[Fundamentals] Revised how CF works #19997
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Preview URL: https://625c52dd.preview.developers.cloudflare.com Files with changes (up to 15) |
Oxyjun
approved these changes
Feb 14, 2025
abstergail
reviewed
Feb 18, 2025
| @@ -1,61 +1,46 @@ | |||
| --- | |||
| pcx_content_type: concept | |||
| title: How Cloudflare works | |||
| title: How Application Security works | |||
There was a problem hiding this comment.
Suggested change
| title: How Application Security works | |
| title: How Cloudflare CDN works |
| sidebar: | ||
| order: 2 | ||
|
|
||
| --- | ||
|
|
||
| import { GlossaryTooltip } from "~/components" | ||
|
|
||
| The [Cloudflare global network](https://www.cloudflare.com/network/) can improve the security, performance, reliability, and privacy of anything connected to the Internet, such as your website, SaaS application, or corporate network. | ||
| To optimize your website or web application, Cloudflare acts as a [DNS provider](https://www.cloudflare.com/learning/dns/what-is-dns/) for your domain and a [reverse proxy](https://www.cloudflare.com/learning/cdn/glossary/reverse-proxy/) for your web traffic. |
There was a problem hiding this comment.
Suggested change
| To optimize your website or web application, Cloudflare acts as a [DNS provider](https://www.cloudflare.com/learning/dns/what-is-dns/) for your domain and a [reverse proxy](https://www.cloudflare.com/learning/cdn/glossary/reverse-proxy/) for your web traffic. | |
| To optimize your website or web application, Cloudflare acts as a [CDN](https://www.cloudflare.com/learning/cdn/what-is-a-cdn/) and [DNS provider](https://www.cloudflare.com/learning/dns/what-is-dns/) for your domain and a [reverse proxy](https://www.cloudflare.com/learning/cdn/glossary/reverse-proxy/) for your web traffic. |
|
|
||
| ### How Cloudflare works as a DNS provider | ||
| The Domain Name System (DNS) provider is like the phonebook of the Internet and tells your browser where a website's content lives. Each domain name–such as cloudflare.com–is mapped to an Internet Protocol (IP) address; the IP address is a numerical label assigned to a website that looks like `103.21.244.0`, for example. |
There was a problem hiding this comment.
Suggested change
| The Domain Name System (DNS) provider is like the phonebook of the Internet and tells your browser where a website's content lives. Each domain name–such as cloudflare.com–is mapped to an Internet Protocol (IP) address; the IP address is a numerical label assigned to a website that looks like `103.21.244.0`, for example. | |
| The Domain Name System (DNS) is like the phonebook of the Internet and tells your browser where a website's content lives. Each domain name–such as cloudflare.com–is mapped to an Internet Protocol (IP) address; the IP address is a numerical label assigned to a website that looks like `103.21.244.0`, for example. |
|
|
||
| When Cloudflare receives a DNS query for your domain, our response is determined by the configuration [set in your DNS table](/dns/manage-dns-records/how-to/create-dns-records/), including the value of the record, the record's [proxy eligibility](/dns/proxy-status/limitations/#proxy-eligibility), and its [proxy status](/dns/proxy-status/). | ||
| After you add a site to Cloudflare under a full DNS setup, Cloudflare becomes the primary authoritative DNS provider for your domain. As the authoritative DNS provider, Cloudflare responds to DNS queries for your domain, and you manage your domain's DNS records via the Cloudflare dashboard or API. |
There was a problem hiding this comment.
Suggested change
| After you add a site to Cloudflare under a full DNS setup, Cloudflare becomes the primary authoritative DNS provider for your domain. As the authoritative DNS provider, Cloudflare responds to DNS queries for your domain, and you manage your domain's DNS records via the Cloudflare dashboard or API. | |
| When you onboard your website or application to Cloudflare, Cloudflare becomes the primary authoritative DNS provider for your domain. This means Cloudflare responds to DNS queries for your domain, and you manage your domain's DNS records via the Cloudflare dashboard or API. |
There was a problem hiding this comment.
I think a clearer way to work in the DNS setup context here would be a note under this, like "Note: Cloudflare only becomes the primary authoritative DNS provider if you use the default, full DNS setup. Learn more about alternative DNS setups"
|
|
||
| If the [domain's status](/dns/zone-setups/reference/domain-status/) is active and the queried DNS record is set to `proxied`, then Cloudflare responds with an [anycast IP address](/fundamentals/concepts/cloudflare-ip-addresses/), **instead of** the value defined in your DNS table. This effectively re-routes the `HTTP/HTTPS` requests to the Cloudflare network, instead of directly reaching the targeted the [origin server](https://www.cloudflare.com/learning/cdn/glossary/origin-server/). | ||
| A DNS query is like asking for directions to a place, and the DNS records are instructions that live in authoritative [DNS servers](https://www.cloudflare.com/learning/dns/dns-server-types/) and provide information about a domain. The DNS record contains information such as the [IP address](https://www.cloudflare.com/learning/dns/glossary/what-is-my-ip-address/) associated with a domain and how to handle requests for the domain. |
There was a problem hiding this comment.
Suggested change
| A DNS query is like asking for directions to a place, and the DNS records are instructions that live in authoritative [DNS servers](https://www.cloudflare.com/learning/dns/dns-server-types/) and provide information about a domain. The DNS record contains information such as the [IP address](https://www.cloudflare.com/learning/dns/glossary/what-is-my-ip-address/) associated with a domain and how to handle requests for the domain. | |
| A DNS query is like asking for directions to a place, and the DNS records are the source-of-truth for what exists where. DNS records live in authoritative [DNS servers](https://www.cloudflare.com/learning/dns/dns-server-types/) and provide information about a domain, such as the [IP addresses](https://www.cloudflare.com/learning/dns/glossary/what-is-my-ip-address/) of the servers that host the web content and services on that domain. With this information, Internet browsers know where to find a website or app, so they can render it for visitors using [HTTP](https://www.cloudflare.com/learning/ddos/glossary/hypertext-transfer-protocol-http/). |
|
|
||
| As these requests pass through our network, they are processed according to your [configuration](/fundamentals/setup/manage-domains/connect-your-domain/#domain-configurations). Subsequently, legitimate requests are forwarded to the origin server. | ||
| If your [domain's status](/dns/zone-setups/reference/domain-status/) is active and the queried DNS record is set to `proxied`, Cloudflare responds with an [anycast IP address](/fundamentals/concepts/cloudflare-ip-addresses/), instead of the origin server defined in your DNS table. |
There was a problem hiding this comment.
Suggested change
| If your [domain's status](/dns/zone-setups/reference/domain-status/) is active and the queried DNS record is set to `proxied`, Cloudflare responds with an [anycast IP address](/fundamentals/concepts/cloudflare-ip-addresses/), instead of the origin server defined in your DNS table. | |
| If your [domain's status](/dns/zone-setups/reference/domain-status/) is active and the queried DNS record is set to `proxied`, Cloudflare responds with an [anycast IP address](/fundamentals/concepts/cloudflare-ip-addresses/), instead of the actual IP address of the origin server as defined in your DNS table. |
|
|
||
| Refer to our [Load Balancing reference architecture](/reference-architecture/architectures/load-balancing/) to learn more about advanced ways to forward traffic to your origins (or other <GlossaryTooltip term="endpoint" link="/glossary/?term=endpoint">endpoints</GlossaryTooltip>), as well as our [CDN reference architecture](/reference-architecture/architectures/cdn/) to learn more about how Cloudflare processes and optimizes your web traffic. | ||
| Your domain status is active when your nameservers are updated to point to Cloudflare and have been authenticated. The proxy status defines how Cloudflare treats queries for that record. The anycast IP address is used to distribute traffic amongst Cloudflare's network, which protects your origin server from DDos attacks and can help optimize, cache, and protect requests to your application. |
There was a problem hiding this comment.
Suggested change
| Your domain status is active when your nameservers are updated to point to Cloudflare and have been authenticated. The proxy status defines how Cloudflare treats queries for that record. The anycast IP address is used to distribute traffic amongst Cloudflare's network, which protects your origin server from DDos attacks and can help optimize, cache, and protect requests to your application. | |
| Your domain status is active when your nameservers are updated to point to Cloudflare and have been authenticated. The proxy status defines how Cloudflare treats queries for specific DNS records. The anycast IP address is used to distribute traffic amongst Cloudflare's network, which protects your website or app from [DDoS](https://www.cloudflare.com/learning/ddos/what-is-a-ddos-attack/) and other attacks, while optimizing site speed. |
|
|
||
| Proxying is on by default for records that serve `HTTP/HTTPS` traffic (`A`, `AAAA`, and `CNAME` records). To proxy `HTTP/HTTPS` traffic on [non-standard ports](/fundamentals/reference/network-ports/) or to proxy a `TCP-` or `UDP-` based application, use [Cloudflare Spectrum](/spectrum/). | ||
| ::: | ||
| A reverse proxy is a server that sits in front of web servers and forwards client (for example, web browser) requests to those web servers. Reverse proxies are typically implemented to help increase security, performance, and reliability. |
There was a problem hiding this comment.
Suggested change
| A reverse proxy is a server that sits in front of web servers and forwards client (for example, web browser) requests to those web servers. Reverse proxies are typically implemented to help increase security, performance, and reliability. | |
| A reverse proxy is a network of servers that sits in front of web servers and either forwards requests to those web servers, or handles requests on behalf of the web servers. Reverse proxies are typically implemented to help increase security, performance, and reliability of websites and web applications. |
| - **Load balancing** A reverse proxy can provide a load balancing solution which will distribute the incoming traffic evenly among the different servers to prevent any single server from becoming overloaded. In the event that a server fails completely, other servers can step up to handle the traffic. |
There was a problem hiding this comment.
Suggested change
| - **Load balancing** A reverse proxy can provide a load balancing solution which will distribute the incoming traffic evenly among the different servers to prevent any single server from becoming overloaded. In the event that a server fails completely, other servers can step up to handle the traffic. | |
| - **Load balancing** A reverse proxy can provide a load balancing solution which distributes incoming traffic evenly among different servers to prevent any single server from becoming overloaded. In the event that a server fails completely, other servers can step up to handle the traffic. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Revised how CF works to simplify some concepts a little more. Addresses PCX-15740.