Cloudflare is not a CDN anymore but the workers edge platform, if you can move to bunny.net, you were not really using cloudflare. I don't understand how none of the alternatives really embrace WinterTC
If i see something horrific like:
import * as BunnySDK from "@bunny.net/edgescript-sdk"
BunnySDK.net.http.serve(async (request: Request) =>
Thats a proprietary lock-in worse than what it tries to replace!
In the interests of transparent disclosure on such a positive blog post, It might be worth calling out that all the links on the page are all linked to the Bunny Affiliate Program. [1]
Sorry, I realize I overdid it on the affiliate links so I've called out the link and removed some others. Just thought it was nice that they had an affiliate program. Nothing shady intended!
Yeah IANAL, but this sort of endorsement with undisclosed remuneration would probably run afoul of FTC guidelines, which is why you see disclaimers like "As an Amazon Associate I earn from qualifying purchases" everywhere. The author seems to live in the UK, but a cursory search suggests there's something similar there as well.
Maybe it technically under some regulation runs afoul. The FTC would never bother themselves with this and I don’t believe it’s in the spirit of the intent.
I don't like free offerings, because what if they decide to charge someday? What if someone decides "free is not feasible, we start charging $20 per instance now".
I'd rather have a low fee now, a change from $2 to $3 is more likely and that's fine for me. But from free to not free is risky for me.
I also like smaller, independent-ish ompanies that actually care about developers. That's why I use bunny.net, transistor.fm, Plausible Analytics.
>I don't like free offerings, because what if they decide to charge someday? What if someone decides "free is not feasible, we start charging $20 per instance now".
You can just move to another provider at that point. At least when it comes to CDN and DNS there’s literally no vendor lock-in.
You can grab your dns records export them to csv and import somewhere else easily and a CDN is just a file server so you can just give your files to someone else easily.
Predictability matters. The whole point of paying someone else to handle a problem for you is that you don't have to worry about it. If you go all in on a provider and then suddenly find out that you've been switched to a paid plan in the middle of your vacation, that's not a place anyone wants to be. Saying there's no lock-in is nice, but that overlooks the fact that there most definitely is friction. What if there's no mass export? No mass import? Or you need to reset 2FA? Or etc, there's a thousand things that can shoot you in the foot, especially if you have a lot of services you need to migrate.
For personal projects, I'd rather just pay $2/month and not think about it than get hit with a random bill and scramble to migrate before the next month's bill. Bunny is perfect for this use case where you have a handful of projects that aren't all actively maintained. It just works without hand-holding, and since you're paying for the service, there's no rugpull looming.
I didn't downvote it, but I don't think migrating away from Cloudflare workers, R2, D1, etc., isn't going to be that easy. Basically, the build these things from the ground up to work optimally for their infra - even the mental model that you have to use is different. If you only narrowly use one part of it, maybe.
I used to handwave cloud portability. Turns out when you're shipping things and need extra services and you have deadlines, you build against the platform. I think the GP comment was probably expressing wariness of the free cloudflare tier that entices you to build against their APIs and their product shape in a way that inevitably locks you in. Sure, you could migrate, but that's expensive.
Yeah, good point. For a little hobbyist site of no importance, I'm not too worried about vendor lock-in, but that calculus changes as it gets more important.
Logically, the only thing CloudFlare would do is lower or eliminate the free usage tier. For instance, if X million operations are currently free, they make X/2 operations free. I don't think they would do that, but if they did, it couldn't possibly be existential to any viable company.
Practically, any metered supplier can put you out of business. It usually doesn't happen because destruction is mutually assured.
+1 for using smaller, more independent companies in any case!
While this will probably happen over time, free* offerings are an anomaly you can‘t build a business on. But even 1€/months minimum is probably too low to cover costs.
I'm currently running a SaaS on Cloudflare Workers + Pages. The developer experience is genuinely good, deploying serverless functions and static sites from the same repo has been seamless.
But I hit a real issue recently: CDN edge caching served stale HTML after a deploy, and the service worker cached the bad response. Took a CDN purge from the dashboard to fix. The debugging experience when things go wrong at the edge is painful, you're always guessing which cache layer is the problem.
That being said, the free tier is hard to beat for getting started. Workers, Pages, KV, R2 — you can run a full production app at near-zero cost until you hit scale. Not sure if Bunny offers that.
Bunny has a lot of that (they have a sqlite compatible API, edge functions, but the call it something different, etc.)
That being said, I had enough issues with Bunny and CF debugging across regions that I made this free tool to do both remote HTTP and TCP traceroutes to keep my sanity: https://dnsisbeautiful.com/global-http-availability
DB seems like the main shortcoming in the stack for them. I don't want to deal with the limitations of D1. Seems like a serverless postgres setup a la Neon/Supabase would be a slam dunk.
I've used DO's quite a bit. I'm a big fan... however I find the database latency pretty hard to deal with. In the past 6 months I've seen upwards of 30s for little side projects running tiny (100's of kb) databases. Sometimes it's lightning fast... sometimes it's a disaster.
As a consequence I've had to build quite defensively - adopting a PWA approach - heavy caching and background sync. My hope is that latency improves over time because the platform is nice to work with.
Bunny doesn’t have a free tier, but their greatest asset is that it has prepaid billing: there’s zero risk of running up a surprise six figure bill just because of being attacked, making a mistake with a deploy, or other sudden sources of resource usage. I’d rather my site go down than to be on the hook for hundreds of thousands, which many projects have no hope of generating from sudden spikes in traffic of any source.
There’s a cost limit to how much high availability is worth on any project but vendors like CloudFlare don’t respect that.
And this is why I am immediately shifting to bunny from cloudflare at this point.
A week ago I (a hobbyist running a small side project for a dollar or two a month in normal usage, so my account is marked as "individual") got hit with a ~$17,000 bill from Google cloud because some combination of key got leaked or my homelab got compromised, and the attacker consumed tens of thousands in gemini usage in only a few hours.
Google denied a rate adjustment, and haven't reached back out to me for a good few days now. My credit card denied the charge because it was over my credit limit by a good few thousand dollars and they suspected fraud, but now I am terrified of being taken to collections and ruining my prospects of renting an apartment due to my credit score/history being ruined, or them just taking me to court.
I am never going to use "use now pay later" services, especially with cloud portals where it's so hard to put in a actual cap, and the cloud provider not having any sane rate limits. I am fine paying if it was negligence or a mistake on my part as a very expensive lesson in security, but 17k is brutal.
The fact they don't have an easy way to hard cap usage (especially for an individual account) and have ineffective rate limits (how on earth is an account that pays a few dollars a month able to run up tens of thousands in just a few hours), makes me never want to use their (or any use now pay later with no easy caps or rate limits) service ever again. Or even a phone number to call.
If you're in the USA contact your state AG + Senator and present your case. Mention that Google is abusing small owners due to their ineptitude in security practices, construct the argument that makes it appear Google is squeezing small users like a mob boss/cartel.
Also before doing this save anything important that Google owns (gmail, youtube videos, anything in storage). The leaders at Google are vengeful enough to completely lock you out for challenging them.
I switched a year ago and have been absolutely loving them. Not just because we can support a EU based CDN, but their Magic Containers are amazing. I can have global instantly scalable API's that cost me barely $1 a month until used.
Yes, Magic Containers is excellent. I don't know if it scales up to huge loads well -- that might be expensive -- but it scales down really well. For a very lightly loaded hobby project it's almost free.
A few people here are complaining about the lack of a free tier, but Magic Containers can cover a lot of the same ground as Cloudflare's Durable Objects, which IIRC cost a minimum of $5/month.
We use them for a couple of things - very happy. I think probably the best reason (other than service robustness): support. CloudFlare is great until it's not, and you aren't paying $$$ for enterprise support. This is probably one of the most underrated reasons to switch to any lesser known (but still rock solid) infra services. UpCloud too - great support!
Unfortunately it doesn't offer free hosting for hobbyists. Even for superficial traffic you'll have pay 1 euro a month (plus VAT).
Not many DNS management providers (that I'm aware of, please correct me) support CNAME flattening. That is having your A record point to a CNAME.
Every time I purge the pull zone cache, I do it twice, cause once from my CI isn't enough. My CI does individual page cache invalidation during deployment, but there needs to be some kind of delay (with no feedback) when assets are distributed across.
Other commenters laughing at you for the price... It's not about the price it's about the barrier. Even if I love a service, I won't get very many people to try it if they need to enter a credit card.
Almost all technological choices I made as a teen were driven by "what hosting can I get for free, as my parents sure as hell won't put down their payment information for that". Back then that usually meant PHP and a max. 50MB MySQL.
I have been the service provider who had to paywall just to stop the spammers and you're right. But it's also true that kids will be collateral damage (or anyone without a credit card).
In my case, and it was the 90s, I took the time to setup a way to pay by calling a premium (1-900) for $1.49 number so the barrier to entry even for kids was still reasonable.
Maybe in modern day the equivalent is adding Google pay and Apple pay then you cover some kids at least (gift cards and such).
Quite the hassle for the provider, and it will turn away any person who cares about privacy. There's no way to win anymore.
I get that credit cards are a barrier of entry but I’m more willing to give providers a break now that AI agents make it much easier to abuse free tiers. It’s also harder for smaller companies to offer free tiers. If we want a more diverse set of service providers we as customers need to be willing to accept some trade-offs.
Feel free to use local services then, not every company has to support the entire world. Some are fine with a small slice. Expecting otherwise isn't sustainable for the sub trillion dollar non-monopolists companies, not without massive public support from the government at least.
That's interesting, we moved to Cloudflare R2 for our CDN solution, and we got reports from some european government institutions that our assets weren't loading, likely for similar reasons as you mention, so we rolled back whilst looking for options.
The solution was to move to Bunny, and that worked for everyone.
I do have a question, is it even possible to have a CDN set up where they don't MITM and strip your TLS and re-encrypt or are we just picking which jurisdiction gets to inspect your traffic?
edit: I'm thinking of the use case where the CDN as a proxy for APIs and uncachable content as well, where it used as a reverse proxy for transit/ddos protection.
Probably not. That’d look a lot like a bunch of load balancers around the world hitting your own backend. There’s generally not a way to cache web data without decrypting it inside the cache.
Much of the point of a CDN is that they can cache responses, and likely also make other changes. I don't see how that could be done without seeing what's inside the request.
This has to be an ad right? Affiliate link in the blog, non sensical reasoning for switching (single point of failure to... another single point of failure) etc
It's not, but I can see how it came across like that. I just wrote up my experience moving over, and I thought it was nice they had an affiliate link. I've cleaned it up and called out the affiliate link. Nothing shady intended.
I had to move to Bunny.net after Cloudflare disabled my homepage following a malicious report, despite me being a paying customer for several years. I also never received a response to my appeal.
I’ve now been with Bunny.net for over a year and have been very happy with the service.
I would probably switch off Cloudflare if I didn't also make use of their Cloudflare Tunnels service for sharing some stuff in a way that doesn't require me to punch a hole in my home network. I realize Pangolin and such also exist, but it's nice to get it for free
Seemingly lacks IPv6 though? Cloudflare requires you to pay them and make an explicit effort to disable IPv6. Sad to see it not enabled by default on Bunny.
I use bunny as an image serving and video streaming across multiple projects and it is excellent, never had an issue with it.
They recently upgraded the player for streaming media, we use in one instance for tutorial videos, that apparently adds some missing accessibility features. All we needed to do was adjust the embed URL structure we were using and all set.
IMHO main benefit of bunny.net is that as an Slovenian company they adhere to the GDPR, no GAG orders, and offer an Data Processing Agreement (DPA) when Personally Identifiable Information (PII) is involved.
While uncommon, bunny.net also provides a way to block users from the EU from accessing your content altogether by using our traffic manager tools if you do not wish to serve users from the European Union. Which I assume can be reversed, only serving to users from the EU.
> It’s a single point of failure for the internet. Every Cloudflare outage ends up in the news.
I hear this argument all the time, but I think it's more complicated.
Firstly, if people used more diverse / smaller services the distribution of outages would change.
While there will likely to be more frequent "smaller" asynchronous outages, many platforms can still break even when only one of their dependencies break. So, you might likely to face even more frequent outages, although not synchronous.
Secondly, we are not sure if these smaller services are on par with the reliability of Cloudflare and other big players.
Thirdly, not all Cloudflare infrastructure is fully centralized. There is definitely some degree of distribution and independence in/between different Cloudflare services. Some Cloudflare outages can still be non global (limited by region or customers that use certain feature set, etc).
I’ve mainly been using cloudflare for the very excellent (and free) premium DNS offering.
Easy upload of bind test files
Flattened CNAME to support naked domains
Robust free role based permissions to add other ppl
Anyone have suggestions for moving a stack of domains, many being little community and hobby projects away from cloudflare for a small overall price. Agency pricing like migadu offers for email on custom domains is what I have in mind.
I've found every other offering to be lacking. Some examples: Cloudflare is alright but has settings footguns if you're not used to Their Way of Doing It™ (e.g., before using DNSControl, I had to manually flip switches to turn off proxying every time I updated my zones). deSEC is free and okay, but sometimes quite slow to propagate and its UI+API are unwieldy. DNS Made Easy is often pushed on social media, but it's ridiculously pricey for what you get if you don't need a SLA. DNSimple seemed nice but IIRC I couldn't get a different API token per zone (?).
I'm currently relying mainly on LuaDNS. For me, it functions as a "dumb" DNS host (i.e., not using their Lua configuration-as-code system). Their API is oddly designed, but it's been passable since a recent-ish update, which has allowed me to safely port my zone files to DNSControl.
I used them in the past (many years ago) and was very surprised when my DNS was affected by a cloudflare outage. Turns out (back then) they relied on the cf network for DoS protection against their resolvers[1]. I was surprised to learn that and honestly thought that if I already take a dependency on cloudflare I might as well have them host my zones directly for free.
At one point we were using Cloudflare's DNS Firewall product for our entire edge network. We have since moved half of our edge network to our own infrastructure and are currently in the process of expanding our edge network further, so at this point an outage at Cloudflare should be at least partially mitigated for our customers due to our separate edge network, and eventually it should be completely independent.
I make a point of using a dedicated service provider for each distinct service. YMMV but I'm happy with DNSMadeEasy (DNS), IWantMyName (registrar) and Fastmail (email).
I tried to move my sites to Bunny Edge Scripting and found the experience mostly poor, unfortunately. A lot of failures without error logs, and purging the pull zone cache only seemed to work sometimes. A shame because I like their offering otherwise.
R2 is pretty darn hard to beat. No egress, and only like $.57 per million read operations. If you're running a video streaming use case (and not using terabytes and caching or abusing your bandwidth) I found no one else compares.
Does anyone have thoughts or disagree on this in terms of pricing and cost effectiveness?
your enthusiasm for the service might be justified but having every mention of its name be a hyperlink with referral code feels offputting like i'm about to enter a multi-level marketing scheme
Am I the only one who thinks their reason for why theyre leaving Cloudflare didn't sound particularly sound... This blog post reads like something a Bunny.net employee would write
We had severe issues with Bunny and recently migrated off it.
Some of our users were unable to reach our CDN altogether. They couldn't load any assets at all. Bunny's customer service was far too slow to respond and mostly gave unhelpful answers. They couldn't even identify the issue.
In less than 45 minutes, I moved our CDN entirely from Bunny to Cloudflare Workers. Now our CDN just actually works, I don't have to debug our CDN for the Bunny customer service team.
Also had a severe issue with Bunny, serving videos. They had a cache poisoning issue where they served a few frames from pornographic videos right in the middle of our educational videos. They did not have the multi-tenancy thing fully figured out, and it became a nightmare scenario. After that, we moved to a provider that explicitly did not allow porn.
>One of my biggest concerns though is around how easily I could become heavily dependent on this one single company that then can decide to cut me off [...]
How does switching to Bunny make a difference?
It would be super nice to have a setup that uses multiple CDNs w/ automatic failover.
It would be super nice to have a setup that uses multiple CDNs w/ automatic failover.
Doable, but that removes all the free tiers of all the CDN's. AFAIK they all require an enterprise account to keep using ones own DNS and their own GSLB DNS failover. There are probably a few exceptions and one could maybe make something of that but I don't know which ones are the exceptions.
I don't know. I started to go down that path but all the CDN's that suggested some aspect of try before buying were in places outside of the US and had non US payment processors so I moved on to other projects. I doubt that there are many. I suspect Cloudflare only do it as a result of dual-use and that dual-use may be backed by tax dollars as there is no way a publicly traded company would give away massive network resources at a loss but that is my own conspiracy theory. i.e. an extension to Googles birds of a feather project. Capture most web traffic, most DNS traffic and learn who talks to who and why to form a risk map.
The extremists want you to believe that, but the EU is an economic alliance, not a federal republic. Being pro-EU is usually anti-isolationist, but it isn't always anti-nationalist.
> the EU is an economic alliance, not a federal republic
The line between those two things in the case of the EU is awful blurry.
The Espace Léopold issues laws that are binding on member nations, wields significant power over trade, fiscal policy, and mandates open borders between member nations. These are hardly the features of a purely economic treaty organisation.
Cloudflare is not a CDN anymore but the workers edge platform, if you can move to bunny.net, you were not really using cloudflare. I don't understand how none of the alternatives really embrace WinterTC
If i see something horrific like:
import * as BunnySDK from "@bunny.net/edgescript-sdk" BunnySDK.net.http.serve(async (request: Request) =>
Thats a proprietary lock-in worse than what it tries to replace!
In the interests of transparent disclosure on such a positive blog post, It might be worth calling out that all the links on the page are all linked to the Bunny Affiliate Program. [1]
[1] https://bunny.net/affiliate/
Sorry, I realize I overdid it on the affiliate links so I've called out the link and removed some others. Just thought it was nice that they had an affiliate program. Nothing shady intended!
Thanks, just something to be mindful of in the future. It unfortunately can discredit your work if not clearly disclosed. Thanks for the post!
> It unfortunately can discredit your work
In a time where more people usually beg for forgiveness instead of asking for permission, it already has
Yeah IANAL, but this sort of endorsement with undisclosed remuneration would probably run afoul of FTC guidelines, which is why you see disclaimers like "As an Amazon Associate I earn from qualifying purchases" everywhere. The author seems to live in the UK, but a cursory search suggests there's something similar there as well.
Maybe the whole world is not in the U.S. What is the FTC? The Royal Air Force Flying Training Command?
Maybe it technically under some regulation runs afoul. The FTC would never bother themselves with this and I don’t believe it’s in the spirit of the intent.
I use bunny.net for CDN and DNS.
I don't like free offerings, because what if they decide to charge someday? What if someone decides "free is not feasible, we start charging $20 per instance now".
I'd rather have a low fee now, a change from $2 to $3 is more likely and that's fine for me. But from free to not free is risky for me.
I also like smaller, independent-ish ompanies that actually care about developers. That's why I use bunny.net, transistor.fm, Plausible Analytics.
>I don't like free offerings, because what if they decide to charge someday? What if someone decides "free is not feasible, we start charging $20 per instance now".
You can just move to another provider at that point. At least when it comes to CDN and DNS there’s literally no vendor lock-in.
You can grab your dns records export them to csv and import somewhere else easily and a CDN is just a file server so you can just give your files to someone else easily.
Can anyone say why this is being downvoted? Seems like it makes sense to me, but this isn't my area of expertise.
Predictability matters. The whole point of paying someone else to handle a problem for you is that you don't have to worry about it. If you go all in on a provider and then suddenly find out that you've been switched to a paid plan in the middle of your vacation, that's not a place anyone wants to be. Saying there's no lock-in is nice, but that overlooks the fact that there most definitely is friction. What if there's no mass export? No mass import? Or you need to reset 2FA? Or etc, there's a thousand things that can shoot you in the foot, especially if you have a lot of services you need to migrate.
Or your provider randomly decides you need to be on an enterprise plan: https://robindev.substack.com/p/cloudflare-took-down-our-web...
For personal projects, I'd rather just pay $2/month and not think about it than get hit with a random bill and scramble to migrate before the next month's bill. Bunny is perfect for this use case where you have a handful of projects that aren't all actively maintained. It just works without hand-holding, and since you're paying for the service, there's no rugpull looming.
I didn't downvote it, but I don't think migrating away from Cloudflare workers, R2, D1, etc., isn't going to be that easy. Basically, the build these things from the ground up to work optimally for their infra - even the mental model that you have to use is different. If you only narrowly use one part of it, maybe.
I used to handwave cloud portability. Turns out when you're shipping things and need extra services and you have deadlines, you build against the platform. I think the GP comment was probably expressing wariness of the free cloudflare tier that entices you to build against their APIs and their product shape in a way that inevitably locks you in. Sure, you could migrate, but that's expensive.
Yeah, good point. For a little hobbyist site of no importance, I'm not too worried about vendor lock-in, but that calculus changes as it gets more important.
Logically, the only thing CloudFlare would do is lower or eliminate the free usage tier. For instance, if X million operations are currently free, they make X/2 operations free. I don't think they would do that, but if they did, it couldn't possibly be existential to any viable company.
Practically, any metered supplier can put you out of business. It usually doesn't happen because destruction is mutually assured.
+1 for using smaller, more independent companies in any case!
If the rest of the market moved to $20, why would economics of another vendor moving from $2 to $3 at the same time be plausible?
While this will probably happen over time, free* offerings are an anomaly you can‘t build a business on. But even 1€/months minimum is probably too low to cover costs.
I'm currently running a SaaS on Cloudflare Workers + Pages. The developer experience is genuinely good, deploying serverless functions and static sites from the same repo has been seamless.
But I hit a real issue recently: CDN edge caching served stale HTML after a deploy, and the service worker cached the bad response. Took a CDN purge from the dashboard to fix. The debugging experience when things go wrong at the edge is painful, you're always guessing which cache layer is the problem.
That being said, the free tier is hard to beat for getting started. Workers, Pages, KV, R2 — you can run a full production app at near-zero cost until you hit scale. Not sure if Bunny offers that.
Cloudflare's biggest benefit is the wrangler cli which when paired with claude code means that you can completely handoff setup/debugging/analysis.
Some of you may be skeptical about this but it allows for much easier management when working on multiple SaaS/hobby projects/personal tools.
Bunny has a lot of that (they have a sqlite compatible API, edge functions, but the call it something different, etc.)
That being said, I had enough issues with Bunny and CF debugging across regions that I made this free tool to do both remote HTTP and TCP traceroutes to keep my sanity: https://dnsisbeautiful.com/global-http-availability
Yeah ran into that too, and found someone else that wrote a script for it, so we're not alone: https://bash.cyberciti.biz/web-server/linuxunix-bash-shell-s...
DB seems like the main shortcoming in the stack for them. I don't want to deal with the limitations of D1. Seems like a serverless postgres setup a la Neon/Supabase would be a slam dunk.
They have Durable Objects which should be enough for most use cases (it’s SQLite with no limitations). Have you tried that?
I've used DO's quite a bit. I'm a big fan... however I find the database latency pretty hard to deal with. In the past 6 months I've seen upwards of 30s for little side projects running tiny (100's of kb) databases. Sometimes it's lightning fast... sometimes it's a disaster.
As a consequence I've had to build quite defensively - adopting a PWA approach - heavy caching and background sync. My hope is that latency improves over time because the platform is nice to work with.
Bunny doesn’t have a free tier, but their greatest asset is that it has prepaid billing: there’s zero risk of running up a surprise six figure bill just because of being attacked, making a mistake with a deploy, or other sudden sources of resource usage. I’d rather my site go down than to be on the hook for hundreds of thousands, which many projects have no hope of generating from sudden spikes in traffic of any source.
There’s a cost limit to how much high availability is worth on any project but vendors like CloudFlare don’t respect that.
And this is why I am immediately shifting to bunny from cloudflare at this point.
A week ago I (a hobbyist running a small side project for a dollar or two a month in normal usage, so my account is marked as "individual") got hit with a ~$17,000 bill from Google cloud because some combination of key got leaked or my homelab got compromised, and the attacker consumed tens of thousands in gemini usage in only a few hours.
Google denied a rate adjustment, and haven't reached back out to me for a good few days now. My credit card denied the charge because it was over my credit limit by a good few thousand dollars and they suspected fraud, but now I am terrified of being taken to collections and ruining my prospects of renting an apartment due to my credit score/history being ruined, or them just taking me to court.
I am never going to use "use now pay later" services, especially with cloud portals where it's so hard to put in a actual cap, and the cloud provider not having any sane rate limits. I am fine paying if it was negligence or a mistake on my part as a very expensive lesson in security, but 17k is brutal.
The fact they don't have an easy way to hard cap usage (especially for an individual account) and have ineffective rate limits (how on earth is an account that pays a few dollars a month able to run up tens of thousands in just a few hours), makes me never want to use their (or any use now pay later with no easy caps or rate limits) service ever again. Or even a phone number to call.
If you're in the USA contact your state AG + Senator and present your case. Mention that Google is abusing small owners due to their ineptitude in security practices, construct the argument that makes it appear Google is squeezing small users like a mob boss/cartel.
Also before doing this save anything important that Google owns (gmail, youtube videos, anything in storage). The leaders at Google are vengeful enough to completely lock you out for challenging them.
I switched a year ago and have been absolutely loving them. Not just because we can support a EU based CDN, but their Magic Containers are amazing. I can have global instantly scalable API's that cost me barely $1 a month until used.
Yes, Magic Containers is excellent. I don't know if it scales up to huge loads well -- that might be expensive -- but it scales down really well. For a very lightly loaded hobby project it's almost free.
A few people here are complaining about the lack of a free tier, but Magic Containers can cover a lot of the same ground as Cloudflare's Durable Objects, which IIRC cost a minimum of $5/month.
We use them for a couple of things - very happy. I think probably the best reason (other than service robustness): support. CloudFlare is great until it's not, and you aren't paying $$$ for enterprise support. This is probably one of the most underrated reasons to switch to any lesser known (but still rock solid) infra services. UpCloud too - great support!
Unfortunately it doesn't offer free hosting for hobbyists. Even for superficial traffic you'll have pay 1 euro a month (plus VAT).
Not many DNS management providers (that I'm aware of, please correct me) support CNAME flattening. That is having your A record point to a CNAME.
Every time I purge the pull zone cache, I do it twice, cause once from my CI isn't enough. My CI does individual page cache invalidation during deployment, but there needs to be some kind of delay (with no feedback) when assets are distributed across.
Other commenters laughing at you for the price... It's not about the price it's about the barrier. Even if I love a service, I won't get very many people to try it if they need to enter a credit card.
It's also a barrier for education.
Almost all technological choices I made as a teen were driven by "what hosting can I get for free, as my parents sure as hell won't put down their payment information for that". Back then that usually meant PHP and a max. 50MB MySQL.
If you've ever offered an online service, charging "the dollar" reduces a ton of spam/abuse you have to deal with.
I have been the service provider who had to paywall just to stop the spammers and you're right. But it's also true that kids will be collateral damage (or anyone without a credit card).
In my case, and it was the 90s, I took the time to setup a way to pay by calling a premium (1-900) for $1.49 number so the barrier to entry even for kids was still reasonable.
Maybe in modern day the equivalent is adding Google pay and Apple pay then you cover some kids at least (gift cards and such).
Quite the hassle for the provider, and it will turn away any person who cares about privacy. There's no way to win anymore.
I get that credit cards are a barrier of entry but I’m more willing to give providers a break now that AI agents make it much easier to abuse free tiers. It’s also harder for smaller companies to offer free tiers. If we want a more diverse set of service providers we as customers need to be willing to accept some trade-offs.
oh no a euro a month for a service. How will we financially recover?
not everyone lives in the USA or earns USA based salaries.
also I said this in a another thread, they charges 1$ even for single testing http request.
https://news.ycombinator.com/item?id=46873521
Feel free to use local services then, not every company has to support the entire world. Some are fine with a small slice. Expecting otherwise isn't sustainable for the sub trillion dollar non-monopolists companies, not without massive public support from the government at least.
> Unfortunately it doesn't offer free hosting for hobbyists. Even for superficial traffic you'll have pay 1 euro a month (plus VAT).
?
So 1 euro a month is too expensive for you? Wow.
Just pay the 1 Euro or go to GitHub where that is free but goes down almost every week.
Man, come on now, it's 1.20 EUR a month.
Of course it's nothing, but it's also not a set it an forget kind of thing, which in many ways for hobbyists is why cloudflare/github pages are nice.
Yes, it's nice to have a trillion+ dollar monopoly able to subsidize loss leaders to put your competitors out of business.
Very small caveat: A lot of the education space bans *.b-cdn.net due to malware, proxy tools, and other shenanigans.
That's interesting, we moved to Cloudflare R2 for our CDN solution, and we got reports from some european government institutions that our assets weren't loading, likely for similar reasons as you mention, so we rolled back whilst looking for options.
The solution was to move to Bunny, and that worked for everyone.
I do have a question, is it even possible to have a CDN set up where they don't MITM and strip your TLS and re-encrypt or are we just picking which jurisdiction gets to inspect your traffic?
edit: I'm thinking of the use case where the CDN as a proxy for APIs and uncachable content as well, where it used as a reverse proxy for transit/ddos protection.
Probably not. That’d look a lot like a bunch of load balancers around the world hitting your own backend. There’s generally not a way to cache web data without decrypting it inside the cache.
Much of the point of a CDN is that they can cache responses, and likely also make other changes. I don't see how that could be done without seeing what's inside the request.
Comparing hashes of responses without knowing what is inside wouldn’t work?
No, as the request headers would be different for things like time.
This has to be an ad right? Affiliate link in the blog, non sensical reasoning for switching (single point of failure to... another single point of failure) etc
It's not, but I can see how it came across like that. I just wrote up my experience moving over, and I thought it was nice they had an affiliate link. I've cleaned it up and called out the affiliate link. Nothing shady intended.
Yeah. I flagged this thread for spam.
I had to move to Bunny.net after Cloudflare disabled my homepage following a malicious report, despite me being a paying customer for several years. I also never received a response to my appeal.
I’ve now been with Bunny.net for over a year and have been very happy with the service.
heh one bad report gets action. years as a paying customer get you silence. ugly asymmetry.
I would probably switch off Cloudflare if I didn't also make use of their Cloudflare Tunnels service for sharing some stuff in a way that doesn't require me to punch a hole in my home network. I realize Pangolin and such also exist, but it's nice to get it for free
I use Bunny for serving up videos. Best service by far. Inexpensive and fast streaming.
Seemingly lacks IPv6 though? Cloudflare requires you to pay them and make an explicit effort to disable IPv6. Sad to see it not enabled by default on Bunny.
How did you determine that Bunny lacks IPv6?
The CDN certainly has it: https://bunny.net/blog/ipv6-returns-to-bunnycdn/
Depending on where I query from, OP's blog does have it as well:
Well it seems like whatever's on that page is blocked by the corporate proxy malware scanner I'm currently behind.
I love bunny.net. For my use case it provides lower latency than Cloudflare.
I use bunny as an image serving and video streaming across multiple projects and it is excellent, never had an issue with it.
They recently upgraded the player for streaming media, we use in one instance for tutorial videos, that apparently adds some missing accessibility features. All we needed to do was adjust the embed URL structure we were using and all set.
IMHO main benefit of bunny.net is that as an Slovenian company they adhere to the GDPR, no GAG orders, and offer an Data Processing Agreement (DPA) when Personally Identifiable Information (PII) is involved.
See https://bunny.net/gdpr/. Also noticed this:
While uncommon, bunny.net also provides a way to block users from the EU from accessing your content altogether by using our traffic manager tools if you do not wish to serve users from the European Union. Which I assume can be reversed, only serving to users from the EU.
> It’s a single point of failure for the internet. Every Cloudflare outage ends up in the news.
I hear this argument all the time, but I think it's more complicated.
Firstly, if people used more diverse / smaller services the distribution of outages would change. While there will likely to be more frequent "smaller" asynchronous outages, many platforms can still break even when only one of their dependencies break. So, you might likely to face even more frequent outages, although not synchronous.
Secondly, we are not sure if these smaller services are on par with the reliability of Cloudflare and other big players.
Thirdly, not all Cloudflare infrastructure is fully centralized. There is definitely some degree of distribution and independence in/between different Cloudflare services. Some Cloudflare outages can still be non global (limited by region or customers that use certain feature set, etc).
Have been with them for quite some time, have some Hugo websites with them, do DNS through them, get their minimum $1 invoice each month. Love them.
I’ve mainly been using cloudflare for the very excellent (and free) premium DNS offering.
Easy upload of bind test files Flattened CNAME to support naked domains Robust free role based permissions to add other ppl
Anyone have suggestions for moving a stack of domains, many being little community and hobby projects away from cloudflare for a small overall price. Agency pricing like migadu offers for email on custom domains is what I have in mind.
https://www.migadu.com/pricing/
I've tested just about every DNS provider I could find. Self-hosting and Bunny aside, my needs are especially well met by CloudDNS and LuaDNS.
https://www.cloudns.net/premium/
https://www.luadns.com/pricing.html
I've found every other offering to be lacking. Some examples: Cloudflare is alright but has settings footguns if you're not used to Their Way of Doing It™ (e.g., before using DNSControl, I had to manually flip switches to turn off proxying every time I updated my zones). deSEC is free and okay, but sometimes quite slow to propagate and its UI+API are unwieldy. DNS Made Easy is often pushed on social media, but it's ridiculously pricey for what you get if you don't need a SLA. DNSimple seemed nice but IIRC I couldn't get a different API token per zone (?).
I'm currently relying mainly on LuaDNS. For me, it functions as a "dumb" DNS host (i.e., not using their Lua configuration-as-code system). Their API is oddly designed, but it's been passable since a recent-ish update, which has allowed me to safely port my zone files to DNSControl.
https://dnscontrol.org
I should add a friend has recommended DNsimple.com and I’ve previously found their service to be excellent.
https://dnsimple.com/
50 cents per domain per month 10 cents per million queries
That’s prob cheap enough to support lots of little hobby sites and bigger traffic sites likely have some budget.
I used them in the past (many years ago) and was very surprised when my DNS was affected by a cloudflare outage. Turns out (back then) they relied on the cf network for DoS protection against their resolvers[1]. I was surprised to learn that and honestly thought that if I already take a dependency on cloudflare I might as well have them host my zones directly for free.
[1] Not completely sure but I think this was the incident https://blog.dnsimple.com/2020/07/incident-dns-resolution/
At one point we were using Cloudflare's DNS Firewall product for our entire edge network. We have since moved half of our edge network to our own infrastructure and are currently in the process of expanding our edge network further, so at this point an outage at Cloudflare should be at least partially mitigated for our customers due to our separate edge network, and eventually it should be completely independent.
Second DNSimple. Cheap to start and lots of nice features/support if you grow e.g. terraform provider, an acme.sh plugin, Okta support etc.
I make a point of using a dedicated service provider for each distinct service. YMMV but I'm happy with DNSMadeEasy (DNS), IWantMyName (registrar) and Fastmail (email).
Try desec.io, I use them and am very happy. Free DNSSEC, which some other DNS hosters want to charge you for (IONOS, looking at you).
You can use Bunny for DNS-only, it works well
Bun alert!
I tried to move my sites to Bunny Edge Scripting and found the experience mostly poor, unfortunately. A lot of failures without error logs, and purging the pull zone cache only seemed to work sometimes. A shame because I like their offering otherwise.
Yes. Bunny is excellent, never had an issue with it.
R2 is pretty darn hard to beat. No egress, and only like $.57 per million read operations. If you're running a video streaming use case (and not using terabytes and caching or abusing your bandwidth) I found no one else compares.
Does anyone have thoughts or disagree on this in terms of pricing and cost effectiveness?
I do not understand what it is about Cloudflare. Especially for a blog post - won't pretty much anything do?
your enthusiasm for the service might be justified but having every mention of its name be a hyperlink with referral code feels offputting like i'm about to enter a multi-level marketing scheme
Am I the only one who thinks their reason for why theyre leaving Cloudflare didn't sound particularly sound... This blog post reads like something a Bunny.net employee would write
Sounds like an ad which it probably is.
We had severe issues with Bunny and recently migrated off it.
Some of our users were unable to reach our CDN altogether. They couldn't load any assets at all. Bunny's customer service was far too slow to respond and mostly gave unhelpful answers. They couldn't even identify the issue.
In less than 45 minutes, I moved our CDN entirely from Bunny to Cloudflare Workers. Now our CDN just actually works, I don't have to debug our CDN for the Bunny customer service team.
Also, this is obviously a marketing post.
Also had a severe issue with Bunny, serving videos. They had a cache poisoning issue where they served a few frames from pornographic videos right in the middle of our educational videos. They did not have the multi-tenancy thing fully figured out, and it became a nightmare scenario. After that, we moved to a provider that explicitly did not allow porn.
Nice ad.
>One of my biggest concerns though is around how easily I could become heavily dependent on this one single company that then can decide to cut me off [...]
How does switching to Bunny make a difference?
It would be super nice to have a setup that uses multiple CDNs w/ automatic failover.
It would be super nice to have a setup that uses multiple CDNs w/ automatic failover.
Doable, but that removes all the free tiers of all the CDN's. AFAIK they all require an enterprise account to keep using ones own DNS and their own GSLB DNS failover. There are probably a few exceptions and one could maybe make something of that but I don't know which ones are the exceptions.
What other CDNs even have decent free tiers besides Cloudflare?
I don't know. I started to go down that path but all the CDN's that suggested some aspect of try before buying were in places outside of the US and had non US payment processors so I moved on to other projects. I doubt that there are many. I suspect Cloudflare only do it as a result of dual-use and that dual-use may be backed by tax dollars as there is no way a publicly traded company would give away massive network resources at a loss but that is my own conspiracy theory. i.e. an extension to Googles birds of a feather project. Capture most web traffic, most DNS traffic and learn who talks to who and why to form a risk map.
make Europe great again, and no, this is so different from any other nationalist moves :)
Surely by definition, being pro-EU is automatically anti-nationalism (at least for everyone inside the EU)?
The extremists want you to believe that, but the EU is an economic alliance, not a federal republic. Being pro-EU is usually anti-isolationist, but it isn't always anti-nationalist.
> the EU is an economic alliance, not a federal republic
The line between those two things in the case of the EU is awful blurry.
The Espace Léopold issues laws that are binding on member nations, wields significant power over trade, fiscal policy, and mandates open borders between member nations. These are hardly the features of a purely economic treaty organisation.
I am pro-EU and anti-nationalist. This works because the EU is a collection of states.
I'm pro-EU and my country is no longer in the EU (annoyingly).
It's not perfect but it's better than the alternatives and we really need a power bloc (even if currently only economic) that isn't the US and China.
Alternatives to US big tech are always welcome.