noting that if DNS is the only service they are providing, this does not mean Cloudflare is directly hosting the content on this site, but they are still directly providing network routing throughout the internet that allows people to visit it.

This, at the very least, should raise some extremely serious and unsettling questions as to Cloudflare's enforcement policies and the apparent lack of transparency at their organization. 

When might Cloudflare be right for you?

Now, there may be some instances where Cloudflare might be right for you - if you are the owner or operator or a large company or enterprise Cloudflare has many Enterprise Solutions that might be right for you, or if you have a need to have many networking services tightly integrated -- You are a lot less likely to have the rug swept out from under you as a paying customer, although keep in mind pricing is a factor and not all services have transparent pricing.

Some Alternatives to Cloudflare Services

There are alternatives to some of Cloudflare's most popular Services, and, these are purely my own recommendations and are biased - you may find others that suit your needs better: 

  • Domain Registrars:
    • NameSilo
    • Namecheap
    • Your Hosting Provider may also resell domains (such as we do)
  • DNS: 
    • Your Registrar
    • Your Hosting Provider (such as us)
    • Microsoft Azure (for mission critical DNS)
    • ClouDNS (for mission critical DNS)
  • Website Security: 
    • Path.net (DDoS Protection)
    • Cosmic Guard (for cost-effective DDoS Protection)
    • Microsoft Azure (for large business / enterprise protection)
    • Immunify 360 (Linux Web Server Security, Self hosted/managed)
    • Your Hosting Provider, which may provide a combination of these services or similar (such as we do)

Conclusion

I'd like to end this by saying that, as I mentioned in the beginning, this is an opinionated article, although I have done my best to add facts and links to things where I saw relevant. The main takeaway is that you should be cautious when looking at Cloudflare for a number of reasons, but really, for those same reasons, you should look into any major company you do business with, especially one that represents you in your online presence. 

I hope you found this article informative, and I welcome any feedback you may have.

The Basics of DNS

- Reading time: 156 minutes

This is going to be an article to those who are unfamiliar with DNS -- it can be challenging trying to setup your own website if you don't at least understand the basics of how DNS works. This will be a simple overview of how DNS Works.

DNS is most commonly referred to as "the phone book of the internet". Let's say you want to visit duskhosting.net, your devices need to know where exactly where that website lives on the internet, and more specifically the IP Address of the server it lives on. 

This is where DNS comes in. The basic function of DNS is to take a human readable domain name, such as "duskhosting.net", and translate that into an IP Address that networks and computers can read. For example:

Domain Name: duskhosting.net
IP Address: 123.123.123.123

Let's break this down. Let's say you want to visit duskhosting.net. To do that, you must know where duskhosting.net lives, and more specifically the IP Address of the web server where duskhosting.net is hosted - your device doesn't know where duskhosting.net lives on it's own.

First, we reach out to the DNS Resolver - this is typically ran by your Internet Provider. We ask it "Where is duskhosting.net?". Second, The DNS Resolver then responds with the IP Address where duskhosting.net is located. Third, now that we know the IP address of duskhosting.net, we can ask for and retrieve the website from the web server.

And that's the basics of how DNS Works -- but let's add one additional piece into the puzzle, the Authoratative DNS Server. 

Authoritative DNS Server

The Authoritative DNS Server is where the actual records of your domain can be changed and modified - such as the IP Address of the Web Server hosting your website. This is typically your Domain Registrar - which is the company who you own your domain through.

When someone looks up your website, the DNS Resolver first looks at the Authoritative DNS Server for the most up-to-date records.

So, through your Domain Registrar / Authoritative DNS Server, you can change your DNS Records. There are four primary parts to a DNS Record. 

  1.  Record Type - Defines what kind of record you are setting 
  2.  Host - The part of your domain that the record applies to - "@" or just "yourdomain.com" is most common, this would just be your root domain name - but it's value could also be a subdomain such as blog.yourdomain.com
  3. Value - The value of the Record, such as an IP Address of a server
  4. TTL - How long the record stays valid before DNS Servers should check again for new info. 

These are some common record types you can set,

Record Type Definition Example Host / Value
A AKA "Address Record" - Maps your Domain Name to an IP Address yourdomain.com / 123.123.123.123
TXT Stores text records - typically used when verifying ownership of your domain with a third-party like Google or Microsoft. Also used for various e-mail policy settings. yourdomain.com / "google-verification:abcdefg-hijklmnop"
MX Defines a mail server - when someone sends an email to your domain, this is the server it will go to. Microsoft 365 or Google Workspace is very common for this. yourdomain.com / duskhosting-net.mail.protection.outlook.com
CNAME Defines an alias - this subdomain actually points to another domain www.yourdomain.com / yourdomain.com

And these are some examples of how records might look in practice.

As a review, and to show how it works here, we'll go through these records.

  • A - yourdomain.com - 123.123.123.123
    • yourdomain.com lives on the server 123.123.123.123
  • CNAME - www.yourdomain.com - yourdomain.com
    • www.youdomain.com is the same as yourdomain.com
  • MX - yourdomain.com - yourdomain-com.mail.protection.outlook.com
    • yourdomain.com's mail server is yourdomain-com.mail.protection.outlook.com, a mail server that looks like this is common if you use Microsoft 365 for E-Mail, which is highly recommended.
  • TXT Records
    • In this particular case, these records define E-Mail Policies - they're a bit out of scope for this article but just know that they define how email being sent from your server is handled by receiving mail servers.

Terminology Review: 
DNS Resolver: Typically ran by your Internet Service Provider - it's role is to respond to queries from your device when you want to know where a particular domain name is. It responds with an IP Address of a server.

Authoritative DNS Server: Typically your Domain Registrar or Hosting Provider. It's where your DNS Records (A, TXT, MX, etc.) are stored, and where you can manage and change your DNS Records. When someone looks up your website, the DNS Resolver looks at the Authoritative DNS Server to get these records.

This has been a basic, high-level introduction to DNS - if you have any questions, please reach out to us at support@duskhosting.net or create a ticket in your portal.

For a more comprehensive guide on how DNS Works, check out this article by LayerLogix

Important Note: Setting up e-mail tends to need slightly more advanced DNS Configurations that are not fully covered in this article - if you use Dusk Hosting, you can reach out to us for e-mail options, or, check out this article about DNS Configuration for mail servers by Tecadmin.