The Case for Becoming a Cloudflare Shop

Over the past few years, I've watched Cloudflare evolve from "the CDN company" to something far more interesting: a full-stack edge platform.

DNS. CDN. WAF. DDoS mitigation. Zero Trust. Workers. Pages. R2 storage. D1 database. AI inference at the edge. And now, with their acquisition of Astro and the launch of EmDash last week, they are making a real play at the application framework and CMS layer.

At Squeakworks, we've been building on Cloudflare infrastructure for years. The more we use it, the more we centralize on it. Here's why that trajectory makes sense for many web-first businesses.

Performance is table stakes

Edge computing means your users get responses from the closest data center, not some origin server on the other side of the country. Cloudflare operates in over 300 cities worldwide. For most of your users, that means single-digit millisecond latency to the nearest node. But performance is just the starting point; Everyone expects fast sites now. The real value is elsewhere.

When your DNS, firewall, bot management, DDoS protection, and Zero Trust access are integrated into a single platform with a single dashboard and a unified set of configurations, you eliminate the need to juggle multiple vendors.

Imagine the alternative, where you have to work with separate vendors for DNS, CDN, WAF, DDoS, and a virtual private network. This gives rise to a situation where you will have five separate dashboards, five separate billing systems, and five different documentation manuals. There will also be five integration points that can cause failure.

With a unified stack, troubleshooting becomes much easier. You have consistent configurations, and you can apply security policies comprehensively rather than deal with disconnected parts.

Compliance gets easier

It is especially important for clients in highly-regulated industries. It is much easier to undergo an audit when you have only one vendor that tells you the whole security story, rather than assembling five different vendors whose security stories are not connected.

Cloudflare follows SOC 2, ISO 27001, PCI DSS, and HIPAA requirements. Cloudflare has transparency reports. Cloudflare has an incident response plan. If an auditor ever questions you about your security architecture, it certainly helps a great deal to have a single platform responsible for everything.

The developer experience

Cloudflare Workers are now a fully-fledged platform for applications. Serverless functions at the edge, where you have access to storage, queues, cron jobs, and even AI inference. Build your applications without managing servers.

Pages enables static site hosting that can automatically build sites from Git. R2 provides S3-compatible object storage without egress costs. D1 is a SQLite database at the edge. The puzzle pieces are falling into place for an all-inclusive full-stack environment.

EmDash, unveiled last week, goes a step further. It relies on Astro technology and presents itself as a replacement for WordPress, addressing the issue of plugin security, which accounts for 96% of WordPress vulnerabilities. Plugins operate in isolation from one another in a sandboxed environment, with permissions rather than direct access to the database.

For those who want speed without dealing with infrastructure, this makes a lot of sense. In our company's case, having managed multiple client properties reduces cognitive overhead.

Is Cloudflare for everyone?

Of course not. After all, in some cases, using old applications might force you to use the conventional approach. In addition, sometimes the period during which your developers worked with AWS or GCP services could be too long to switch to something else. Last but not least, there could be some services available only in the other providers' portfolios.

However, for companies whose primary products live in the web domain, the case for Cloudflare becomes incredibly strong.

That's the bet I'm making. And so far, I like the odds.