The Short Answer
Cloudflare protects and accelerates any website online. Once your website is a part of the Cloudflare community, its web traffic is routed through our intelligent global network. We automatically optimize the delivery of your web pages so your visitors get the fastest page load times and best performance. We also block threats and limit abusive bots and crawlers from wasting your bandwidth and server resources. The result: Cloudflare-powered websites see a significant improvement in performance and a decrease in spam and other attacks.
Cloudflare's system gets faster and smarter as our community of users grows larger. We have designed the system to scale with our goal in mind: helping power and protect the entire Internet.
Cloudflare can be used by anyone with a website and their own domain, regardless of your choice in platform. From start to finish, setup takes most website owners less than 5 minutes. Adding your website requires only a simple change to your domain's DNS settings. There is no hardware or software to install or maintain and you do not need to change any of your site's existing code. If you are ever unhappy you can turn Cloudflare off as easily as you turned it on. Our core service is free and we offer enhanced services for websites who need extra features like real time reporting or SSL.
The Long Answer
Cloudflare is designed to accelerate and secure any website. Our system works somewhat like a Content Delivery Network (CDN), but is designed to be much easier to setup and configure.
To explain how the system works, imagine you have a website (allen.com) and it's running a web server with the IP address of 22.214.171.124. Before Cloudflare, if someone typed your website's domain (allen.com) into their browser, the first thing that visitor's computer would do is send a query to the DNS system and get back your web server's IP address (126.96.36.199).
In order to make Cloudflare easy to set up, we take advantage of how this basic function of the Internet works. Rather than having you add hardware, install software, or change your code, we have you designate two Cloudflare nameservers as the authoritative nameservers for your domain (e.g., bob.ns.cloudflare.com and sara.ns.cloudflare.com). You make this change with the registrar from which you bought your domain (e.g., GoDaddy, Network Solutions, Register.com, etc.).
Designating Cloudflare as your authoritative nameservers doesn't change anything about your website. Your registrar remains your registrar, your hosting provider remains your hosting provider, and so on. However, because we are your authoritative nameserver, we can begin cleaning and accelerating your web traffic.
To make this happen, we use a network technology called Anycast to route initial DNS lookups for your domain to the Cloudflare data center closest to the visitor. The data center that receives the request returns an answer in the form of a Cloudflare IP address (e.g. 188.8.131.52) instead of your web server’s IP address, which directs all the visitor’s subsequent requests to the best Cloudflare data center for them.
After a visitor's browser has done the initial DNS lookup, it begins making requests to retrieve the actual content of a website. These requests are directed to the IP address that was returned from the DNS lookup. Before Cloudflare, that address would have been 184.108.40.206. With Cloudflare as the authoritative nameserver, the new address is 220.127.116.11. Cloudflare’s data center at 18.104.22.168 will serve as much of your website as it can from its local storage, and ask your web server at 22.214.171.124 for any part of your website it doesn’t already have stored locally. The Cloudflare data center at 126.96.36.199 will then provide your complete website to the visitor, so the visitor never talks directly to your web server at 188.8.131.52.
Because Cloudflare has a very large number of data centers, we often have access to a faster route from our data center back to your web server than would be available to a visitor directly requesting your site. This means that even with Cloudflare between your website and your visitor, traffic will often still arrive to your visitor sooner.
Even before serving your site, the Cloudflare data center will scan to see if the visitor appears to be a threat based a number of characteristics including the visitor's IP address, what resource they are requesting, what payload they are posting, and how frequently they're making requests. The combination of these systems means that we can protect sites from malicious visitors by stopping them before they even get to your web server.
By storing your website on local data centers and blocking malicious visitors, Cloudflare can reduce your bandwidth usage by over 60% and reduce the number of requests to your website by 65%. By serving content from a data center close to the visitor and performing some extra web content optimization in that data center, we can cut in half the average page load time.
Read more about Cloudflare at our blog.