It's challenging to comment on specific features I would want to see included in the next Cloudflare releases because I haven't investigated many existing features. I think many capabilities are already there. A feature I would appreciate is some kind of protection for modifying different types of entries. For example, protection against creating duplicated DMARC entries would be beneficial, along with setting permissions to restrict modification of DMARC or SPF records.

From a management perspective, this would be valuable because while DNS teams add records, in larger enterprises I've noticed that requests going through the ticketing system get implemented as requested, even when users don't always know how to do it properly. They submit unjustified and improper requests that get implemented because someone followed the ticket instructions. Eventually, things go sideways and require fixes when it would have been easier to prevent the issue initially.

There could be more courses with engineers. I like e-learning, however, having a specialist in a classroom is more comfortable for me.

For the free and Pro plans, they could use a simple bot to provide information to users. This would improve support, especially for less advanced users who utilize the free components.

It should be easier to collect the logs with companies like Sumo. However, based on my discussions with the salespeople, I understand that's how they make their money. With the enterprise product, they want people doing those kinds of enterprise features to do the logging. They want them to pay a lot of money, and that's where I have an issue with them. That should be a default. You should be able to get the log no matter what. The logging should be universal. 

I have not extensively worked with it, so I can't think of any improvements that are needed in the tool at the moment.

It is a foolproof solution. The support is great. I don't think that I can come up with any cons about the tool at the moment.

The integration of LLMs on the dashboard is something that is needed in the tool. What Cloudflare is doing internally is that it is stepping ahead in areas like detection and protection. The tool should integrate LLMs on the dashboards and assist you with policy creation.

Integration involving API with other products could be more user-friendly. Exploring it is interesting, and it would be helpful if those integrations were improved.

Cloudflare could be improved by introducing a mid-tier pricing option. While they have a free basic tier and an enterprise tier, a mid-priced option would be great for small projects. The number of rules in the web application firewall could also cater more to small projects.

We're facing challenges due to an upgrade in the machine learning model. The problem arises from some users abusing the APIs, resulting in an influx of suspicious traffic. Cloudflare's learning model mistakenly identifies this traffic as human. Consequently, it assigns it a higher trust score, akin to legitimate human traffic, causing complications in our architecture. Previously, such traffic would have been categorized as suspicious, enabling us to apply appropriate blocking rules. However, we encounter difficulties distinguishing between genuine and suspicious traffic with the new categorization. Despite these challenges, overall, Cloudflare remains the preferred solution compared to Azure, AWS CloudFront, and Google Cloud Armor.

Explaining the pricing structure can be quite intricate because they often segment it differently. For instance, when it comes to static content and content delivery, some providers, like Akamai, offer separate pricing for static and website content. This approach simplifies the pricing aspect.

On the other hand, Cloudflare's pricing is based on bandwidth, which makes it somewhat more complex. Additionally, the timing aspect can lead to it being considered overpriced. This is a particular concern we have with Cloudflare, as they may struggle with accurately detecting the client.

Insurance Industry Modeling. Today, most companies rely on an infrastructure foundation designed for general-purpose components that feature next-generation advancements in sector reproduction. This technology is rather familiar in deployment settings of code and technology law. It should confirm audit findings of the assigned area with auditees to ensure that the audit conclusions are based on an accurate understanding of the issues. 

It can improve the central time, performance, and SEO schema. 

Cloudflare performs well with static content. However, there are some performance considerations when it comes to dynamic content that involves fetching data from databases or using APIs.

We are not currently using Cloudflare for an e-commerce website. Still, if we were to add an e-commerce site on a platform with region-specific pricing and content, Cloudflare's service might need improvements in handling these dynamic requirements.

Cloudflare DNS is still a new tool in the market. I haven't come across any issues with the product. I did two designs with the help of Apigee and Cloudflare. I had done one design with the help of Apigee, while the other one was done with Cloudflare. In a lot of organizations, when it comes to the area of design, companies don't understand the broader perspective of what I try to do, how I try to do it or try to understand the right configuration needed. Areas like how assessment, discovery, and payload are dealt with and how it all comes into your organization can be considered when trying to make suggestions to Cloudflare for improvements. The improvements to be made in the tool can be based on your thought process instead of trying to bring up something that is over-prescribed or over-allocated by others, which won't make sense. Based on the functional requirements of every user of the tool, improvements need to be made to the product.

I think the solution is for users at the level of enterprise hosting. It is not meant for small or medium business users or sysadmins. The solution could be more user-friendly.

I would like to see Cloudflare take on more of the advocacy and lobbying role for internet security because they're the leaders in it.

Cloudflare's console should be made more user-friendly.

I would like Cloudflare to offer a dedicated account manager for large enterprise clients like us.

I'm not aware of any areas in need of improvement. There might be helpful if there was some web application firewall feature. That way, I wouldn't need a third-party solution like Radware.

At the moment, they are all mostly positive. There will most likely be enhancements in the future.

I believe they currently have this feature, but there will most likely be integration with APIs so we can control some features through API.

I have all of the features I need here. The one feature that is paid is the custom nameservers instead of using the default ones, I want to use a custom one. Otherwise, I'm already pleased with most of the features.

It would be helpful if the solution could continue evolving to compete with the other solutions on the market.

We are a product integrator and reseller, and we would like to have a better partner relationship, similar to a channel sales relationship.

Sometimes we are on our own or get diverted by Cloudflare because they have direct sales, which competes with us and makes it difficult to build a relationship with this company since we want to be an MSP or a managed service provider for the solution. 

They are creating every week now and developing new products. They are on the right track.

I wouldn't say I want to add anything just yet. While I am attempting to become an MSP, I would like to have access to my clients who are using the product.

An MSP is essentially a corporation that resells a product and wants to provide support and first-level service to its consumers.

Access to the solution's dashboards is not intended for a service company. You are practically blind, and to validate a problem, you must view the customer's screen.

It's not like other systems where you can go into the back dashboard and see what the consumer sees and then alleviate the problem.

To provide help, you must first discover how to gain access to the information.

It is inconvenient.

According to what I hear, they are working on it and will get there gradually.

Cloudflare should add more documentation and pricing to the cloud version.

 Cloudflare doesn't have a reverse lookup. We can only do a DNS lookup to get the IP address from the hostname. It doesn't work if you want to look up the hostname from an IPA address. 

The analytics, basically the dashboard, doesn't have much to it. They need to launch or see something better. So, it's on the relative side.

It would be good if Cloudflare could have more servers for better traffic routing or an increase in the traffic routed. This is what I'd like to improve in Cloudflare.

In the next release of Cloudflare, it would be good if it could give more information about applications, particularly which ones still need improvement.

The pricing could be improved.

The tool needs to improve caching of servers. The product needs to include PFX certificate as well. 

I couldn't think of buying it since I am from Tunisia. We have really strict limitations to buying internationally. So our bank cards are available only in Tunisia. When you own a company, the bank allows you to buy things from outside of Tunisia. Even if I wanted to, I wouldn't be able to buy Cloudflare in my country. The aforementioned details can be considered for improvement.

We have noticed multiple instances where Cloudflare falsely indicates that our servers are down, even when there is no actual load on them. This makes it challenging for us to identify the exact issue. 

Another drawback we've experienced is with IP masking. When our website is accessed through a VPN, the access logs record Cloudflare IPs, which makes it difficult to determine which IPs are impacting the website's load. These are the major challenges we face.

In future releases, one thing that would be great is if Cloudflare could provide basic WAF rules and security recommendations based on website scanning. You could submit your website, and it would generate a list of security measures that should be implemented for your website and other web applications. That would be highly valuable.

Cloudflare's free plan is limited to 5,000 records for their free plan. They should increase that. For example, if I create a domain called abc.com and a subdomain called a.abc.com, my record count will be two. I can make a maximum of 5,000 subdomains. However, if we use our own DNS hosted on another provider, there is no limit. Their free plan also lacks name server customization. 

Cloudflare does not have an on-premise solution. If they had different approaches they could be better suited to accommodate more customers, such as on-premise and hybrid deployments. For example, hybrid deployments would be useful where you could move the traffic from the enterprise to the cloud.

The solution should expand its learning portal for partners to include a few demo accounts for learning the product and developing knowledge or technical expertise. 

Support response time could be improved. 

Cloudflare could offer a better view or maybe dashboards of the main resources used in the client.

For example, it could be possible to create dashboards and reports of the main accesses allowed or blocked by the web application firewall. It would also be nice to bring information on the client's screen about the status of the services according to the hosted region.

Of the services that I use, this is the part that I miss. Other services are in agreement and serving me perfectly as they should be.

An integrated SSO would be nice, as well as the ability to integrate with the on-site active directory instead of just AD through Azure AD.

The product needs to improve its automation. 

In the last two years, there has been a certain amount of downtime when using the VDM. Compared to other vendors and Cloudflare, there will be more downtime. We encountered this issue last year, and there have been a few occasions when Cloudflare was not accessible in certain regions, not all global regions or speed regions, but the website went down and it took Cloudflare a long time to restore the service.

The documentation could improve for Cloudflare DNS.

I think they have failed with their technical support. I feel I would have gotten to a solution faster, quicker, and more efficiently if they would have been there to just answer a couple of questions. I had to read so much documentation to validate what I was about to do versus what I had already known I could do. They almost lost me as a customer and it was only because I had a bit of time and the gumption, the drive to keep going. I'm glad I did, but I'm not happy with the road. It was bumpy.

Latencies are always a problem.

Also, one thing I would say is you have to maintain DNS through their services. I don't know if that's a requirement or not.

Latencies are the key issue. If you are not caching and just using DDoS then definitely, there are some latencies added to the traffic.

It would be ideal if the product had some sort of live tracking functionality available to us.

The solution could work at being less expensive. It costs a lot to use it.

There are some issues with the CDN services.

Also, the connection could be improved.

The product is already being developed out quite well. I don't see any room for improvement in terms of features.

The solution could use more analytics on the backend to give us more insights into everything. More reports would be helpful.

If they could offer more filters, that would be very useful for our organization.

There should be a specific price list for enterprise-level customers.

Another problem with this product, as a reseller, is that your customer needs to give you access to all of the features before you can help them. This is different than with other vendors, where you have insight into the customer's contract. Unless the customer gives me access to their dashboard, I am totally blind and cannot really support them. The problem is that it makes it difficult to give them support. There should at least be a read-only view of the data so that resellers can properly support the clients.

Essentially, the dashboard is not well set up for resellers. Resellers need to have a dashboard view of all of their accounts.

It should have easier documentation for the configuration. It's very technical and people who aren't technical should also be able to do the configuration. 

The product support needs to be accessible from more places, a wider area of coverage. For example, there is no support in Taiwan.

This is a very minor thing since I can't think of many ways for them to improve: It looks like they don't support as many TLDs as other registrars, but since they are very new as a registrar, I expect this may improve soon. For example, there are many TLDs in this list, but /co is missing: https://www.cloudflare.com/tld...

Cloudflare is one service that has been absent of any frustration when setting up or using. Perhaps I would ask that they improve the Free plan and allow us to use it with any TLD (certain ones are not allowed).

Sometimes their more advanced caching tools can cause higher first-byte times and problems with JavaScript.

They also lack a good way to manage DNS as a company, since everything is relegated to single account logins until you get to the higher levels. They have come out with a paid feature to remedy this, but I have not had a chance to fully review it yet to know if it fixes the access problem.

I will say, in the years I have used Cloudflare, one thing I love is the constant improvements and developments being made.

One area of improvement is in the Access Rules. Hypothetically, if we wanted to block or challenge traffic outside of the United States, the only way to currently do that (as far as I know) is to enter every single country outside of the United States. That could be a labor intensive job. A solution could be to enable users to create a rule where traffic is only allowed within a certain country.

I think the APIs are a little bit hard for us to work with. The APIs could be more open so that we could integrate better with our SolarWinds or our monitoring solution.

Also, the reporting can definitely be improved to offer a lot more explanation on something that may have happened or has actually happened.

Several features that I think is essential is not available in the free and business package. One of them is multi users. Multi users and multi API key is important for organizations in any size.

• We need templates and profiles badly for the whole setup and multi-user support with rights management.
• They need to fix their extensions and integrations faster.
• They need to add more sub-level API keys.

The Always Online feature has room for improvement. It seems to work sometimes and not others even with the pro version.

The feature shows a cached version of your live site if your host is offline. When your site is offline CloudFlare shows this:

For DDoS protection and website downtime, it would be nice to have a feature to provide email/SMS alerts that can be implemented like Pingdom and other solutions.

I think it would be more helpful to have either user-submitted or Cloudflare-produced documentation, samples, or examples of situations. We had to do a lot of digging and back-and-forth with technical support for specific use cases, and it might be helpful to have more screencasts or screenshots for common situations.

In that sense, it's marketing that could use some improvement. It is hard to call your own product a "necessity", but I truly believe that it, or something like it, is a necessity. Without it, you are risking higher costs, more spam, more failures, and less satisfied customers. They need to convince non-technical people why it's so awesome.

CloudFlare solves a lot of problems that many non-technical people don't even know exist. In addition to the obvious ones, like SSL security, spam protection, edge caching across a CDN, you have an easy way for clients to point their domains and DNS management over to CloudFlare.

Here are some scenarios:

• Let's say, down the road, you need to add an email service like Mailgun. You don't need to ask the client to add weird sounding DNS records. You can just add them in CloudFlare. This alone saves hours, if not days, of needless client communication.
• Let's say you need to point to a different server instance and you need to guarantee that the new instance's content is live at exactly 7:57 a.m. EST. Just point CloudFlare to the new instance and clear its cache at that time.
• Let’s say you need to create a stage environment.  You can add the DNS record and point that to wherever you'd like.
• I have found that clients prefer to own their own domain names, and give developers full server access. With CloudFlare, you can do just that while maintaining access to the domain's DNS records to be better able to do your job.

Another reason it's awesome is that you don't need your server to handle every request. Most of the traffic is to static resources and will be served by CloudFlare. This provides incredible peace of mind for higher traffic sites.

If your site has almost no static content, and is configured to auto-scale server instances based on demand, CloudFlare is still a relief because you will know that you are not paying for bad traffic.

Without CloudFlare, if some bot decides to send spam requests every day to your site, you'd likely pay for that traffic in one way or another.

CloudFlare is an innovative company and certainly the thought leaders in their industry. They're constantly improving their product, releasing new features, partnering with various service providers to offer add-ons. Personally, I think they're ahead of the competition and keep it that way by improving faster than the competition too.

However, what I still fail to understand is that why aren't they offering domains themselves. I'd love to buy the domain name directly from them rather than buying it from other registrars and then connecting them through CloudFlare.

With CDN loads, sometimes we get an error that the host server is unavailable when the connection between CloudFlare and the server timed out. But now, we get the always online page, so the customer hardly notices a problem.

None that I can think of at this point. Their enterprise-level DDoS mitigation plans are costly but they are cost effective compared to any on-premises/distributed solutions that can go upwards of high six figures to implement. If a company like Sony can be taken offline for a week due to an attack, then there is not much that can be done by midsized/startups to prevent these attacks. For these companies, CloudFlare is ideal.

There are some features missing or might not be visible to me as I am using its free website plan. These features are:

• CloudFlare doesn't provide the cache flush history. I.e., I am not able to find out the URL information of those I have recently flushed. It makes me uncomfortable when I work in a multiple-author environment and they all have cache-flushing rights.
• It doesn't support a wildcard (*) as some of its competitors support; for example, Amazon CloudFront supports (*) annotation for flushing the complete content tree.
• CloudFlare also does not have any API as some of its rivals provide, such as Amazon CloudFront.

I would like to not need a separate server for non-www redirection under the CNAME setup option. With Incapsula, they simply tell me to point the non-www records to the servers they tell me and they take care of the non-www redirection. In CloudFlare's case, I need to get an external server, set up the redirection there using Apache or NGINX and put my own SSL certificates there.

I have found CloudFlare's support to be unresponsive at times, and not very helpful with providing technical details for issues that we have reported over the years.

The only thing that I think about is that CloudFlare supercharges your website, as your dedicated IP is covered behind their server. Then, if you are a target of a network attack, they will handle the traffic, and the load, then mitigate the attack. However, depending on how your network system is built if, by any chance, your main IP address is seen by attackers they can easily bypass Cloudflare and directly target your server. In that case, you need to add extra filtering directly onto your dedicated server to avoid breaches out of CloudFlare cover, or add extra anti-DDOS solutions directly onto your dedicated server.

Their CDN features, although good, still lack in speed in comparison to their competitors (e.g. Incapsula, MaxCDN, etc.).

More insight into analytics and threats would be a good place to start improving cloudflare. Also less 501 and 504 errors would be good too.

The reporting of this solution could be improved.