Cloudflare Application Security and Performance Reviews (617)

View 2 Video Reviews
Reviews

Cloudflare Application Security and Performance Reviews (617)

View 2 Video Reviews
4.5
617 reviews

What do users say?

Generated using AI from real user reviews
Users consistently praise the product for its strong security features and ease of use, highlighting how it effectively combines DDoS protection, a Web Application Firewall, and CDN capabilities in a single platform. Many appreciate the intuitive dashboard that simplifies management and configuration, making it accessible even for non-technical users. However, some users note that advanced features can come with a steep learning curve and may require higher-tier plans.

Pros & Cons

Generated from real user reviews
View All Pros and Cons
Search reviews
Filter Reviews
Clear Results
G2 reviews are authentic and verified.
Pablo H.
PH
Pablo H.
Program Tech Lead
Mid-Market (51-1000 emp.)
"Our trusted platform for security, performance, and edge computing"
5/5
What do you like best about Cloudflare Application Security and Performance?

Cloudflare provides a comprehensive platform that allows us to protect, accelerate, and extend our digital services from a single solution. We use it extensively as our CDN and WAF in front of our entire digital ecosystem, serving millions of requests with low latency through its global edge network. Beyond content delivery, we rely on Cloudflare’s security capabilities—including WAF rules, bot management, rate limiting, IP allowlists, and access control—to protect critical APIs and customer-facing services. We also use Cloudflare Workers to build lightweight serverless services at the edge, enabling us to deploy functionality closer to users while reducing latency and operational complexity. The platform is highly reliable, easy to automate, and scales seamlessly to support our traffic demands. Review collected by and hosted on G2.com.

What do you dislike about Cloudflare Application Security and Performance?

One area for improvement is the responsiveness of customer support. While the support team is knowledgeable and helpful, response times have occasionally been slower than we expected, particularly for issues that required prompt attention. Faster response times would further improve the overall experience. Review collected by and hosted on G2.com.

Flor B.
FB
Flor B.
Customer Support Manager
Mid-Market (51-1000 emp.)
"Secure access with WARP and solid stability even during traffic peaks"
4.5/5
What do you like best about Cloudflare Application Security and Performance?

From Support, I am not a direct user of Cloudflare (the Cybersecurity team manages it), but its impact is clearly noticeable on a day-to-day basis. Thanks to Warp, we can access internal pages that would otherwise be inaccessible, and this strengthens access security.

Additionally, during traffic spikes or attempted attacks, the platform remains stable and we have not experienced any visible outages for the user. This prevents avalanches of tickets and complaints. I perceive the ROI mainly in the incidents avoided, something especially critical in a financial platform, where any downtime quickly increases the volume of contacts. Review collected by and hosted on G2.com.

What do you dislike about Cloudflare Application Security and Performance?

As I am not a direct user of the console, my visibility on specific configurations or issues is limited. When a question arises, I rely entirely on the Cybersecurity team to get context, which sometimes slows down communication with the end user. It would also be useful to have access to a more simplified panel or receive direct alerts for Support, so that we can anticipate and confirm if an increase in tickets is due to a Cloudflare block, without having to escalate it every time. Review collected by and hosted on G2.com.

Othrax B.
OB
Othrax B.
Student
Computer Networking
Small-Business (50 or fewer emp.)
"Powerful Security and Faster Performance in One Intuitive Cloudflare Platform"
5/5
What do you like best about Cloudflare Application Security and Performance?

What I like best about Cloudflare Application Security and Performance is how it combines powerful security features with excellent website and application performance in a single platform. The dashboard is clean and intuitive, making it easy to configure WAF rules, DDoS protection, caching, SSL/TLS settings, and traffic analytics without requiring extensive manual management.

One of the most valuable benefits has been the performance improvements delivered through Cloudflare's global CDN and intelligent caching. Pages load faster for users across different regions, which has improved both user experience and application responsiveness. The real-time analytics and monitoring tools also provide clear visibility into traffic patterns, threats, and performance metrics, helping us identify issues quickly.

Cloudflare integrates seamlessly with our existing infrastructure and third-party services, making deployment straightforward. The onboarding process was smooth, and the documentation is comprehensive, allowing teams to get value from the platform quickly. Support resources and community documentation have also been helpful whenever advanced configurations were needed.

An unexpected benefit has been the AI-powered threat detection and automated security features that help identify and mitigate suspicious activity with minimal manual intervention. This automation reduces operational workload while strengthening overall security.

From a pricing and ROI perspective, Cloudflare delivers significant value by reducing infrastructure strain, improving application availability, and protecting against costly security incidents. Overall, it provides an excellent balance of security, performance, ease of use, and scalability for organizations of all sizes. Review collected by and hosted on G2.com.

What do you dislike about Cloudflare Application Security and Performance?

One downside of Cloudflare Application Security and Performance is that some advanced security and performance features are only available in higher-tier plans, which can become expensive for smaller organizations as their requirements grow. While the platform is powerful, certain configurations—such as custom WAF rules, bot management settings, and complex traffic-routing policies—can have a learning curve for new users.

Another challenge is that troubleshooting can sometimes be difficult because traffic passes through Cloudflare's network before reaching the origin server. When issues occur, it may take additional time to determine whether the root cause is related to Cloudflare settings, DNS configuration, caching behavior, or the application itself.

Although the dashboard is generally user-friendly, the large number of features and settings can occasionally feel overwhelming, especially for teams that are new to application security. In some cases, security rules may require fine-tuning to avoid false positives that could block legitimate traffic. However, these drawbacks are relatively minor compared to the overall security, performance, and reliability benefits the platform provides. Review collected by and hosted on G2.com.

CM
Chevas M.
IT Security Architect
Marketing and Advertising
Mid-Market (51-1000 emp.)
"Eight Years Later, Cloudflare Remains a Core Part of My Technology Stack"
5/5
What do you like best about Cloudflare Application Security and Performance?

Title: One of the Most Valuable Technology Platforms I Have Used in the Past Decade

I have been using Cloudflare for more than eight years across personal projects, small businesses, and enterprise environments. As a Security Architect, I rarely encounter products that consistently deliver on their promises over such a long period of time, but Cloudflare is one of those exceptions.

What initially attracted me to Cloudflare was the ability to improve website security and performance with minimal effort. Over time, it became a foundational part of my technology stack. Today, I rely on Cloudflare for DNS management, CDN services, SSL/TLS management, Web Application Firewall (WAF), DDoS protection, Cloudflare Tunnel, Zero Trust access controls, analytics, bot management, and AI crawler controls.

The biggest strength of the platform is its ability to provide enterprise-grade capabilities to organizations of every size. Features that previously required expensive hardware appliances, multiple vendors, and dedicated security staff are now available through a single platform. The fact that Cloudflare offers so much value through its free plan is remarkable. In my opinion, no business owner should operate a public-facing website without Cloudflare or a comparable service protecting it.

From a security perspective, Cloudflare has helped reduce attack surface, mitigate malicious traffic, protect administrative interfaces, and improve visibility into threats. The WAF, DDoS protection, and bot management features provide significant protection without requiring constant tuning. Cloudflare Tunnel and Zero Trust have been especially valuable by allowing secure access to applications without exposing infrastructure directly to the internet.

From a performance perspective, Cloudflare consistently improves page load times, caching efficiency, and overall website reliability. Even small websites can benefit from the global content delivery network and optimization features. The impact is noticeable both for website visitors and backend infrastructure.

The platform also integrates well with modern technology stacks. I have successfully used Cloudflare with WordPress, Microsoft 365, Azure, Google Workspace, various cloud platforms, and numerous business applications. Deployment is generally straightforward, and most organizations can realize value very quickly.

Another area where Cloudflare stands out is innovation. Over the years I have watched the platform expand from a CDN and security provider into a comprehensive application delivery, networking, security, and developer platform. Their continued investment in Zero Trust, AI-related controls, threat intelligence, and application security demonstrates a strong understanding of where technology is heading.

No product is perfect. Some advanced services have a learning curve, and the growing number of capabilities can occasionally make navigation more complex for new users. However, the benefits far outweigh these challenges, especially given the depth of functionality available.

Very few products earn my unconditional recommendation. Cloudflare is one of them. Whether you are protecting a personal website, managing a small business, or securing enterprise infrastructure, Cloudflare delivers exceptional value, strong security, excellent performance, and one of the best returns on investment available in technology today. Review collected by and hosted on G2.com.

What do you dislike about Cloudflare Application Security and Performance?

One of my biggest frustrations over the past year has been the pace of change within the user interface. Cloudflare continues to add impressive capabilities, but the navigation, menu structure, and feature locations have changed frequently. As someone who uses the platform regularly, I occasionally find myself searching for settings that were previously easy to locate.

The rapid expansion of services has also increased the complexity of the platform. While this reflects Cloudflare's growth and innovation, new users may find the number of available products and configuration options somewhat overwhelming at first.

For advanced features such as Zero Trust, WAF customization, application security, and developer services, there can be a learning curve. Improved consistency in navigation and greater stability in the interface would make it easier for long-time users and administrators to adapt to new functionality.

That said, these concerns are relatively minor compared to the overall value of the platform. Most of the changes have been introduced to support new capabilities, and Cloudflare continues to be one of the most innovative and valuable technology platforms I use. Review collected by and hosted on G2.com.

Cristian T.
CT
Cristian T.
Técnico de Operaciones
Mid-Market (51-1000 emp.)
"Solid security and smart performance in one step"
4/5
What do you like best about Cloudflare Application Security and Performance?

What I like the most is the security. I like that it processes everything in a single step on the server closest to the user, also its global-scale DDoS mitigation without any problem and its intelligent performance.

It allows me to manage DNS, SSL certificates, firewall rules, ... Review collected by and hosted on G2.com.

What do you dislike about Cloudflare Application Security and Performance?

What I like the least is the WAF and the false positives, as well as the gap between the features of the plans offered, since there is a big difference between choosing one or the other, the technical support is quite basic in the basic plans, and the loss of direct visibility. Review collected by and hosted on G2.com.

Pramoda  H.
PH
Pramoda H.
Full Stack Developer
Program Development
Small-Business (50 or fewer emp.)
"Strong Security and Performance Optimization with Cloudflare"
4.5/5
What do you like best about Cloudflare Application Security and Performance?

What I like most about Cloudflare Application Security and Performance is how it combines strong security and performance optimization in a single platform. It provides essential features such as DDoS protection, Web Application Firewall (WAF), and a global CDN, which together significantly improve both the security and responsiveness of my applications.

In my personal setup, I use Cloudflare in front of a VPS hosted on DigitalOcean. I configured Cloudflare DNS and proxy (orange cloud) to route traffic through Cloudflare’s network instead of exposing my server directly to the internet. This helps reduce direct attack exposure on the origin server.

Additionally, I experimented with Cloudflare WARP connectivity in my setup to secure traffic paths and improve routing stability for VPN-style access. This setup helps me manage traffic more safely while benefiting from Cloudflare’s edge network performance improvements. Review collected by and hosted on G2.com.

What do you dislike about Cloudflare Application Security and Performance?

One downside is that some advanced configurations, such as custom WAF rules, firewall tuning, and routing optimizations, require a good level of technical understanding. For users who are new to networking or security concepts, the learning curve can be challenging.

Also, certain advanced security and performance features are only available on higher-tier plans, which may limit flexibility for smaller projects or personal use cases. Review collected by and hosted on G2.com.

Liridon S.
LS
Liridon S.
Software Developer
Consulting
Mid-Market (51-1000 emp.)
"All-in-One Security and CDN with No Noticeable Latency"
4.5/5
What do you like best about Cloudflare Application Security and Performance?

What I like most is how much Cloudflare lets you do in one place without introducing noticeable latency. You point your DNS at Cloudflare and, all of a sudden, you’ve got DDoS protection, a WAF, bot management, and CDN caching working together, instead of having to stitch five different vendors into a single setup.

A concrete example is rate limiting: the rules are dead simple to create—something like “block an IP hitting /login more than 20 times a minute”—and you can see the impact in the analytics dashboard within minutes. There’s no waiting around for logs to slowly trickle in before you know whether it’s doing what you intended.

It’s also worth calling out that the free/cheap tier is genuinely useful rather than just a teaser. Basic DDoS protection and CDN are free, so even a small side project can get real protection without feeling like it’s just being funneled toward an enterprise pitch deck. Review collected by and hosted on G2.com.

What do you dislike about Cloudflare Application Security and Performance?

A few things stand out.

Over the years, the WAF rule language and dashboard have become more complex. There are now multiple overlapping products and rule layers (WAF, Rulesets, Bot Management, Page Rules vs. Rules) that can accomplish similar goals, and it isn’t always clear which one should “own” a given policy. New users will often create a rule in one place and then wonder why traffic still isn’t being blocked, only to find that a rule in another layer is overriding or interfering.

Debugging false positives is another pain point. When the WAF blocks a legitimate user (which can happen with aggressive managed rulesets), the error page is generic, and figuring out exactly which rule fired usually means digging through logs. Those logs also aren’t consistently available on lower-tier plans, since proper WAF event logging is often gated behind Enterprise pricing.

Pricing can also jump significantly between tiers. The free and Pro plans are great, but once you need advanced bot management, custom WAF rules at scale, or stronger support SLAs, the cost can rise sharply into enterprise territory. It ends up feeling like a steep cliff rather than a gradual scale-up. Review collected by and hosted on G2.com.

Tracy P.
TP
Tracy P.
volunteer
Small-Business (50 or fewer emp.)
"Cloudflare Delivers Trustworthy Security and Performance"
5/5
What do you like best about Cloudflare Application Security and Performance?

So I basically know that when I don't have the time to look up information on the website to b proven legit, if it is stamped with the cloudflare logo at the bottom or top of the website I totally trust it one hundred percent. Cloudflare has a wonderful security and performance program all in itself let alone a whole program of amazing features. Review collected by and hosted on G2.com.

What do you dislike about Cloudflare Application Security and Performance?

I have not found much on the cloud flare application security and performance that I don't like so far. Love it actually and think its wonderful along with sum of the extra features that come with it as well. Review collected by and hosted on G2.com.

Rinu L.
RL
Rinu L.
DevOps Engineer
Mid-Market (51-1000 emp.)
"Cloudflare Application Security and Performence: Reliable, Fast, and Secure Platform"
5/5
What do you like best about Cloudflare Application Security and Performance?

Strong DDoS protection and security features

Fast CDN improves website speed and performance

Easy DNS and SSL management

Helpful caching and traffic optimization tools

Simple and clean dashboard UI

WAF helps block malicious traffic and bots

Flexible pricing with useful free tier

Easy setup and quick domain onboarding

Smooth integration with CDN, DNL, SSL, and WAF services Review collected by and hosted on G2.com.

What do you dislike about Cloudflare Application Security and Performance?

Support response time depends on the plan.

Pricing can increase for advanced security features

Some settings are difficult to troubleshoot Review collected by and hosted on G2.com.

Simon T.
ST
Simon T.
operations manager
Small-Business (50 or fewer emp.)
"Convenient, Secure, and Easy to Setup"
5/5
What do you like best about Cloudflare Application Security and Performance?

I appreciate Cloudflare Application Security and Performance as a convenient all-in-one solution that integrates workers and domain control, making it easier for me by keeping everything in one place. The integration with Git is also a nice touch. I love the combination of speed and security it offers, with features like bot blocking and DDNS protection that simplify my life by ensuring my web apps are protected from attacks and can maintain reliable uptime. The initial setup was very easy, with every step being self-explanatory and supported by good information. Review collected by and hosted on G2.com.

What do you dislike about Cloudflare Application Security and Performance?

I occasionally struggle with navigation around the site. Review collected by and hosted on G2.com.