Moz Q&A is closed.
After more than 13 years, and tens of thousands of questions, Moz Q&A closed on 12th December 2024. Whilst we’re not completely removing the content - many posts will still be possible to view - we have locked both new posts and new replies. More details here.
Is CloudFlare bad for SEO?
-
I have been hit by DDoS attacks lately...not on a huge scale, but probably done by some "script kiddies" or competitors of mine.
Still, I need to take some action in order to protect my server and my site against all of this spam traffic that is being sent to it. In the process of researching the tools available for defending a website from a DDoS attack, I came across the service offered by CloudFlare.com.
According to the CloudFlare website, they protect your site against a DDoS attack by showing users/visitors they find suspicious an interstitial that asks them if they are a real user or a bot...this interstitial contains a Captcha that suspicious users are asked to enter in order to visit the site.
I'm just wondering what kind of an effect such an interstitial could have on my Google rankings...I can imagine that such a thing could add to increased click-backs to the SERPs and, if Google detects this, to lower rankings.
Has anyone had experience with the DDoS protection services offered by CloudFlare, who can say a word or two regarding any effects this may have on SEO?
Thanks
-
i know this is a old thread and i see where people says cloudflare dont have a bad effect but i need someone to tell me more about it because am scare loosing all my hardwork on my Music niche
- topic:timeago_earlier,3 years
-
Wanna know if cloudflare depends on some country and unavailable in some countries? thinking of using this as well on my subscene page
- topic:timeago_earlier,10 months
-
it should not negatively impact your ranking in any way shape or form. If you are seeing the speed increase from it it will most likely be a positive effect on your rankings. Google no longer uses IP's so it's fine. to have a reverse proxy in front like CloudFlare. you like it and you think it's fine to help move site, by all means, try it out.
It will only have a negative impact on your rankings if you do something that's almost impossible in block Google Bot with your firewall which is not going to happen unless you really start getting technical with the WAF, in other words, don't worry about it
sincerely,
Tom
- topic:timeago_earlier,about a month
-
Seriously I wanted to go for cloudflare too on my music blog because they make site super fast but I'm scared to loose my ranking
Should I or not
- topic:timeago_earlier,12 months
-
I agree that they are much better than they where I’m still using Incapsula & Fastly.
I use CloudFlare Enterprise for China.
Glad to hear you’re doing well!
Tom
-
We have hundreds of sites managed through Cloudflare. So far the good far outweighs the bad, although I am beginning to suspect bad neighbors could certainly negatively influence ranking. We have a few comparisons ongoing. We will know for sure in the coming months. I only wish Cloudflare would take a higher stance about which sites it is willing to get in bed with.
Here https://sarkariresultsite.com/ is the our new website which is managed by Cloudflare.
- topic:timeago_earlier,3 years
-
With CloudFlare the challenge page you refer to is dependent on your security questions. My knowledge of DDos mitigation is not great, but what I do is have the CloudFlare security settings on Low. If I was to come under attack, I would react and put the security settings on high for the duration.
If the DDos is bad, than you may need the expensive plan that has specialist DDos protection.
today i transfer my site https://sarkariresultsite.in on cloud flare with cloudflare flexible SSL
- topic:timeago_earlier,3 years
-
Generally speaking, CAPTCHA based DDoS protection is not advised as it will drive away clients and DDoS bots alike.
Same goes for delay pages.Also, DDoS attacks are swift and can bring site/server down in minutes so the manual approach is risky and probably less effective than it sounds on paper. Even if you are always near your PC, like many of us here are, you`ll still be exposed on weekends, nighttime, launch breaks, etc... Hackers know that and will exploit it. (favorite attack time - VERY EARLY Sunday mornings... )
You should also consider that DDoS can serve as a means to an end. It's often used to "soften" the protective layer to hack the database, inject the site with backdoors, deface or delete it and so on and so forth.
What you really need is a combination of auto-triggering and transparent mitigation, which shies away from intrusive mitigation methods in favor of more subtle progressive challenges (i.e. JS challenge combined with reputation and behavior monitoring).
This may sound fancy but it really this is the emerging industry standard and growing competition between vendors actually drives costs down. -
With CloudFlare the challenge page you refer to is dependent on your security questions. My knowledge of DDos mitigation is not great, but what I do is have the CloudFlare security settings on Low. If I was to come under attack, I would react and put the security settings on high for the duration.
If the DDos is bad, then you may need the expensive plan that has specialist DDos protection.
-
Hi
SEO wise, there are many things to consider before on-boarding a CDN service and bot filtering is one of them.
I've covered the topic in 2 blogs posts about a year ago:1. CDN's SEO related advantages 2. CDN's SEO related myths (and possible issues to consider)
PS: I work for CDN-based security and acceleration service provider - Incapsula.
-
Hi
http://www.neustar.biz/enterprise/ddos-protection
https://www.verisigninc.com/en_US/forms/ddosattackservice.xhtml
http://www.incapsula.com/ddos/anti-ddos-protection
What can happen
If you want a true built for enterprise host that actually has a perfect record and will care more than any other that I know of about security, up time and would you benefit yes you would fire host is the best they offer built-in DoS/DDoS mitigation
2 answer your question about cloud flair I do not feel adding them will give you the same advantages as a enterprise level hosting company.
For instance I believe fire host to be the best let's say you think liquid Web managed dedicated with layer 7 DDoS protection is better.
Well that's up to you and me to make our decisions. Based on past history and our own opinions of the companies.
If you where to add CloudFlare
you would receive CloudFlare layer 7 DDoS protection only once you started paying $200 a month of free cloud for a service is not a system that will protect you against an attack
http://www.cloudflare.com/features-security
There content delivery network as they call it is simply a reverse proxy it's not what other people would call a true CDN once again the issues would be a large with the base plan http://www.cloudflare.com/features-cdn
Your so-called anti-cast DNS CloudFlare says is standard changes your IP address by definition any cast and DNS does not change your IP. There are some methods two get around this but it's not simple.
A $200 a month "CloudFlare Railgun
origin network optimizer"http://www.cloudflare.com/railgun
Will do the same thing as any high end content delivery network as far as fixing the front end code edge cast will do that as will NetDNA, Akamai, numerous others so may I can't list them all.
Information on Akamai stopping attacks
The unique thing is edge cast is very fast so is Akamai you can purchase a Akamai CDN from liquid Web for $120 a month with a terabyte of bandwidth that's a lot.
It will do more than the CloudFlare Railgun including help stop DDoS attacks it will do it faster and if were to spend the money on a liquid Web VPS with DDoS you would be at about $175 a month or you could start off on the base package with fire host and that would cost you $200 a month however for a month $250 you can you can add edge casts outstanding content delivery network
I have accounts with liquid Web and fire host I use fire host primarily and really do not do much with liquid Web however both of them are better than CloudFlare in terms of protection and in terms of speed.
http://www.thewhir.com/web-hosting-news/cn-domain-service-restored-following-massive-ddos-attack
I of course have tried to use CloudFlare and found it worthless to me.
My main point is for $200 a month you can get a much faster and safer setup.
The other thing to remember when CloudFlare said it blocked a 300 GB attack that is considered fictitious and debatable by many in the
industry myself included. I don't think switches that At 10 Gb can do that when there's only two pointing at it
Here is a link from cloud flair talking about how good of a job they did saving the Internet and stopping the biggest attack ever. They did not succeed in keeping Spamhaus online so they did not stop the attack in my opinion.
http://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet
"On Monday, March 18, 2013 Spamhaus contacted CloudFlare regarding an attack they were seeing against their website spamhaus.org. They signed up for CloudFlare and we quickly mitigated the attack." & said there was "more then than 300Gbps of attack traffic"
The other big difference between CF and everyone else is they utilize there any cast network to accept the attack this slows down any one on that network instantly as it did when "the attack that almost broke the Internet happened"
Instead of moving the traffic to a private cloud and dealing with it so it would not affect others using their service they basically did not have any regard for their users at that time.
"The attackers were quiet for a day. Then, on March 22 at 18:00 UTC, the attack resumed, peaking at 120Gbps of traffic hitting our network. As we discussed in the previous blog post, CloudFlare uses Anycast technology which spreads the load of a distributed attack across all our data centers. This allowed us to mitigate the attack without it affecting Spamhaus or any of our other customers. The attackers ceased their attack against the Spamhaus website four hours after it started."
CloudFlare actually spread the attack on to their own customers this is something that harmed everyone using their service that day for I believe five days total.
http://www.theregister.co.uk/Print/2013/03/28/spamhaus_mega_ddos_little_collateral_damage/
http://www.webhostingtalk.com/showthread.php?t=1065748
Nearly half of DDoS attacks in the first half of 2013 are now larger than 1Gbps, up from 13.5 percent in 2012,
http://www.thewhir.com/web-hosting-news/prolexic-stops-massive-dns-reflection-attack
largest DNS reflection attack ever recorded,” which peaked at 167Gbps.
If this is now the largest what was the 300gbps?
It is not bad for SEO in itself however using a CAPTCHA page if it thinks your visitors is a attack or bot is very bad & happens allot I know changing your IP address can cause some issues. What I'm getting at is if you want the type of protection you were talking about there are much better methods of going about getting it.
Try them out see what you think you can really only learn more about it.
I hope this helps you,
Thomas
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Revolution Sliders - Still considered bad for SEO in 2018?
Hi guys, I have a question about revolution sliders. Are they generally speaking still technically considered to be bad for SEO? I've done some research on this topic however most of the information I can find dates back to around 2009-2012, when sliders were mostly java and flash based. It seems that back then they were considered to be bad for SEO. Is this still the case? We use revolution sliders because it's easy for us to overlay text and because it scales to mobile automatically. It also allows us to put alt texts and image titles in there - we don't use them for the purpose of sliding images. Would there be any technical reason why a slider would be considered bad for SEO?
Intermediate & Advanced SEO | Mar 7, 2018, 4:21 AM | rswhtn0 -
Default Wordpress 301 Redirects of JS and CSS files. Bad for SEO & How to Fix?
Hi there: We are developers with some digital marketing expertise, but a current issue has us perplexed. An outside SEO firm has asked us to clean up a large number of 301 redirects. Most of these are 'default' Wordpress behavior that relate to calling the latest version of a JS or CSS file. For instance, a JS file is called with this: https://websitexyz.com/wp-includes/js/wp-embed.min.js?ver=4.9.1 but ultimately redirects to this: https://websitexyz.com/wp-includes/js/wp-embed.min.js. We are being asked to prevent the redirect from happening by, presumably, calling the ultimate file to begin with. The issue is that, as far as we know, there's no easy way to alter WP behavior to call the ultimate file to begin with. Does anyone have any thoughts on this? Thanks.
Intermediate & Advanced SEO | Jan 5, 2018, 1:33 PM | Daaveey0 -
Are these URL hashtags an SEO issue?
Hi guys - I'm looking at a website which uses hashtags to reveal the relevant content So there's page intro text which stays the same... then you can click a button and the text below that changes So this is www.blablabla.com/packages is the main page - and www.blablabla.com/packages#firstpackage reveals first package text on this page - www.blablabla.com/packages#secondpackage reveals second package text on this same page - and so on. What's the best way to deal with this? My understanding is the URLs after # will not be indexed very easily/atall by Google - what is best practice in this situation?
Intermediate & Advanced SEO | Apr 30, 2015, 12:26 PM | McTaggart0 -
Quick Question: Is it Bad for SEO to paste from Word to your CMS?
Hey just a quick question I'm having trouble finding a definitive answer to: Is the markup that is transferred from Word docs bad for SEO? We are managing to paste it and it looks fine, but the developers are worried that the extra code will be bad for SEO. Does anyone have solution besides pasting into Text Editor and formatting in the CMS? Is this necessary or can we just leave the extra code? Thank you!
Intermediate & Advanced SEO | Sep 4, 2014, 7:41 PM | keL.A.xT.o0 -
How does badly formatted HTML affect SEO?
Our website uses a custom built CMS, but uses a fairly standard WYSIWYG text editor. I've looked at some of the code it produces, and it's not pretty. My gut feeling tells me that this extra bloat is bad for SEO. Am I right in thinking that Google doesn't look kindly upon badly formatted and bloated HTML? Thanks,
Intermediate & Advanced SEO | Sep 20, 2012, 9:09 AM | OptiBacUK
James0 -
Are dropdown menus bad for SEO
I have an ecommerce shop here: http://m00.biz/UHuGGC I've added a submenu for each major category and subcategory of items for sale. There are over 60 categories on that submenu. I've heard that loading this (and the number of links) before the content is very bad for SEO. Some will place the menu below the content and use absolute positioning to put the menu where it currently is now. It's a bit ridiculous in doing things backwards and wondering if search engines really don't understand. So the question is twofold: (1) Are the links better in a bottom loading sidemenu where they are now? (2) Given the number of links (about 80 in total with all categories and subcategories), is it bad to have the sidemenu show the subcategories which, in this instance, are somewhat important? Should I just go for the drilldown, e.g. show only categories and then show subcategories after? Truth is that users probably would prefer the dropdown with all the categories and second level subcategories, despite the link number and placement.
Intermediate & Advanced SEO | Mar 19, 2012, 10:27 AM | attorney1 -
Link Age as SEO factor?
Hi Guys
Intermediate & Advanced SEO | Jun 23, 2011, 4:27 PM | VividLime
I have a client who ranks well within a competitive sector of the travel industry. They are planning CMS move which will involve changing from .cfm to .aspx We will be doing the standard redirects etc However Matt's statement here on 301 redirects got me thinking
http://www.youtube.com/watch?v=zW5UL3lzBOA&t=0m24s He says that basically you loose a bit of page rank when you do a 301 redirect. Now, we will be potentially redirecting 1000s of links and my thinking is 'a lot of a little, adds up to a lot' In other words, 1000s of redirects may have a big enough impact to loose some rankings in a very competitive and aggressive space. So recommended that we contact the sites who has the link highest value and ask them to manually change the links from cfm to aspx. This will then mean that there are no loss value as with a 301 redirect. -But now I have another dilemma which I'm unsure about. So the main question:
Is link age factor in rankings ? If I update any links, this will make said link new to Google, so if link age is a factor, would this also lessen the value passed initially?0 -
SEO from Godaddy How Good is it?
http://www.godaddy.com/search-engine/seo-services.aspx?ci=44163 it said "Includes Standard Search Engine Visibility to Improve Search Rankings" it begs for question... Search Engine Visibility??? Improve SERP?!?!!? is it really that good? O.o; or have i successfully been eaten my promotional messages? Can anyone with experience with them share some information with me ? 🙂 (The price tag is mighty interesting)
Intermediate & Advanced SEO | Jun 20, 2011, 9:23 AM | IKT0