Cloudflare

Cloudflare has become the backbone of my web infrastructure. It is not simply a CDN or DNS service: it is a complete platform I use to manage almost every aspect of my applications, from frontend distribution to backend protection, from storage to captcha systems.

Workers: Serverless at the Edge

Cloudflare Workers represents one of the most interesting technologies in the modern serverless landscape. The frontend of this very website is developed with Astro.js and, thanks to the dedicated adapter, runs directly on Cloudflare Workers. This means pages are generated and served from the edge location closest to the user, ensuring minimal latency regardless of the visitor's geographic location.

The edge-first approach offers significant advantages: no perceivable cold start, automatic scaling with no practical limits, and a usage-based pricing model that is extremely cost-effective for projects of any size.

Zero Trust: Security Without Compromise

My application backends run on private servers, but I never directly expose public IP addresses. I use Cloudflare Zero Trust as a reverse proxy to completely mask the underlying infrastructure. This approach offers multiple security benefits: native DDoS protection, impossibility for attackers to bypass Cloudflare protections by targeting servers directly, and the ability to keep data 100% on my own systems.

Zero Trust also allows me to implement granular access policies for admin panels and internal APIs, adding authentication layers without modifying application code.

R2: Object Storage Without Egress Fees

Cloudflare R2 is the direct answer to Amazon S3, with one fundamental difference: zero egress costs. While S3 can become expensive when serving large volumes of data, R2 completely eliminates this expense, making it ideal for high-traffic use cases.

I use R2 in two main ways in my applications. The first is frontend page caching: generated pages are saved to R2 and served directly from the edge, drastically reducing Worker load and improving response times. The second use is even more interesting: I developed a custom CDN that runs on Workers and handles on-the-fly image optimization.

Custom Image CDN

My custom CDN represents a concrete example of how Workers and R2 can work together. When an image is requested, the Worker checks if an optimized version already exists in the R2 bucket. If it doesn't exist, the image is retrieved from the original source, resized to requested dimensions, converted to a lighter format like WebP or AVIF, and saved to R2 for future requests.

This system offers the best of both worlds: lazy optimization that doesn't require pre-processing all images, permanent caching that avoids unnecessary reprocessing, and edge serving for minimal latency. Bandwidth savings and performance improvements are significant, especially for image-heavy sites.

DNS and Domain Management

All my domains are managed through Cloudflare DNS. Beyond propagation speed and reliability, this allows me to leverage advanced features like proxy records, Page Rules, and native integration with all other Cloudflare services. Centralized management greatly simplifies administration of multi-domain projects.

Turnstile: Frictionless Captcha

For bot protection I use Cloudflare Turnstile, the modern alternative to traditional CAPTCHAs. Unlike reCAPTCHA, Turnstile often requires no user interaction, verifying request legitimacy in the background. This significantly improves user experience while maintaining high protection against spam and automated abuse.

An Integrated Ecosystem

Cloudflare's true strength emerges from integration between its services. Workers reading from R2, Zero Trust protecting APIs, DNS orchestrating routing, Turnstile filtering malicious traffic: each component works in synergy with others, creating robust, performant, and secure infrastructure with surprisingly low management complexity.