The other takeaway is AWS documentation is kind of dodgy for some services. But basically everyone knows that already.
I've migrated from CloudFront+AWS WAF to just CloudFlare given Cloudflare's superior (100x better) WAF/Firewall/DDOS protection at a lower cost
Yes I don't think the capitalization has too much impact.
> Yes I don't think the capitalization has too much impact.
You missed a comma.
Additionally CF ofers a good set of system managed WAF rules that you can simply active and CF will manage it for you.
With AWS you're basically on your own. More or less is a bare bones WAF tool.
> 2.8 Limitation on Serving Non-HTML Content The Services are offered primarily as a platform to cache and serve web pages and websites. Unless explicitly included as part of a Paid Service purchased by you, you agree to use the Services solely for the purpose of (i) serving web pages as viewed through a web browser or other functionally equivalent applications, including rendering Hypertext Markup Language (HTML) or other functional equivalents, and (ii) serving web APIs subject to the restrictions set forth in this Section 2.8. Use of the Services for serving video or a disproportionate percentage of pictures, audio files, or other non-HTML content is prohibited, unless purchased separately as part of a Paid Service or expressly allowed under our Supplemental Terms for a specific Service. If we determine you have breached this Section 2.8, we may immediately suspend or restrict your use of the Services, or limit End User access to certain of your resources through the Services.
https://news.ycombinator.com/item?id=29339642 / https://news.ycombinator.com/item?id=24699175
You can also create "page rules" using wildcards to cache dynamic URLs. Eg: /api/*
Another option is to use Workers to fetch from origin and interact with the cache with more control.
If you have 1 origin region/server and globally distributed users, in the data shown the RTT from Sydney could be 1000ms, so TLS negotiation of 3 roundtrips could be 3000ms. If you terminate TLS at the edge that could be order of magnitude less.. not more? depends on your setup though.
- You can't serve all kinds of traffic with Cloudflare self-serve plans. Including some of the ones that tend to use the most bandwidth.
- According to the CloudFlare self-serve plan TOS, IIRC, if you start being a too-heavy user on the those plans CloudFlare can (and, I've heard, will) tell you to upgrade to an enterprise plan. Last I checked (this part's personal experience) they're not super interested in serving enterprise customers very far under a minimum $5k/month level, so there's a huge gap there in which other services are a much, much better value.
(The article discusses Argo smart routing, but in my experience Argo tiered caching has lead to the same kind of performance gains this article talks about).
And even then, the web API thing is subject to the rest of the restrictions in that same section ("serving web APIs subject to the restrictions set forth in this Section 2.8") so "serving video or a disproportionate percentage of pictures, audio files, or other non-HTML content is prohibited" (emphasis mine) meaning that if too much of your traffic is JSON or protobufs or what have you, they could send you a nastygram or simply cut you off, though they might choose not to.
Personally, I'd not rely on Cloudflare's free or $20 plans past MVP/experimentation or hobbyist use, precisely because the terms are restrictive and vague. Too risky. Then again, what can you expect for nothing-to-peanuts prices?
They used to: CloudFlare becomes Cloudflare (2016), https://archive.is/v1C1H
But I guess nobody's really pushing traffic so nobody cares about $/GB.
Their pricing's insane in a world where you can get prices not too far from that wholesale rate for CDN service (which is a whole different beast from having one or two colo'd servers).
And anyway, nobody pushing serious bits is paying public rates, anywhere. Those discounts can be huge. In fact I wouldn't be surprised if part of the reason cloud providers have such high rates is so they can give their counterparts an easy, very impressive-looking "win" in negotiations.
This applies to all "enterprise software" too, btw. We've had quotes from vendors that started at 50% off list price, and then negotiated down further from there. It's pretty ridiculous.
What Kiwifarms or The Daily Stormer hosted was sufficiently odious (in my view at least), it is disingenuous to suggest that the content is at the same level as what Amazon took action against.
For Parler, the Jan 6 Committee would have inundated Amazon with subpoenas for internal documents and demanded testimony from executives. It's understandable why Parler was deplatformed so many times: because nobody likes government scrutiny. The risk is clearly greater than the reward.
I'm not saying that this was the right decision for society, but I understand where they're coming from, and these companies should be transparent about their motivations.