If you own or operate a Magento 2 eCommerce site, you almost certainly have spent time trying to improve performance and load speed. Magento 2 is a powerful eCommerce solution, but it is also complex and resource intensive, even on a “vanilla” installation. You can get a powerhouse web host, enable multiple levels of front-end and back-end caching, and integrate powerful search tools to try to improve performance. Those efforts will get you much of the way there, but not all the way.
We have used a number of CDN systems in the past on various Magento stores that we manage for clients. I wanted to highlight one in particular today that includes all of the standard performance improvements that come along with CDNs, and also some security tools that can help you combat malicious behavior by malicious site users.
Cloudflare is a big name in the CDN space for a variety of reasons. They offer a full-featured free introductory plan which includes common CDN features as well as some powerful security tools.
Budget is tight, what can I get for free on Cloudflare?
Cloudflare offers a pretty solid free CDN service for budget-conscious site managers. The free plan includes the global CDN, which can help by improving load times by caching all of your site assets, reducing your bandwidth costs, and increasing your site availability by introducing redundancy on global networks.
Rather than users being served static content directly from your host server, the Cloudflare CDN provides the primary access point. Your Magento 2 install routes through the CDN using internet exchange points, which are locations where ISPs route internet traffic. This essentially puts your static content much closer to your site visitors, improving load speeds, which ultimately improves your bounce rates and conversions.
Cloudflare DDOS Protection
The 2nd freebie you get with Cloudflare is actually pretty huge: DDoS (Distributed Denial of Service, which essentially floods your site with bot traffic to make it unusable by actual customers) protection. We were recently dealing with some malicious behavior on a site where malicious actors were abusing the checkout system to test credit card data. Card testing is unfortunately common on Magento 2. This type of behavior can be costly to site owners, who in turn must deal with unhappy payment processors who hold site owners responsible for the abuse of their payment systems.
With Cloudflare DDoS protection, you get a huge leg up on combating this bad behavior. Cloudflare takes a multi-layered approach to dealing with this. Layer 7 protection is the top layer of protection, or the ‘application layer’. This is where most HTTP traffic (server requests and responses) occurs. Cloudflare intelligently filters this traffic to protect against attacks.
The 2nd layer is called the Transport layer, and Cloudflare protects at this layer using special proxies that intercept DDoS attacks across multiple vectors (think of this like a series of bodyguards between your network traffic and your site visitors).
The 3rd layer of protection is the Network layer, which is internet traffic across global networks. Cloudflare filters and ‘sniffs’ for attacks and mitigates them before they reach your browser.
All of this makes Cloudflare a real powerhouse at finding and stopping threats before anything even comes close to your website traffic, and if an attack does somehow get through, there are further tools to mitigate the attack.
Caching: Wait, there’s more?
Cloudflare CDN includes a caching mechanism that will only speed up your default Magento 2 caching setup. Cloudflare will cache absolutely everything that is cache-able on your site and distribute it to your visitors using their proxy servers. These servers are widely distributed ensuring a proxy server will be within range of your customers.
Let us know if any of these features sound attractive to you, and we would be happy to help you get Cloudflare integrated with your site. This is one of those ‘peace of mind’ decisions you will be happy you made.