← Back to context

Comment by shwouchk

1 year ago

how would they know what to cache? the response headers from the server are encrypted. there is maybe the high end l3 protection available if you have the resources. the free tier has caching bundled.

Also, how would their certificates work if they don’t see content?

9 comments

shwouchk

Reply
Dylan16807  1 year ago

> how would they know what to cache?

That's a weird question to ask to someone that went out of their way to describe a non-caching situation.

> Also, how would their certificates work if they don’t see content?

Can you be more specific? I'm not sure which feature you're asking about or how it uses certificates.

But the answer is likely "that feature isn't necessary to provide DDOS protection".

  • shwouchk  1 year ago

    Sorry, they did not go much out of their way, to simply claim “solutions exist”. Sure, you could invent other ways of protecting your traffic but what CF offers in the free tier always includes SSL termination with their own certificates (if you enable ssl), and always includes caching.

    • Dylan16807  1 year ago

      > invent other ways

      Just turning off some features gets them just about there. It wouldn't take rearchitecting things. Those features being bundled by default means very little for the difficulty.

      6 replies →