Blog Home

How much Traffic is too much Traffic for CloudFlare?

Evidence suggests it's 100TB per month.

Before I go into the details I want to state two things first:

So the reason I'm writing this is not because we were kicked (after all, CloudFlare was in the right to do so), but because of how shitty it went down.

For the last 6 years some friends and I have been operating this site that collects images posted in chat rooms on Quakenet IRC. The content gathered is somewhere between reddit and 4chan. It's purely a hobby project - I tried to monetize it through ads some time ago, but failed. Advertising-Networks don't want us as a customer, but I'm fine with that.

Until about a year ago, the site was running fine on a single dedicated server. However, bandwidth consumption was becoming a problem. At times the server's (unmetered) 100mbit/s connection was completely saturated. We've been growing quite a bit.

So we looked for a solution and stumbled upon CloudFlare. Their free plan was exactly what we needed. We didn't want any of the "speed" optimisations, but just their distributed loading to serve our images. It was extremely easy to set up and just worked. In disbelief I commented on HN that I don't understand how they could offer their service for free and that we'd happily pay a few hundred USD (screenshot, orig thread).

In that same comment thread I also expressed my concern that we're somehow using CloudFlare in a way that it was not intended for, but I was assured by CloudFlare's jgrahamc that it's fine. I was later told that jgrahamc's comment was made in error and that our usage was indeed against CloudFlare's TOS (Section 10: Limitation on non-HTML caching).

(Running the whole site through CloudFlare wouldn't make that much sense to us, because it's just one single HTML file, one CSS file and one JS file - about 70kb in total - everything else comes from a JSON API. We never load another HTML file. However, we would happily have enabled it for these files as well, if CloudFlare wanted us to. I suggested this on numerous occasions.)

Everything was running fine until Jan 22. 2013 when suddenly all images on our site didn't load. Opening an image URL directly showed that instead of the image, an HTML site was returned. This site is part of CloudFlare's DOS protection. It's an interstitial that intents to sort out bots.

However, we initially turned off CloudFlare's security settings, because a) if someone wanted to attack us, they'd send automated search requests to our backend and not try to load lots of images and b) CloudFlare just serves images; the interstitials they present would only be presented as broken images.

Logging in into CloudFlare I discovered that the security setting miraculously was changed from the lowest setting ("Essentially off") to the highest ("I'm under attack"). I never received any notification or explanation for the change. I switched it back and everything was running fine again, so I believed it was a fluke.

On Feb 1. CloudFlare completely disabled their service for us and sent all visitors directly to our main Server. The site was now unusably slow so I replaced it with a "Sorry, we'll be back soon" site.

When I logged in into CloudFlare, I was greeted by a notice:

CloudFlare has been temporarily disabled due to a system issue. To ensure there is no performance degradation to your website, we are temporarily routing all traffic directly to your server. Once peak performance is back, we will automatically re-enable CloudFlare.

Again, we were not notified about this by email or any other way.

I waited till the next day, then contacted CloudFlare, asking when we can expect the service to be back. They told us that it's not a "system issue", but that our site was under a "layer 7 attack":

Our operations team routed your site off CloudFlare because was seeing a large layer 7 attack that was negatively impacting other CloudFlare customers. They will review and re-enable the site automatically and no further contact is required.

CloudFlare never enabled our site again.

Curiously, at this time our CloudFlare stats boldly proclaimed "103TB traffic saved by CloudFlare in the last 30 days". Remember the site was disabled on Feb 1. It was the first month our traffic grew beyond 100TB, so I suspect that "layer 7 attack" is a sleazy term for "too much traffic".

On that weekend I talked to their support a bit more and was told that, based on our traffic, we need to be at least on the business plan ($200/mo) - which I would have agreed to - but was assured that someone else would talk to me again on Monday.

One week passed with no answer (I asked a few times), then, yesterday I was contacted again. They apologized for the delay and then told us:

At 100TB/mo., pure file delivery, you'd need to be an Enterprise customer. Let me know if this works within your budget.

The Enterprise plan comes at $3000/mo.

So CloudFlare disabled our site because of a "layer 7 attack", then let us in limbo for two weeks, where we couldn't commit to another solution, only to tell us we need to pay $3000/mo in the end.

We now ordered two servers from Leaseweb in NL, each with 1Gbit uplink and 100TB traffic included to run varnish caches and serve the images. These cost us $200/mo in total.

Wednesday, February 13th 2013


#1matt – Wednesday, February 13th 2013, 19:02

That's pretty crappy of them.

As an aside, you might want to look into losslessly optimising your images using JpegOptim, jpegrescan, jpegtran, pngcrush, etc. You can try these tools out as part of ImageOptim on Mac OS X.

The result would be reduction of your image file sizes by around 20%, and even better in the case of the smaller images. Obviously, that would ease your bandwidth usage.

#2Hartley – Wednesday, February 13th 2013, 19:11

I think this is probably what they meant by "Layer 7" attack. It's a technical terms, not a marketing one.

#3Matthew Prince – Wednesday, February 13th 2013, 19:27

This was flagged to my attention and I've reviewed all the interactions between you and our team. You were using the free version of CloudFlare's service. On February 2, 2013, your site came under a substantial Layer 7 DDoS attack. While we provide basic DDoS mitigation for all customers (even those on the Free CloudFlare plan), for the mitigation of large attacks you need at least the Business tier of CloudFlare's service. In an effort to keep the site online, our ops team enabled I'm Under Attack Mode, which is available for Free customers.

The attack continued and began to affect the performance of other CloudFlare customers, at which point we routed traffic to your site away from our network. While we encouraged you to take advantage of the Enterprise tier of service given your needs and traffic levels, your site would have been brought back onto CloudFlare's network if you upgraded to the Business tier of service ($200/mo) which included Advanced DDoS mitigation.

I am sorry for the confusion. To be clear, we do not bill based on traffic. However, resources are not infinite and when an attack against a Free customer begins to affect the performance of other customers we will take measures to protect the overall integrity of the CloudFlare service.

Best wishes,
Matthew Prince
CEO, CloudFlare
@eastdakota (Twitter)

#4Dominic – Wednesday, February 13th 2013, 19:41

Matthew: thanks for responding. I offered multiple times to upgrade to the Business plan, but was ignored. Also, if you change a site's setting, you should probably notify the account holder about it.

I didn't notice any "attack" when CloudFlare began to route all traffic directly to us. It looked like normal web traffic - much of it, but no more than usual.

#5 – Travis – Wednesday, February 13th 2013, 19:54

lol cloudflare rep (oops, CEO) keeps calling it an attack.

#6Matthew Prince – Wednesday, February 13th 2013, 21:01

I've reviewed the logs. There was definitely both a Layer 4 and Layer 7 attack. I don't know how long the attack lasted after we routed traffic directly since, obviously, we were no longer receiving logs. It may be that traffic is not being captured in your typical server logs. We pull both sflow data (off our routers and switches) as well as web server logs in order to detect attacks.

While we recommended the Enterprise level plan, if you had upgraded to Business you would have been brought back onto our network. I apologize if that was not clearly communicated.

#7sarth – Wednesday, February 13th 2013, 21:20

@Matthew Prince the customer service problems OP detailed supersede the technical issues you are reiterating. Unless OP grossly misrepresents the interaction, you failed to communicate with him, while essentially bringing his site down. And you never really rectified it.

I started out reading this post thinking "Oh yeah, I should move my stuff over to cloudflare ... and anyway I don't do anything like that amount of traffic" to thinking "no way, this would be nightmarish" again, NOT because of the pricing tiers and TOS, but because of the lack of communication and inaction.

#8Hartley – Wednesday, February 13th 2013, 21:50

Sorry, this was the link I thought I had included earlier. ^

#9 – warrenski – Wednesday, February 13th 2013, 21:55

LeaseWeb is awesome! We've been with them for the past 2 years and they're rock-solid.

#10 – fnord – Wednesday, February 13th 2013, 22:40

This sounds like a layer8 problem at CloudFare more than anything else.

Free plan or not, you don't just cut people off without even giving a notice. What tells me you don't do the same when I exceed some unknown limit on my "Business" or "Enterprise" plan?

#11Matthew Prince – Wednesday, February 13th 2013, 22:54

Both enabling "I'm Under Attack Mode" or routing the traffic direct are both supposed to generate an automated message to the customer letting them know what happened. We've reviewed the logs and don't see a message having been sent. I'm investigating why that didn't happen since I agree it is not acceptable.

#12 – splurge – Thursday, February 14th 2013, 00:15

This is an example of a customer service fail not only in the initial correspondence, but also in the CEO's response. Even though you were a non-paying customer, his response should have been, "I'm so sorry for the confusing and inconsistent communication you experienced, and especially the downtime. We're working to find out why you received incorrect and conflicting information and why we didn't communicate the situation more effectively. If there's any way we can make this right and you'd consider returning as a customer, please call me at (xxx) xxx-xxxx."

Instead, the CEO's response sounded defensive and almost accusatory ("your site would have been brought back onto CloudFlare's network if you upgraded to the Business tier of service ($200/mo)"). This despite the fact the user reported he told customer service he'd be willing to pay at that level.

Customer is always right. Unless you don't want them to be your customer anymore.

#13 – thp – Thursday, February 14th 2013, 01:57

@splurge: I think this is one of the best answers a company can give in such a situation, what else do you expect?
100TB is plenty IMHO and yes, there seem to be some problems - which the CEO already gave in.

#14 – John SMythe – Thursday, February 14th 2013, 01:57

A customer is a person who pays for a service. Someone who doesn't pay for a service (yet) is a *lead*. Not all leads are good business. 100TB of traffic does not sound like a good lead to me, not even at the $200 level.

For the record, I am not a shill for the company, just a happy CloudFlare user, nowhere near the usage levels of the OP, and I appreciate that CloudFlare thinks of other customers on the network. I'm actually baffled that I get for free what I do. Before a friend recommended CloudFlare, my site was attacked frequently, and taken down by my hosting company several times. I still see those attacks in the CloudFlare logs, but my site hasn't been down in a looooong time.

Looking at your site, I see an IMGUR clone which was running for free off of CloudFlare's servers. I really don't understand the nonsensical comments above. WTF is wrong with people these days thinking that everything is supposed to be free? Are you all 16 and on an weekly allowance?

Matt also has a very valid point that some sort of optimization of the stored (cached) files would have been a smart option for yourselves (less local storage) as well as CF (less to cache, less bandwidth). I can recommend (Oh wait, it's not free, now what...)

#15Patrick Davison – Thursday, February 14th 2013, 02:20

I doubt Mathew is looking at this as a 'Oh no, lets keep a customer', instead more like 'Oh crap something went wrong, let's find out what'. And I believe his responses are in line with that. - I also believe this is how a CEO should look at it; a rep can give you that cookie-cutter style response that @splurge posted.
I personally use Cloudflare, It's been simple, trouble-free, and covering 80% web-requests and 35% bandwidth (Not to mention almost 20% faster site load). If you're reading this topic and thinking like @sarth "no way, this would be nightmarish" - put cloudflare test, and see if you're not thinking "This is free!?".

#16 – Tom – Thursday, February 14th 2013, 04:32

Maybe its just me, but something like AWS Cloudfront doesn't care if its images or whole site, that's what I would end up using.

#17Peter Edmunds – Thursday, February 14th 2013, 04:54

"This is free!?" is the only possible reaction from any sane person to the range of services that Cloudflare provide with their free plan.

Try to get it all free anywhere else. Doubt it.

Complain about getting huge amounts of free stuff because the company's response is a bit geeky? Great idea, really annoy Cloudflare so they drop the free plans for the minor MiBs per month accounts like me.

#18 – Cory Wong – Thursday, February 14th 2013, 06:34

The review for LeaseWeb hasn't been great. Anyone else use their service? Any comment about theri service?


#19 – quarkie – Thursday, February 14th 2013, 10:40

You know, leaseweb's 100TB servers, also very clearly state, that the 100TB servers cannot be used as Content Delivery Networks, caches or streaming servers. It seems you have a problem at reading each service rules! Bandwidth is not cheap, and you will probably have problem with Leaseweb too at some point

#20Dzik – Thursday, February 14th 2013, 11:44

If you want something for free, check CoralCDN ... just make sure it will get your needs (

#21 – Stéphane – Thursday, February 14th 2013, 16:43

@Dominic: Why don't you just route your image traffic through cloudfront? It would cost you 8$ for the bandwidth plus $0,0075 per 10K requests

#22Dominic – Friday, February 15th 2013, 02:34

@Stéphane you probably misread GB for TB? According to the cloudfront website ( ), the price per GB in Europe is $0.12. At 100TB, or 100,000GB per month that's $12,000, not $8 :)

#23 – Curtis – Friday, February 15th 2013, 03:59

Blah blah attack blah ...

Blah blah free blah blah...

I don't think this is systemic, but I also don't think this is trivial. CloudFlare's "engineers" messed up. That's not the CEO's fault, even though he's out here damage-controlling. That's the fault of some dummy (or dummies) in the NOC at CloudFlare. Or perhaps some programmer who didn't test his "customer alerting auto-messaging" script enough. CloudFlare is still pretty awesome on the whole, especially considering you don't pay a penny for what you get. Look at it this way: You could be running a Rails project on Heroku........

#24 – Andre – Tuesday, March 5th 2013, 19:43

I agree cloudflare is awesome. But if you look at the whole picture this seems like "lets get loose of that unprofitable customer". Support tells him he has to pay 3000USD for the enterprise plan and then after a blog post the CEO says all that lack of communication (and probably lies and procrastination) was a mistake and the 200USD plan will be ok. Who are you kidding? You disagreed to the 200USD plan because this customer just is not profitable and never will be (traffic will probably go even up more). If cloudflare had nuts they just admitted they dont want dominic as a customer and told him that instead of playing those unprofessional games.

#25 – Thelen – Monday, April 15th 2013, 08:30

@ quarkie ah I was going to say the same thing.

#26 – Jack – Sunday, May 19th 2013, 21:35

Cloudflare is looks like an insurance company.
You pay them when every thing is normal to protect you when something goes wrong.

But cloudflare get your money and once some DDOS attack happen they cut your website down and send all traffic directly to your server...

They only protect their brand customers, such as Spamhaus... If a DDOS attack use 50-60TB of their bandwidth, then you are done, Only enterprise customers can survive, Their enterprise plan start at $3000 and goes up $2500 for each additional 100TB

#27 – Mark – Monday, June 3rd 2013, 06:57

So you weren't paying Cloudflare anything, got 100TB of free bandwidth, mitigated a DOS attack, but now you're pissed off and upset because they wouldn't provide exceptional service to a non-paying "customer"?

#28Merlijn – Monday, June 10th 2013, 13:33

For me it's unclear whether Cloudflare only served the images (CDN) or served and hosted the images. If you hosted the images on Cloudflare it would be a clear violation of their section 10: limitation on non-html caching. But then they should have told you at the beginning when you asked for it.

At the end they just don't want a customer like you and they should have told you so. But you could have known, there is no such thing as a free lunch!

#29 – Anonymous – Friday, July 26th 2013, 18:15

I think some of these comments are ridiculous.

Regardless of how poorly handled the customer service might have been, they were providing you with 100 TB per month for FREE!

That's a ridiculously good offer.

#30Knifeineye – Tuesday, July 30th 2013, 00:07

Don't fool yourself with the"good intentions" of the cloudflare group, it's a simple extortion racket based on the drug-dealer model - they give you something for free (DNS & cache), get you hooked (fast access & lots of page views for a time), then start demanding money for the previously free stuff (ooh, your under attack... maybe if you upgrade to business or enterprise your site will be OK). All you internet dependent types should wake up and smell the coffee, if it's run by a lawyer it's a criminal enterprise.

#31saintluci – Thursday, August 8th 2013, 02:13

The poster really has entitlement issues just like most of the Americans who now live on dole outs from their bankrupt government.

If you do not like the service, get out. Don't hide behind your reason that you offered to pay and they disregarded you. Or they did not notify you when they shifted your site. You weren't paying in the first place.

Maybe they do not like you as a customer. And based on what I read, I would rather have a reasonable customer over someone who acts like a spoiled brat - just like those Americans living on charity from their bankrupt government.

#32 – David – Monday, August 12th 2013, 19:32

Wow... Cloudflare employees are very active at this article.

If you want to defend your company, Defend it in a professional way with your REAL name and position in the company...

Tired of reading comments that fully take Clouldflare side with out any logic...

Clouldflare! Your reputation manager sucks!!!

#33 – Sissy Mendelstein – Tuesday, September 24th 2013, 17:29

I am thinking of getting Cloudflare and after reading this article

#34 – Peter V – Saturday, October 5th 2013, 04:02

I just activated cloudflare on one of my sites (the option one level above free). It decreased my site load time by about 40%.

Im pretty psyched about it.

Just my 2 cents, at this point

#35 – Kim – Tuesday, October 8th 2013, 02:51

After reading, the comments here, I've decided to become a Cloudflare customer. I came here expecting to be convinced not to use their service, but was honestly surprised by how well the haters of Cloudflare argued FOR the service.

Really, attacking the character of those from Cloudflare responding to the post just sounds like you can't actually find fault in their responses. I can't really find fault in them either. Heck, even the OP admits they are in the right. Meanwhile, a lot of the 'arguments' against Cloudflare are merely character defamationposts. "Oh, they're scammers. Oh, they're an insurance company. Oh they're run by lawyers." Not only do these arguments not give any reason to me to not use Cloudflare, they're also blatantly insinuating that all insurance companies and lawyers are scammers, which is definitely not the case.

(A lawyer pro-bono helped put the rapist of a loved one behind bars forever, and an insurance company paid entirely for her stay in the hospital, so I'm sure not all of them are.)

Sure, it's kinda crappy that there was a huge miscommunication issue, but Cloudflare already apologized and followed the case up even when OP is no longer a customer of theirs. Good enough for me.

#36indolering – Wednesday, October 23rd 2013, 10:15


Right-on man, this thread is mind blowing in how little respect people have for what CloudFlare has done for the web. I mean, they essentially showed up and extended some really advanced caching and other resources to everyone for free. In the process, they have made the web faster, safer, cheaper and more stable place. For their support staff to take the time to hit a comment thread and personally review a case file for a freemium customer whom was violating their TOS is pretty amazing.

The only thing that could have made the process smoother would be to automate the notification process and offer upgrades when support tickets started to drag on. It's painful for everyone when you can't afford to help a customer but keep doing it anyway. Had Cloudflare more been able to show logs that would have convinced the OP an actual attack was underway and explain the limits of the service, s/he would have paid right away. The real problem was the 1:1 customer support!

Anyway, stop accusing CloudFlare of being part of some conspiracy. They are one of the good guys, okay?

#37Don Omondi – Friday, December 6th 2013, 02:05

I landed here by googling Cloudflare Enterprise...

I have been a customer for about a year now with 3 of my personal sites all on their free plan. I recently upgraded one of my sites and expect a surge in traffic, nowhere near 100TB per month but a few 10's of GB. I got a free ssl cert from and sadly, cloudflare's free plan does not support ssl so I had to pause all my sites...until my sites can generate money from their services and not my pocket.

Anyway, I just wanted to comment and say that cloudflare has been a wonderful service thus far, can't complain, does what they say, reduce bandwidth server load etc... but anybody thinking that the situation that the blogger in question was not mishandled is fooling themselves. I will still be a Cloudflare customer despite reading this because I can understand why they did it just not how they did it. Credit to CEO for trying to put out the fire, but being a tech guy I thought he of all people would know that talking over the internet only fuels the fire.

#38Mvn – Wednesday, December 11th 2013, 03:29

CloudFlare is an exceptional service which, honestly, shouldn't be free. The amount of features and service you get as a Free customer is unheard of! We've been using CloudFlare for nearly two years and have only had one or two minor hiccups.

They have an amazing service and an amazing customer support team. Plus the fact the CEO responds to issues first hand? Amazing.

Seems like this situation was a case of "I want more" with the stipulation of it being Free.

#39Pon – Wednesday, January 8th 2014, 12:07

I am using cloudflare for the past few months. It is undoubtedly a great service and User interface is good also.

After using the CDN, My site load time is reduced vastly. We really apreciate what they offer as free.

Even if my traffic doesnot touch 1TB/ YEAR, whatever they offer is free and I could not find anyone who gives this service free of charge.

#40 – RS – Sunday, January 12th 2014, 01:42

The shills posting here are really not making cloudflare look better ...

#41Jorge – Sunday, January 19th 2014, 16:24

If before I hesitated about Cloudflare use, now Im sure thats the company I do want to use for CDN support. 100TB use for free and youre complaining?? and even more so; a Cloudflare rep enters the conversation and almost appologizes for the situation.
I sure dont understand why youre complaining, really, and more so, youre dammaging us because could force Cloudflare for stop being free on small websites that we happily use. Totally uncalled critic to them..

#42 – Jay – Thursday, March 13th 2014, 03:49

The main problem that I see here is that Cloudflare ostensibly does not charge for bandwidth, but they don't make it clear either that you're not supposed to be caching images with them.

In this blog post here, it seems like hosting images is legit and sanctioned by Cloudflare ("option 2"):

But if you cross the hidden 100 TB threshold, you're cut off until you pay up. That seems unfair at best, and like bait-and-switch at worst.

Given that CDNs such as Amazon CloudFront charge 12 cents / GB, it's surprising that Cloudfront seems to be giving away it's service for free.

While CloudFlare provides valuable free and paid services, they really need to improve transparency around their terms of use and charges.

#43 – Jay – Thursday, March 13th 2014, 03:51

Sorry for my sloppy editing in my previous comment. What I meant to say was:

Given that CDNs such as Amazon CloudFront charge 12 cents / GB, it's surprising that Cloudflare seems to be giving away its service for free.

#44Shahnawaz @current affairs 2014 – Saturday, April 5th 2014, 21:29

I am planning to have a account on CloudFlare but they are asking about ftp,dns server etc details which is quite risky I guess.So could you guide on this.Should I signup there ?

#45xam segdoh – Friday, May 30th 2014, 09:00

Could it be possible that CloudFlare orchestrates DDOS attacks to convert leads into paying customers?

#46David Scarpitta – Tuesday, June 17th 2014, 12:04

I can say that we happily use Cloudflare for our own ecommerce platform that had attacks daily and we have seen serious improvement in performance and reliability. We pay for the smaller plan, but I have no qualms with that.

#47 – sinelogix technologies – Friday, July 18th 2014, 11:19

thanks for such a good info . same question is it safe to sign up there because they need so much information

#48 – Triedtested – Monday, September 1st 2014, 21:57

What is all this rubbish. I have been using cloudflare free for a year and now have the $20 a month plan.

What are all these girls moaning about ?

For free this service is amazing and it hasnt let me down once.

I had 6 hrs downtime the other day and I still converted as many sales because cloudflare kept my cached pages going.

My site only has 3000 a day and in 2 years i have had no problem at all with cloudflare. Even if there is a problem you just change you nameservers, i dont see what all the fuss is about.

Lets clear this thread up

So a spam master leech abused cloudflare. He came on here to moan. The ceo told him to screw himself and stop ruining the service for people who pay and or who use it fairly.

Cloudflare is great for me

Maxcdn is no use unless your host is complete rubbish or you have 10,000+++ global traffic a day

#49 – Tom – Sunday, September 7th 2014, 09:27

Yeah, it looks great until you read the terms of service.

"CloudFlare reserves the right to investigate you, your business, and/or your owners, officers, directors, managers, and other principals, your sites, and the materials comprising the sites at any time. These investigations will be conducted solely for CloudFlare's benefit, and not for your benefit or that of any third party."

Plus they talk about the right to add ads, and do just about anything they please to your website. While they keep the sole remaining right to shut off the service at any time without notice.

Thanks, but no thanks.

#50 – Ian – Wednesday, September 10th 2014, 05:42

First off, I never comment on sh**, and I can assure you 100% I have no affiliation with cloudFlair as of yet, but after loading up a couple of domains tonight I was simply amazed. I don't even remember what I Googled to end up at this website. I think it was nginx and cloudFlair, but anyway, I was at that site when I saw the link to this post talking about how much bandwidth is too much. Which in all actuality is a legit question. I think the age old rule is still true, I don't know how it works in this situation but the rule is generally... If you are not paying for a product, you are the product. That's how it works with fb and basically anything else you get for free. With cloudFlair though, and trust me I've been researching this company all day, I think they're legit. I think the benefit they get from their stupidly free service is so many amazingly satisfied customers, that they will not only waste time posting on a blog in their defense, but that might also have to upgrade in order to use SSL when they need it. I saw somebody post about how it's a bait and switch at worst, and I disagree there as well. I think they make it clear that they will take measures to defend their network and paying customers. They obviously even try to protect their non-paying customers. I think the CEO did his best to talk it out, but I also agree with the post that said how this might not have been the place to talk about it. Regardless Matt, I'm Ian, and I want to come over to your company and hump somebodies leg or something because I think your service rocks. After I got my DNS switched I went to reload my site and I said to myself... 'It's not gonna work'. It did though. I'm now going to bring over a hundred or so domains and promise that in some way I will be a paying customer asap. Please take this as my first show of appreciation. To other people reading this, I want to help put a few things in perspective. I was reading the other day that the whole stackOverflow trilogy only does 2000 gigs a month. You're talking about 50 times that. I bet cloudFlair would even be okay with that if it was legit traffic but if it's all at once, that hurts everybody involved. Plus if you're doing that good, yeah... it's time to upgrade and start paying back the people that helped you get there. To the author of the article, I don't think you were in any way out of line. I also think that you just did what any of us would do if placed in the same situation. I do think it would be a real stand up move on your part to show the company a little love. I mean the freaking CEO commented multiple times on your blog, he did so respectfully, and he admitted fault. The least you could do is serve this through his platform. After all, it sells the service either way it goes.

#51 – Ian – Wednesday, September 10th 2014, 06:20

First off, I remembered what I was Googling... It was "does cloudFlair support audio captchas". I'm pretty much blind so I care about stuff like that. But after I posted I saw the guy before me's post and thought I'd go one further and help out anybody who he might have confused. Hopefully I'm not violating section two here...

If you have questions about these terms or anything else about CloudFlare, please don't hesitate to contact us:
Contact the team
+1 (650) 319-8930
665 3rd St. #200
San Francisco, CA 94107
Policy date: August 20, 2012
CloudFlare terms of use
CloudFlare, Inc, a Delaware corporation ("CloudFlare") provides this website located at (""), all the content under this domain, certain related software, and its services to you subject to the following terms and conditions. By using you agree to be bound by the latest amended versions of this Agreement and CloudFlare's Privacy and Security Policy (see "Modifications" below).
By using the information, tools, features and functionality located on, through any CloudFlare APIs, or through any software or other websites that interface with or its APIs (collectively the "Service"), you agree to be bound by this Agreement, whether you are a "Visitor" (meaning you merely browse the website) or you are a "Member" (meaning you have registered with CloudFlare). The term "you" or "User" refers to a Visitor or a Member. If you wish to become a Member and make use of the Service you must read this Agreement and indicate your acceptance during the Registration process. If you accept this Agreement, you represent that you have the capacity to be bound by it or, if you are acting on behalf of a company or entity, that you have the authority to bind such entity.
All content included on, such as text, graphics, logos, button icons, images, audio clips, digital downloads, data compilations, and software, as well as the compilation of that content into one, coherent website, is the property of CloudFlare and protected by United States and international copyright laws. Reproduction of the content of without the written permission of CloudFlare is prohibited.
CloudFlare®, the CloudFlare logo, and other CloudFlare graphics, logos, page headers, button icons, scripts, and service names are trademarks, certification marks, service marks, or other trade dress of CloudFlare or its subsidiaries. CloudFlare's trademarks, certification marks, service marks, and trade dress have inherent meaning and substantial value because of their restricted use. They may not be used in connection with any product or service that is not CloudFlare's, in any manner without CloudFlare's permission. All other trademarks not owned by CloudFlare or its subsidiaries that appear on are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by CloudFlare or its subsidiaries.
In consideration for accessing and the Service, CloudFlare grants you a limited license to access and make personal use of the website. This license prohibits your downloading (other than page caching) or modifying any portion of it, except with express, written consent of CloudFlare. This license does not allow resale of CloudFlare's services without CloudFlare's written permission. You may not frame or utilize framing techniques to enclose any trademark, logo, or other proprietary information (including images, text, page layout, or form) of without express written consent of CloudFlare. You may not use any meta tags or any other "hidden text" utilizing CloudFlare's name or trademarks without the express written consent of CloudFlare. Any unauthorized use automatically terminates the permission or license granted by CloudFlare and may incur legal liabilities for any damages.
You are granted a limited, revocable, and nonexclusive right to create a hyperlink to any non-password protected directories. You may not use any of CloudFlare's proprietary graphics or trademarks as part of the link without express written permission.

****This is the paragraph that says they can do what they did...

If you are issued an account, you are responsible for maintaining the confidentiality of your account and password, and you agree to accept responsibility for all activities that occur under your account or password. CloudFlare reserves the right to, under its sole discretion, refuse service, suspend or terminate accounts, or otherwise restrict access to and the CloudFlare Service.
CloudFlare's Service allows you to install or utilize certain Third Party Apps ("Apps"). These Apps are provided "AS IS" and governed by their own Terms of Service and Privacy Policies as set forth by the Third Parties that provide them. CloudFlare does not endorse and is not responsible or liable for the services or features provided by these Apps you choose to install. You acknowledge and agree that CloudFlare shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any Apps.

****This is one of the sections that the poster before me was confused about. In no way does it say that they will place ads on your page. It says that they might put scripts on your page... If you enable them!

You retain full copyrights in any materials served through CloudFlare. Depending on the features you select or Apps you enable, CloudFlare may modify the content of your site. For example, CloudFlare may detect any email addresses and replace them with a script in order to keep it from being harvested, or CloudFlare may insert code to improve page load performance or enable a Third Party App. Depending on the features you enable, you acknowledge CloudFlare may:
1.Intercept requests determined to be threats and present them with a challenge page.
2.Add cookies to your domain to track visitors, such as those who have successfully passed the CAPTCHA on a challenge page.
3.Add script to your pages to, for example, add services, Apps, or perform additional performance tracking.
4.Other changes to increase performance or security of your website.
CloudFlare will make it clear whenever a feature will modify your content and, whenever possible, provide you a mechanism to allow you to disable the feature.
As a visitor to and a user of the CloudFlare Service, you consent to having your Internet Protocol address recorded and your activities monitored to prevent abuse.
As part of the CloudFlare Service, you may choose to monitor the traffic to certain websites. In doing so, you acknowledge that CloudFlare acts as your limited agent (and data processor in the EU context) to you for the purpose of providing Internet data and optimization services. You acknowledge that it is your responsibility to ensure that the use of CloudFlare's Service is permitted under the laws of your jurisdiction and you agree to indemnify and hold CloudFlare harmless if your use of the Service is in violation of local law. Where required by law, you agree to post a privacy policy on any that, at a minimum, discloses any and all uses of personal information that you collect from users including any information collected via the Service. You agree to indemnify and defend CloudFlare from and against any and all claims stemming from your failure to comply with this provision and/or your failure or refusal to abide by the terms and provisions of any applicable privacy policies. You acknowledge that CloudFlare may use this data to improve its service or enable other services (e.g., using visitor traffic logs or data posted through the service to detect threats so as to stop future attacks).

****This is the section that says why they did what they did...

You acknowledge that CloudFlare's Service is offered as a platform to cache and serve web pages and websites and is not offered for other purposes, such as remote storage. Accordingly, you understand and agree to use the Service solely for the purpose of hosting and serving web pages as viewed through a web browser or other application and the Hypertext Markup Language (HTML) protocol or other equivalent technology. CloudFlare's Service is also a shared web caching service, which means a number of customers' websites are cached from the same server. To ensure that CloudFlare's Service is reliable and available for the greatest number of users, a customer's usage cannot adversely affect the performance of other customers' sites. Additionally, the purpose of CloudFlare's Service is to proxy web content, not store data. Using an account primarily as an online storage space, including the storage or caching of a disproportionate percentage of pictures, movies, audio files, or other non-HTML content, is prohibited. You further agree that if, at CloudFlare's sole discretion, you are deemed to have violated this section, or if CloudFlare, in its sole discretion, deems it necessary due to excessive burden or potential adverse impact on CloudFlare's systems, potential adverse impact on other users, server processing power, server memory, abuse controls, or other reasons, CloudFlare may suspend or terminate your account without notice to or liability to you.

****This is the other section the poster before me was talking about. It says that they will investigate you and your site if need be to make sure that you or your site are not putting them in harms way.
****Legit people and companies don't care about this and say bring out the microscope!
CloudFlare reserves the right to investigate you, your business, and/or your owners, officers, directors, managers, and other principals, your sites, and the materials comprising the sites at any time. These investigations will be conducted solely for CloudFlare's benefit, and not for your benefit or that of any third party. If the investigation reveals any information, act, or omission, which in CloudFlare's sole opinion, constitutes a violation of any local, state, federal, or foreign law or regulation, this Agreement, or is otherwise deemed harm the Service, CloudFlare may immediately shut down your access to the Service. You agree to waive any cause of action or claim you may have against CloudFlare for such action, including but not limited to any disruption to your website. You acknowledge that CloudFlare may, at its own discretion, reveal the information about your web server to alleged copyright holders or other complaintants who have filed complaints with us.
You agree to indemnify and hold CloudFlare, and its subsidiaries, affiliates, officers, agents, co-branders or other partners, and employees, harmless from any claim or demand, including reasonable attorneys' fees, arising out of your use of the Service, your connection to the Service, your violation of the Terms of Service, or your violation of any rights of another.

****In all honesty, this is the only line that scared me, but I think it's just worded funny. They can't really delete my gmail account can they?
****The answer is no... They can't. I'm sure they just meant to say that they will delete your email address from their database.

CloudFlare's policy is to investigate violations of these Terms of Service and terminate repeat infringers. You agree that CloudFlare may, under certain circumstances and without prior notice, immediately terminate your CloudFlare account, any associated email address, and access to and associated Services. Cause for such termination shall include, but not be limited to: (a) breaches or violations of the Terms of Service or other incorporated agreements or guidelines; (b) requests by law enforcement or other government agencies; (c) a request by you (self-initiated account deletions); (d) discontinuance or material modification to the Service (or any part thereof); (e) unexpected technical or security issues or problems; (f) extended periods of inactivity; (g) you have engaged or are reasonably suspected to be engaged in fraudulent or illegal activities; (h) having provided false information as part of your account; (i) having failed to keep your account complete, true, and accurate; (j) any use of the Service deemed at CloudFlare's sole discretion to be prohibited; (k) use of fraudulent payment methods; and/or (l) nonpayment of any fees owed by you in connection with and associated Services. Further, you agree that all terminations for cause shall be made in CloudFlare's sole discretion and that CloudFlare shall not be liable to you or any third-party for any termination of your account, access to the Service, or any disruption to your services such a termination may cause. You expressly agree that in the case of a termination for cause you will not have any opportunity to cure. You further acknowledge and agree that notwithstanding any termination, your obligations to CloudFlare set forth in Sections 2, 3, 4, 8, 9, 11, 12, 13, 23, 24, 25 and 26 shall survive such termination.
CloudFlare is a pass-through network and, at most, caches content for a limited period in order to improve network performance. CloudFlare automatically removes content from our caches when it has been removed from our customer's origin web server. CloudFlare is not a hosting provider and has no way of removing abusive content on third party hosting services. Individuals or copyright holders concerned with content served through CloudFlare's network may submit a complaint for investigation to:
CloudFlare does not accept abuse complaints submitted over the telephone. If you would prefer not to use our complaint submission form, you may mail your complaint to:
CloudFlare, Inc.
Attn: Abuse Department
665 3rd Street, Suite 200
San Francisco, CA 94107
Please provide detailed information supporting your complaint as well as an affidavit attesting to its validity.
By submitting a complaint, you acknowledge that, at CloudFlare's sole discretion, copies of the complaint may be provided to the CloudFlare user, the user's hosting provider, posted on CloudFlare's website, and/or provided to third party services such as
CloudFlare may modify this Agreement from time to time. Any and all changes to this Agreement will be posted on In addition, the Agreement will indicate the date it was last revised. You are deemed to accept and agree to be bound by any changes to the Agreement when you use the Service after those changes are posted.

****This in no way says that they are goingt to put links on your webpage.

The Service may provide, or third parties may provide, links to other websites or resources. Because CloudFlare has no control over such sites and resources, you acknowledge and agree that CloudFlare is not responsible for the availability of such external sites or resources, and does not endorse and is not responsible or liable for any content, advertising, products, or other materials on or available from such sites or resources. You further acknowledge and agree that CloudFlare shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content.

****Please do!

CloudFlare shall be permitted to identify you as a customer, to use your website's name in connection with proposals to prospective customers, to hyperlink to your website's home page, to display your logo on the CloudFlare's web site, and to otherwise refer to you in print or electronic form for marketing or reference purposes.
You agree that, except as otherwise expressly provided in this Terms of Service, there shall be no third party beneficiaries to this Agreement.
The failure of CloudFlare to exercise or enforce any right or provision of this Agreement shall not constitute a waiver of such right or provision. If any provision of the Terms of Service is found by a court of competent jurisdiction to be invalid, the parties nevertheless agree that the court should endeavor to give effect to the parties' intentions as reflected in the provision, and the other provisions of the Terms of Service remain in full force and effect.
If any provision of the Terms of Service is found by a court of competent jurisdiction to be invalid, the parties nevertheless agree that the court should endeavor to give effect to the parties' intentions as reflected in the provision, and the other provisions of the Terms of Service remain in full force and effect.
You agree that your CloudFlare account is non-transferable except with the written consent of CloudFlare.
You agree that regardless of any statute or law to the contrary, any claim or cause of action arising out of or related to use of must be filed within one year after such claim or cause of action arose or be forever barred.
By visiting, you agree that the laws of the United States and, specifically, those of the state of California, without regard to principles of conflict of laws, will govern these Conditions of Use and any dispute of any sort that might arise between you and CloudFlare or its affiliates. Any dispute or claim arising out of or in connection with this Agreement shall be adjudicated in San Francisco County, California, USA.
In the case of any disputes under this Agreement, the parties shall first attempt in good faith to resolve their dispute informally, or by means of commercial mediation, without the necessity of a formal proceeding.
Any controversy or dispute arising out of or relating to this Agreement, or the breach thereof, which cannot otherwise be resolved as provided above shall be resolved by arbitration conducted in accordance with the commercial arbitration rules of the American Arbitration Association ("AAA") and judgment upon the award rendered by the arbitral tribunal may be entered in any court having jurisdiction thereof. The arbitration tribunal shall consist of a single arbitrator mutually agreed by the parties, or in the absence of such agreement within thirty (30) calendar days from the first referral of the dispute to the AAA, designated by the AAA. The place of arbitration shall be San Francisco, California, U.S.A., unless the parties shall have agreed to another location within fifteen (15) calendar days from the first referral of the dispute to the AAA. The arbitral award shall be final and binding. The parties waive any right to appeal the arbitral award, to the extent a right to appeal may be lawfully waived. Each party retains the right to seek judicial assistance: (i) to compel arbitration; (ii) to obtain interim measures of protection prior to or pending arbitration, (iii) to seek injunctive relief in the courts of any jurisdiction as may be necessary and appropriate to protect the unauthorized disclosure of its proprietary or confidential information, and (iv) to enforce any decision of the arbitrator, including the final award.
The arbitration proceedings contemplated by this Section shall be as confidential and private as permitted by law. To that end, the parties shall not disclose the existence, content or results of any proceedings conducted in accordance with this Section, and materials submitted in connection with such proceedings shall not be admissible in any other proceeding, provided, however, that this confidentiality provision shall not prevent a petition to vacate or enforce an arbitral award, and shall not bar disclosures required by law.
The authoritative version of CloudFlare's Terms of Service is available at: While translations of these terms may be provided in multiple languages for your convenience, the English language version hosted at the link above is binding for all users of, the CloudFlare Service, and any CloudFlare Downloadable Software.
The headings and section titles in the Terms of Service are for convenience only and have no legal or contractual effect.

***That's the hole thing as of the date of this comment which can be found at the top of it...

#52 – Ian – Saturday, September 13th 2014, 20:34

I figure I better correct my spelling of cloudFlare. Woops...

Post a Comment:

Comment: (Required)

(use <code> tags for preformatted text; URLs are recognized automatically)

Name: (Required)


Please type phoboslab into the following input field or enable Javascript. This is an anti-spam measure. Sorry for the inconvenience.