--- title: Use cases description: Find which Cloudflare solutions solve your use case, from building new web apps to protecting and accelerating your existing apps and systems. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/index.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Use cases Select a category below to find the Cloudflare solutions, features, and architecture patterns that apply to your use case. ## Build something new Deploy applications, APIs, and platforms on Cloudflare from the ground up. [Web sites or web apps](https://developers.cloudflare.com/use-cases/web-apps/) Build, deploy and secure full-stack applications globally with serverless compute and storage. [AI applications](https://developers.cloudflare.com/use-cases/ai/) Build and deploy AI-powered applications with inference, vector databases, and model gateways. [SaaS platforms](https://developers.cloudflare.com/use-cases/saas/) Build multi-tenant platforms with custom domains, isolated compute, and per-customer configuration. [APIs and microservices](https://developers.cloudflare.com/use-cases/apis/) Build, secure, and manage APIs with rate limiting, authentication, and observability. ## Secure and accelerate your applications Add Cloudflare to an existing application or infrastructure. [Protect your application](https://developers.cloudflare.com/use-cases/application-security/) Block attacks with application security, DDoS protection, and SSL/TLS encryption. [Accelerate content delivery](https://developers.cloudflare.com/use-cases/performance/) Speed up your applications with global caching, image optimization, and smart routing. [Implement company-wide security](https://developers.cloudflare.com/use-cases/company-security/) Protect employees, devices, and data with Zero Trust access, secure web gateway, and email security. [Deliver images or stream videos](https://developers.cloudflare.com/use-cases/media-streaming/) Deliver video, images, and rich media at scale with encoding, optimization, and global distribution. [Improve e-commerce security and performance](https://developers.cloudflare.com/use-cases/e-commerce/) Secure and accelerate online storefronts with caching, bot protection, and global delivery. --- ## More resources [Reference architectures](https://developers.cloudflare.com/reference-architecture/) Detailed diagrams and design patterns for enterprise deployments. [Learning paths](https://developers.cloudflare.com/learning-paths/) Structured, module-based guidance for specific workflows. [Tutorials](https://developers.cloudflare.com/tutorials/) Step-by-step guides to help you build with Cloudflare solutions. ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}}]} ``` --- --- title: Application security description: Protect web applications and APIs with Cloudflare Application security (WAF), DDoS protection, bot security, API Shield, and client-side security. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/application-security/index.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Application security Protect your website or application from attacks, bots, and abuse. Cloudflare's application security (also known as Web Application Firewall or WAF) blocks SQL injection, XSS, and OWASP Top 10 vulnerabilities. DDoS Protection mitigates volumetric and application-layer attacks automatically. Bot Security uses machine learning to score every request. API Shield validates API traffic against your OpenAPI specification. Client-side security monitors third-party scripts for malicious behavior. * [ Block application attacks ](https://developers.cloudflare.com/use-cases/application-security/block-attacks/) * [ Mitigate DDoS attacks ](https://developers.cloudflare.com/use-cases/application-security/ddos/) * [ Stop malicious bots ](https://developers.cloudflare.com/use-cases/application-security/bots/) * [ Protect against client-side threats ](https://developers.cloudflare.com/use-cases/application-security/client-side/) * [ Secure API endpoints ](https://developers.cloudflare.com/use-cases/application-security/api-endpoints/) ## Architecture patterns ### Web application security Protect a website or web application from common attacks: * **SSL/TLS** encrypts all traffic between visitors and Cloudflare * **Security rules** managed rulesets block SQL injection, XSS, and OWASP Top 10 vulnerabilities * **DDoS Protection** mitigates volumetric and application-layer attacks automatically * **Bot Security** scores every request and blocks automated threats ### API security Secure Application Programming Interface (API) endpoints with schema enforcement and authentication: * **API Shield** validates requests against your OpenAPI specification * **Rate Limiting** prevents abuse with per-endpoint request limits * **mTLS** authenticates known clients with mutual TLS certificates ### Client-side defense Protect visitors from threats that execute in the browser: * **Client-side security** monitors third-party scripts loading on your pages * **Turnstile** replaces CAPTCHAs on forms with a privacy-preserving challenge * **Content security rules** block requests from known malicious sources --- ## Prerequisites * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). * A domain [added to Cloudflare](https://developers.cloudflare.com/fundamentals/manage-domains/add-site/). All solutions in this use case require your domain's DNS records to be proxied through Cloudflare so that traffic passes through Cloudflare's network before reaching your origin. --- ## Related resources [Security best practices](https://developers.cloudflare.com/learning-paths/application-security/) Structured learning path for application security. [Security Analytics](https://developers.cloudflare.com/waf/analytics/) Analyze security events and fine-tune your configuration. [Security case studies](https://www.cloudflare.com/case-studies/) Explore how companies secure their applications with Cloudflare. ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/application-security/","name":"Application security"}}]} ``` --- --- title: Secure API endpoints description: Protect APIs with schema validation, rate limiting, and authentication. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/application-security/api-endpoints.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Secure API endpoints API endpoints are vulnerable to schema violations, abuse, and unauthorized access. Cloudflare API Shield validates requests against your OpenAPI specification, and mutual TLS (mTLS) authenticates known clients with certificates. ## Solutions ### API Shield Discover, secure, and monitor your APIs. [Learn more about API Shield](https://developers.cloudflare.com/api-shield/). * **API discovery** \- Automatically identify API endpoints in your traffic, including undocumented ones * **Schema validation** \- Reject requests that do not conform to your OpenAPI specification * **Sequence mitigation** \- Detect and block API abuse patterns such as out-of-order requests ### mTLS Mutual TLS client certificate authentication. [Learn more about mTLS](https://developers.cloudflare.com/ssl/client-certificates/). * **mTLS authentication** \- Require client certificates for machine-to-machine API access ## Get started 1. [API Shield get started](https://developers.cloudflare.com/api-shield/get-started/) 2. [Set up mTLS](https://developers.cloudflare.com/ssl/client-certificates/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/application-security/","name":"Application security"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/application-security/api-endpoints/","name":"Secure API endpoints"}}]} ``` --- --- title: Block application attacks description: Protect against SQL injection, XSS, and other OWASP Top 10 vulnerabilities. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/application-security/block-attacks.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Block application attacks Web applications face constant threats from SQL injection, Cross-Site Scripting (XSS), and other Open Web Application Security Project (OWASP) Top 10 vulnerabilities. Cloudflare WAF managed rulesets block these attacks automatically, and rate limiting prevents brute force abuse. ## Solutions ### Application security (WAF) Get automatic protection from vulnerabilities and create your own custom rules. [Learn more about WAF](https://developers.cloudflare.com/waf/). * **Managed rulesets** \- Pre-configured rules covering OWASP Top 10 and emerging threats, updated by Cloudflare * **Zero-day protection** \- Rules are updated as new vulnerabilities are discovered, with no action required from you * **Custom rules** \- Block or challenge requests based on any request attribute including headers, cookies, and IP reputation ### Rate limiting Limit request rates based on flexible matching criteria. [Learn more about rate limiting](https://developers.cloudflare.com/waf/rate-limiting-rules/). * **Rate limiting** \- Prevent brute force attacks and Application Programming Interface (API) abuse with flexible per-endpoint request limits ## Get started 1. [Deploy WAF managed rulesets](https://developers.cloudflare.com/waf/managed-rules/deploy-zone-dashboard/) 2. [Create custom rules](https://developers.cloudflare.com/waf/custom-rules/create-dashboard/) 3. [Configure rate limiting rules](https://developers.cloudflare.com/waf/rate-limiting-rules/create-zone-dashboard/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/application-security/","name":"Application security"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/application-security/block-attacks/","name":"Block application attacks"}}]} ``` --- --- title: Stop malicious bots description: Detect and block automated threats while allowing legitimate traffic. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/application-security/bots.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Stop malicious bots Malicious bots perform credential stuffing, content scraping, and inventory hoarding. Cloudflare Bot Security uses machine learning to score every request, blocking automated threats while allowing legitimate bots like search engine crawlers. ## Solutions ### Bot security Machine learning powered bot detection with granular control over bot traffic. [Learn more about bot security](https://developers.cloudflare.com/bots/). * **Bot scores** \- Every request receives an ML-derived bot score from 1 (bot) to 99 (human) * **Verified bots** \- Allow known good bots like search engine crawlers while blocking malicious ones ### Super Bot Fight Mode Basic bot protection included with Pro plans and above. [Learn more about Super Bot Fight Mode](https://developers.cloudflare.com/bots/get-started/super-bot-fight-mode/). * **Challenge pages** \- Present JavaScript (JS) or managed challenges to suspicious traffic on Pro plans and above ### Turnstile Privacy-preserving CAPTCHA alternative for forms and user interactions. [Learn more about Turnstile](https://developers.cloudflare.com/turnstile/). * **Form protection** \- Privacy-preserving CAPTCHA alternative that protects login, signup, and checkout forms without friction ## Get started 1. [Enable Bot Fight Mode](https://developers.cloudflare.com/bots/get-started/bot-fight-mode/) (Free plan) 2. [Configure Super Bot Fight Mode](https://developers.cloudflare.com/bots/get-started/super-bot-fight-mode/) (Pro plan and above) 3. [Add Turnstile to forms](https://developers.cloudflare.com/turnstile/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/application-security/","name":"Application security"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/application-security/bots/","name":"Stop malicious bots"}}]} ``` --- --- title: Protect against client-side threats description: Monitor and control third-party scripts running on your site. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/application-security/client-side.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Protect against client-side threats Third-party scripts on your site can be compromised to exfiltrate data or inject malicious code. Cloudflare's client-side security (previously known as Page Shield) monitors every JavaScript resource loading on your pages, detects suspicious behavior, and helps you manage Content Security Policies (CSPs). ## Solutions ### Client-side security Monitor and control third-party scripts and outbound connections on your pages. [Learn more about client-side security](https://developers.cloudflare.com/client-side-security/). * **Script monitoring** \- Track every JavaScript resource loading on your pages, including third-party scripts * **Malicious script detection** \- Receive alerts when scripts exhibit suspicious behavior such as data exfiltration patterns * **Connection monitoring** \- See which external endpoints scripts are sending data to * **CSP management** \- Generate and manage Content Security Policies (CSPs) based on observed script behavior ## Get started 1. [Enable Client-side security](https://developers.cloudflare.com/client-side-security/get-started/) 2. [Review detected scripts](https://developers.cloudflare.com/client-side-security/detection/monitor-connections-scripts/) 3. [Configure rules](https://developers.cloudflare.com/client-side-security/rules/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/application-security/","name":"Application security"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/application-security/client-side/","name":"Protect against client-side threats"}}]} ``` --- --- title: Mitigate DDoS attacks description: Mitigate DDoS attacks automatically with no caps on attack size, no manual intervention, and no extra cost. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/application-security/ddos.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Mitigate DDoS attacks Distributed Denial of Service (DDoS) attacks can take your application offline by flooding it with traffic. Cloudflare DDoS Protection mitigates these attacks automatically at the network edge, with no caps on attack size or duration and no manual intervention required. ## Solutions ### DDoS Protection Automatic mitigation of volumetric and application-layer DDoS attacks. [Learn more about DDoS Protection](https://developers.cloudflare.com/ddos-protection/). * **Always-on protection** \- Attacks are mitigated automatically with no manual intervention required * **Unlimited mitigation** \- No caps on attack size or duration * **Layer 3/4 protection** \- Block network-layer floods and amplification attacks at the network edge ## Get started 1. [DDoS protection overview](https://developers.cloudflare.com/ddos-protection/) 2. [Configure DDoS managed rulesets](https://developers.cloudflare.com/ddos-protection/managed-rulesets/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/application-security/","name":"Application security"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/application-security/ddos/","name":"Mitigate DDoS attacks"}}]} ``` --- --- title: Performance description: Accelerate websites and applications with Cloudflare CDN caching, image optimization, smart routing, load balancing, and web analytics. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/performance/index.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Performance Accelerate websites and applications with Cloudflare CDN (Content Delivery Network) caching, image optimization, smart routing, load balancing, and web analytics. * [ Cache content globally ](https://developers.cloudflare.com/use-cases/performance/caching/) * [ Optimize images ](https://developers.cloudflare.com/use-cases/performance/image-optimization/) * [ Accelerate connections ](https://developers.cloudflare.com/use-cases/performance/connections/) * [ Optimize web assets ](https://developers.cloudflare.com/use-cases/performance/web-assets/) * [ Balance traffic across origins ](https://developers.cloudflare.com/use-cases/performance/load-balancing/) * [ Monitor performance ](https://developers.cloudflare.com/use-cases/performance/monitoring/) ## Prerequisites * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). * A domain [added to Cloudflare](https://developers.cloudflare.com/fundamentals/manage-domains/add-site/) with DNS records proxied through Cloudflare's network. Caching, image optimization, speed optimizations, Argo Smart Routing, and Load Balancing all operate at the edge and require traffic to pass through Cloudflare. * Web Analytics can be added to any site without a proxied domain by [adding the JavaScript snippet](https://developers.cloudflare.com/web-analytics/get-started/) to your pages directly. --- ## Related resources [Performance best practices](https://developers.cloudflare.com/learning-paths/optimize-site-speed/) Structured learning path for site optimization. [Cache Analytics](https://developers.cloudflare.com/cache/performance-review/cache-analytics/) Analyze cache hit rates and optimize caching. [Performance case studies](https://www.cloudflare.com/case-studies/) Explore how companies accelerate their applications with Cloudflare. ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/performance/","name":"Performance"}}]} ``` --- --- title: Cache content globally description: Reduce origin load and latency by caching static and dynamic content at 300+ Cloudflare edge locations. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/performance/caching.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Cache content globally Every request that reaches your origin server adds latency and costs. Cloudflare Cache serves static and dynamic content globally, reducing round-trip times for visitors and offloading traffic from your origin. ## Solutions ### Cache Cache content at Cloudflare's global network of edge locations. [Learn more about Cache](https://developers.cloudflare.com/cache/). * **Global distribution** \- Content cached in 300+ edge locations so visitors are served from the location nearest to them * **Reduced latency** \- Cache hits are served directly from the edge, eliminating round-trips to your origin * **Customizable cache rules** \- Create rules that change how Cloudflare caches content, or transforms requests * **Origin offload** \- Regional cache tiers intercept repeated requests before they reach your origin server * **Persistent caching** \- Long-tail content that would normally expire is kept in durable storage, reducing origin fetches for infrequently accessed assets ## Get started 1. [Configure Cache Rules](https://developers.cloudflare.com/cache/how-to/cache-rules/) 2. [Enable Tiered Cache](https://developers.cloudflare.com/cache/how-to/tiered-cache/) 3. [Set up Cache Reserve](https://developers.cloudflare.com/cache/advanced-configuration/cache-reserve/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/performance/","name":"Performance"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/performance/caching/","name":"Cache content globally"}}]} ``` --- --- title: Accelerate connections description: Reduce latency with Argo Smart Routing, HTTP/3, and Early Hints asset preloading. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/performance/connections.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Accelerate connections Network congestion and suboptimal routing between your origin and visitors add latency. Cloudflare Argo Smart Routing uses real-time network telemetry to route requests through the fastest paths, while Early Hints preloads assets before the full HTML response arrives. ## Solutions ### Argo Smart Routing Route traffic through the fastest paths across Cloudflare's network. [Learn more about Argo Smart Routing](https://developers.cloudflare.com/argo-smart-routing/). * **Smart routing** \- Automatically route requests through uncongested network paths, reducing latency between edge and origin * **Optimized paths** \- Real-time network telemetry selects the fastest available route for each request ### Speed Improve the performance of your website or web application. [Learn more about Speed](https://developers.cloudflare.com/speed/). * **Faster handshakes** \- Assess the performance of your website and gain recommendations on how to optimize your website ### Early Hints Preload assets before the HTML response arrives. [Learn more about Early Hints](https://developers.cloudflare.com/speed/optimization/content/early-hints/). * **Asset preloading** \- Send `103 Early Hints` responses so browsers start fetching assets before the full HTML arrives ## Get started 1. [Enable Argo Smart Routing](https://developers.cloudflare.com/argo-smart-routing/get-started/) 2. [Enable HTTP/3](https://developers.cloudflare.com/speed/optimization/protocol/http3/) 3. [Enable Early Hints](https://developers.cloudflare.com/speed/optimization/content/early-hints/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/performance/","name":"Performance"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/performance/connections/","name":"Accelerate connections"}}]} ``` --- --- title: Optimize images description: Reduce page load times by compressing, resizing, and converting images to WebP and AVIF automatically. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/performance/image-optimization.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Optimize images Images are often the largest assets on a page and the biggest contributor to slow load times. Cloudflare Images resizes and converts images on-the-fly to modern formats like WebP and AVIF, while Polish compresses existing images without visible quality loss. ## Solutions ### Images Transform, optimize, and deliver images at scale. [Learn more about Images](https://developers.cloudflare.com/images/). * **Modern formats** \- Automatically serve WebP or AV1 Image File Format (AVIF) to supported browsers, falling back gracefully for others * **Responsive images** \- Resize and transform images on-the-fly via URL parameters without pre-generating variants ### Polish Automatic image compression without quality loss. [Learn more about Polish](https://developers.cloudflare.com/images/polish/). * **Automatic compression** \- Reduce image file sizes through lossless or lossy compression without visible quality loss ### Speed Improve page load performance with built-in optimizations. [Learn more about Speed](https://developers.cloudflare.com/speed/). * **Lazy loading** \- Defer loading of off-screen images to improve initial page load and Core Web Vitals ## Get started 1. [Images get started](https://developers.cloudflare.com/images/get-started/) 2. [Enable Polish](https://developers.cloudflare.com/images/polish/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/performance/","name":"Performance"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/performance/image-optimization/","name":"Optimize images"}}]} ``` --- --- title: Balance traffic across origins description: Distribute traffic across multiple servers for reliability and performance. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/performance/load-balancing.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Balance traffic across origins If a single origin server handles all your traffic, any failure or overload takes your application offline. Cloudflare's load balancing distributes traffic across multiple origins with health checks and automatic failover. ## Solutions ### Load balancing Distribute traffic across origins with health checks and failover. [Learn more about load balancing](https://developers.cloudflare.com/load-balancing/). * **Traffic distribution** \- Spread incoming load across multiple origin servers using weighted or latency-based policies * **Failover** \- Reroute traffic to healthy origins instantly when a server fails its health check * **Geographic steering** \- Route users to the nearest or best-performing origin based on latency or geography ### Health checks Monitor origin server health and availability. [Learn more about health checks](https://developers.cloudflare.com/health-checks/). * **Health monitoring** \- Continuously probe origins and automatically remove unhealthy servers from rotation ## Get started 1. [Create a load balancer](https://developers.cloudflare.com/load-balancing/get-started/) 2. [Configure health checks](https://developers.cloudflare.com/health-checks/get-started/) 3. [Set up steering policies](https://developers.cloudflare.com/load-balancing/understand-basics/traffic-steering/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/performance/","name":"Performance"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/performance/load-balancing/","name":"Balance traffic across origins"}}]} ``` --- --- title: Monitor performance description: Track real user metrics and identify performance issues. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/performance/monitoring.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Monitor performance Understanding how real visitors experience your site requires metrics from actual sessions, not synthetic tests. Cloudflare Web Analytics collects Core Web Vitals and performance data from 100% of page views without cookies or sampling. ## Solutions ### Web Analytics Privacy-first, cookie-free analytics for websites. [Learn more about Web Analytics](https://developers.cloudflare.com/web-analytics/). * **Real user metrics** \- Performance data collected from actual visitor sessions, not synthetic tests * **Core Web Vitals** \- Track Largest Contentful Paint (LCP), Interaction to Next Paint (INP), and Cumulative Layout Shift (CLS) scores across your real user base * **No sampling** \- 100% of page views are measured without cookies, consent banners, or data sampling ### Observatory Run performance tests and get optimization recommendations. [Learn more about Observatory](https://developers.cloudflare.com/speed/observatory/). * **Performance testing** \- Run on-demand speed tests and receive prioritized optimization recommendations ## Get started 1. [Enable Web Analytics](https://developers.cloudflare.com/web-analytics/get-started/) 2. [Run a speed test](https://developers.cloudflare.com/speed/observatory/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/performance/","name":"Performance"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/performance/monitoring/","name":"Monitor performance"}}]} ``` --- --- title: Optimize web assets description: Speed up page rendering by minifying HTML, CSS, and JavaScript and loading third-party scripts server-side. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/performance/web-assets.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Optimize web assets Unoptimized HTML, CSS, and JavaScript increase page weight and slow down rendering. Cloudflare Speed automatically minifies and compresses these assets, while Zaraz loads third-party analytics and marketing tags server-side to avoid blocking page rendering. ## Solutions ### Speed Improve the performance of your website or web application. [Learn more about Speed](https://developers.cloudflare.com/speed/). * **Minification** \- Remove whitespace and unnecessary characters from HTML, CSS, and JavaScript automatically * **Compression** \- Brotli and Gzip compression applied to all text-based assets at the edge * **Core Web Vitals** \- Improve Largest Contentful Paint (LCP), Interaction to Next Paint (INP), and Cumulative Layout Shift (CLS) scores by deferring non-critical scripts and optimizing asset delivery ### Zaraz Server-side loading of third-party tools to improve performance and privacy. [Learn more about Zaraz](https://developers.cloudflare.com/zaraz/). * **Third-party optimization** \- Load analytics, marketing tags, and other third-party tools through Cloudflare without blocking page rendering ## Get started 1. [Enable Speed optimizations](https://developers.cloudflare.com/speed/optimization/) 2. [Zaraz get started](https://developers.cloudflare.com/zaraz/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/performance/","name":"Performance"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/performance/web-assets/","name":"Optimize web assets"}}]} ``` --- --- title: Company security description: Secure employees, devices, and data with Cloudflare Zero Trust access, secure web gateway, email security, and data loss prevention. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/company-security/index.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Company security Protect employees, devices, and data with Zero Trust access, secure web gateway, and email security. Cloudflare Access and Tunnel replace VPNs with identity-verified, per-request access to internal applications. Gateway filters DNS and HTTP traffic to block threats. DLP prevents sensitive data from leaving your network. Email Security stops phishing, BEC, and malware. DMARC management prevents domain spoofing. * [ Access internal applications securely ](https://developers.cloudflare.com/use-cases/company-security/employee-access/) * [ Secure your company's Internet access ](https://developers.cloudflare.com/use-cases/company-security/internet-access/) * [ Stop email phishing attacks ](https://developers.cloudflare.com/use-cases/company-security/email-security/) * [ Prevent data loss ](https://developers.cloudflare.com/use-cases/company-security/data-loss-prevention/) * [ Ensure device endpoint security ](https://developers.cloudflare.com/use-cases/company-security/device-security/) ## Architecture patterns ### VPN replacement Replace traditional VPNs with Zero Trust access to internal applications: * **Cloudflare Tunnel** connects internal apps to Cloudflare without opening inbound firewall ports * **Access** verifies identity and device posture on every request * **Cloudflare One client** routes device traffic through Cloudflare's network ### Secure web gateway Filter and inspect Internet-bound traffic from employees: * **Gateway** applies DNS and HTTP filtering policies to block threats and enforce acceptable use * **Browser Isolation** executes risky web content in a remote browser * **DLP** inspects outbound traffic for sensitive data patterns ### Email threat protection Stop phishing, malware, and spoofing before they reach the inbox: * **Email Security** scans inbound messages for phishing, Business Email Compromise (BEC), and malicious attachments * **DMARC management** enforces email authentication and prevents domain spoofing --- ## Prerequisites * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). * A [Cloudflare One organization](https://developers.cloudflare.com/cloudflare-one/setup/) created in the Cloudflare dashboard. Access, Gateway (Secure Web Gateway), Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Browser Isolation, and Device Posture all operate within Cloudflare One. --- ## Related resources [Cloudflare One documentation](https://developers.cloudflare.com/cloudflare-one/) Complete documentation for Zero Trust and Secure Access Service Edge (SASE). [Email Security documentation](https://developers.cloudflare.com/email-security/) Complete documentation for email threat protection. [Zero Trust case studies](https://www.cloudflare.com/case-studies/?product=Zero+Trust) Explore how enterprises implement Zero Trust with Cloudflare. ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/company-security/","name":"Company security"}}]} ``` --- --- title: Prevent data loss description: Protect sensitive data from exfiltration with DLP and CASB. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/company-security/data-loss-prevention.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Prevent data loss Sensitive data — Personally Identifiable Information (PII), payment card numbers, health records — can leave your network through employee uploads, SaaS misconfigurations, or compromised applications. Cloudflare One detects sensitive data patterns in traffic and blocks exfiltration in real time. ## Solutions ### Cloudflare One Secure your organization with a cloud security platform that replaces legacy perimeters with Cloudflare's global network. [Learn more about Cloudflare One](https://developers.cloudflare.com/cloudflare-one/). * **Data detection** \- Identify sensitive data patterns — Personally Identifiable Information (PII), Payment Card Industry (PCI), Protected Health Information (PHI), and custom patterns — in traffic flowing through Gateway * **Inline protection** \- Block uploads or transfers of sensitive data in real time before they leave the network * **SaaS visibility** \- Discover which SaaS applications employees are using, including unsanctioned shadow IT * **Posture management** \- Identify misconfigurations and overly permissive sharing settings across connected SaaS apps ## Get started 1. [Configure DLP policies](https://developers.cloudflare.com/cloudflare-one/data-loss-prevention/) 2. [Set up CASB integrations](https://developers.cloudflare.com/cloudflare-one/cloud-and-saas-findings/) 3. [Create Gateway HTTP policies for DLP](https://developers.cloudflare.com/cloudflare-one/traffic-policies/http-policies/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/company-security/","name":"Company security"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/company-security/data-loss-prevention/","name":"Prevent data loss"}}]} ``` --- --- title: Ensure device endpoint security description: Verify device posture before granting access. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/company-security/device-security.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Ensure device endpoint security Granting access to corporate applications without verifying device health creates risk. Cloudflare One checks OS version, disk encryption, and antivirus status before allowing a device to connect, and integrates with CrowdStrike, SentinelOne, and other Endpoint Detection and Response (EDR) tools. ## Solutions ### Cloudflare One Secure your organization with a cloud security platform that replaces legacy perimeters with Cloudflare's global network. [Learn more about Cloudflare One](https://developers.cloudflare.com/cloudflare-one/). * **Posture checks** \- Verify OS version, disk encryption status, and antivirus presence before granting access * **Endpoint integration** \- Pull real-time device health signals from CrowdStrike, SentinelOne, and other Endpoint Detection and Response (EDR) tools * **Conditional access** \- Gate application access on device posture results, so only healthy devices can connect ### Cloudflare One client Device agent that routes traffic through Cloudflare's network. [Learn more about Cloudflare One client](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/). * **Always-on protection** \- Route device traffic through Cloudflare One at all times, enforcing Gateway policies regardless of network ## Get started 1. [Deploy the Cloudflare One client](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/) 2. [Configure device posture checks](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/) 3. [Add posture checks to Access policies](https://developers.cloudflare.com/cloudflare-one/access-controls/policies/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/company-security/","name":"Company security"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/company-security/device-security/","name":"Ensure device endpoint security"}}]} ``` --- --- title: Stop email phishing attacks description: Protect your organization from email-based threats with advanced email security. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/company-security/email-security.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Stop email phishing attacks Email is the most common vector for phishing, Business Email Compromise (BEC), and malware delivery. Cloudflare Email Security scans inbound messages to block these threats before they reach the inbox, and DMARC management prevents domain spoofing. ## Solutions ### Email security Detect and block email-based threats including phishing, BEC, and malware. [Learn more about Email security](https://developers.cloudflare.com/email-security/). * **Phishing protection** \- Block sophisticated phishing attacks including credential harvesting and impersonation * **BEC prevention** \- Detect Business Email Compromise (BEC) attempts using behavioral analysis * **Malware scanning** \- Inspect attachments and links to stop malware before it reaches the inbox ### DMARC management Prevent email spoofing and improve deliverability. [Learn more about DMARC management](https://developers.cloudflare.com/dmarc-management/). * **Brand protection** \- Prevent domain spoofing by enforcing Domain-based Message Authentication, Reporting and Conformance (DMARC) policy and monitoring email sources ## Get started 1. [Deploy Email security](https://developers.cloudflare.com/email-security/deployment/) 2. [Set up DMARC management](https://developers.cloudflare.com/dmarc-management/enable/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/company-security/","name":"Company security"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/company-security/email-security/","name":"Stop email phishing attacks"}}]} ``` --- --- title: Access internal applications securely description: Implement Zero Trust access to internal applications without the complexity of VPNs. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/company-security/employee-access.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Access internal applications securely Traditional VPNs grant broad network access, create bottlenecks, and are difficult to scale. Cloudflare replaces VPNs with Zero Trust access — verifying identity and device posture on every request — using Cloudflare Tunnel, Access, and the Cloudflare One client. ## Solutions ### Cloudflare One Secure your organization with a cloud security platform that replaces legacy perimeters with Cloudflare's global network. [Learn more about Cloudflare One](https://developers.cloudflare.com/cloudflare-one/). * **Zero Trust access** \- Verify identity and device posture on every request before granting access to internal applications * **Granular policies** \- Control access by user, group, device posture, and location with per-application rules ### Cloudflare Tunnel Connect infrastructure to Cloudflare without opening inbound firewall ports. [Learn more about Cloudflare Tunnel](https://developers.cloudflare.com/cloudflare-one/networks/connectors/cloudflare-tunnel/). * **No network exposure** \- Internal apps remain private; Tunnel creates an outbound-only connection with no inbound firewall changes ### Cloudflare One client Securely route traffic through Cloudflare's network. [Learn more about Cloudflare One client](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/). * **Better performance** \- Lower latency than traditional VPN architectures, as traffic routes through Cloudflare's global network rather than backhauling to a central data center ## Get started ### Access internal applications securely * [Secure a private web app](https://developers.cloudflare.com/cloudflare-one/setup/secure-private-apps/private-web-app/) * [Set up clientless SSH](https://developers.cloudflare.com/cloudflare-one/setup/secure-private-apps/clientless-ssh/) * [Set up in-browser RDP](https://developers.cloudflare.com/cloudflare-one/setup/secure-private-apps/in-browser-rdp/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/company-security/","name":"Company security"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/company-security/employee-access/","name":"Access internal applications securely"}}]} ``` --- --- title: Secure your company's Internet access description: Protect users from threats on the Internet with Gateway DNS and HTTP filtering. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/company-security/internet-access.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Secure your company's Internet access Employees browsing the Internet encounter malware, phishing, and data exfiltration risks. Cloudflare Gateway filters DNS and HTTP traffic to block threats and enforce acceptable use policies, while browser isolation executes risky content in a remote browser. ## Solutions ### Gateway Secure web gateway with DNS, HTTP, and network filtering. [Learn more about Gateway](https://developers.cloudflare.com/cloudflare-one/traffic-policies/). * **Threat protection** \- Block malware, phishing, and command-and-control domains at the DNS and HTTP layers * **Content filtering** \- Enforce acceptable use policies by blocking categories of domains across the organization * **Data protection** \- Inspect HTTP traffic and prevent sensitive data from being uploaded to unauthorized destinations ### Cloudflare One Secure your organization with a cloud security platform that replaces legacy perimeters with Cloudflare's global network. [Learn more about Cloudflare One](https://developers.cloudflare.com/cloudflare-one/). * **Browser isolation** \- Execute risky web content in a remote browser, keeping malware away from user devices ## Get started 1. [Set up Gateway DNS filtering](https://developers.cloudflare.com/cloudflare-one/traffic-policies/dns-policies/) 2. [Configure HTTP inspection](https://developers.cloudflare.com/cloudflare-one/traffic-policies/http-policies/) 3. [Deploy Browser Isolation](https://developers.cloudflare.com/cloudflare-one/remote-browser-isolation/setup/) ### Secure your company's Internet access * [Device to network](https://developers.cloudflare.com/cloudflare-one/setup/replace-vpn/device-to-network/) * [Device to device](https://developers.cloudflare.com/cloudflare-one/setup/replace-vpn/device-to-device/) * [Network to network](https://developers.cloudflare.com/cloudflare-one/setup/replace-vpn/network-to-network/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/company-security/","name":"Company security"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/company-security/internet-access/","name":"Secure your company's Internet access"}}]} ``` --- --- title: Web sites and web apps description: Build and deploy full-stack web applications on Cloudflare with Workers, D1, KV, R2, Durable Objects, and Queues. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/web-apps/index.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Web sites and web apps Build and deploy full-stack web applications globally with serverless compute, storage, and instant deployments. Cloudflare Workers runs your frontend and backend logic at the edge. D1 provides a serverless SQL database. KV stores key-value data globally. R2 provides S3-compatible object storage with zero egress fees. Durable Objects coordinates real-time state. Queues handles background processing. * [ Deploy frontend applications ](https://developers.cloudflare.com/use-cases/web-apps/deploy-frontend/) * [ Build serverless backends ](https://developers.cloudflare.com/use-cases/web-apps/serverless-backends/) * [ Store application data ](https://developers.cloudflare.com/use-cases/web-apps/store-data/) * [ Add real-time features ](https://developers.cloudflare.com/use-cases/web-apps/real-time/) * [ Optimize performance ](https://developers.cloudflare.com/use-cases/web-apps/performance/) * [ Secure your application ](https://developers.cloudflare.com/use-cases/web-apps/security/) ## Architecture patterns ### Full-stack application Build a complete application with frontend and backend: * **Workers** serves your frontend assets (React, Vue, Astro, and similar frameworks) and handles Application Programming Interface (API) routes * **D1** stores application data * **R2** stores user uploads and assets ### Real-time collaborative app Build multiplayer or collaborative features: * **Durable Objects** coordinates state and WebSocket connections * **Workers** handles HTTP requests and routing * **KV** caches frequently accessed data * **Queues** processes background tasks ### Static site with dynamic features Add interactivity to static content: * **Workers** serves static HTML/CSS/JavaScript (JS) and handles form submissions and API calls * **KV** stores form data and user preferences * **R2** stores uploaded files --- ## Prerequisites ### Create a new application * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). * [Node.js ↗](https://nodejs.org/) (version 16.17.0 or later) installed on your machine. * [Wrangler](https://developers.cloudflare.com/workers/wrangler/install-and-update/) installed. Wrangler is the CLI for creating, testing, and deploying Workers projects. ### Use an existing application * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). * A domain [added to Cloudflare](https://developers.cloudflare.com/fundamentals/manage-domains/add-site/) with DNS records proxied through Cloudflare. This is required for security features (SSL/TLS, Application security), caching, and performance optimizations. * [Node.js ↗](https://nodejs.org/) (version 16.17.0 or later) and [Wrangler](https://developers.cloudflare.com/workers/wrangler/install-and-update/) if you plan to add Workers-based functionality to your existing application. --- ## Related resources [Workers documentation](https://developers.cloudflare.com/workers/) Complete documentation for building and deploying applications on Cloudflare. [Developer platform tutorials](https://developers.cloudflare.com/workers/tutorials/) Step-by-step guides for building on Cloudflare. ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/web-apps/","name":"Web sites and web apps"}}]} ``` --- --- title: Deploy frontend applications description: Deploy React, Vue, Astro, and other frontend frameworks globally with Git-triggered builds and preview URLs. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/web-apps/deploy-frontend.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Deploy frontend applications Deploying a frontend application with React, Vue, Astro, or any other framework requires a platform that handles builds, previews, and global distribution. Cloudflare Workers deploys your frontend to 300+ edge locations with automatic builds triggered on push to GitHub or GitLab. ## Solutions ### Workers Build and deploy serverless applications on Cloudflare's global network. [Learn more about Workers](https://developers.cloudflare.com/workers/). * **Git integration** \- Automatic deployments triggered on push to GitHub or GitLab * **Preview deployments** \- Every pull request gets a unique URL for review before merging * **Global distribution** \- Static assets and server-side logic served from 300+ edge locations * **Full-stack support** \- Serve frontend assets and handle Application Programming Interface (API) routes from a single deployment ## Get started 1. [Workers get started](https://developers.cloudflare.com/workers/get-started/) 2. [Configure custom domains](https://developers.cloudflare.com/workers/configuration/routing/custom-domains/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/web-apps/","name":"Web sites and web apps"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/web-apps/deploy-frontend/","name":"Deploy frontend applications"}}]} ``` --- --- title: Optimize performance description: Accelerate your application with caching, smart routing, and edge optimization. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/web-apps/performance.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Optimize performance Slow page loads increase bounce rates and reduce conversions. Cloudflare accelerates your application with edge caching, Argo Smart Routing to avoid congested network paths, and automatic asset optimization that improves Core Web Vitals scores. ## Solutions ### Cache Cache content at Cloudflare's global network of edge locations. [Learn more about Cache](https://developers.cloudflare.com/cache/). * **Edge caching** \- Serve responses from the nearest Cloudflare location to reduce latency and origin load ### Argo Smart Routing Route traffic through the fastest paths across Cloudflare's network. [Learn more about Argo Smart Routing](https://developers.cloudflare.com/argo-smart-routing/). * **Smart routing** \- Automatically avoid congested network paths between edge and origin ### Speed Automatic optimizations for HTML, CSS, JavaScript, and fonts. [Learn more about Speed](https://developers.cloudflare.com/speed/). * **Asset optimization** \- Automatic minification of HTML, CSS, and JavaScript plus Brotli compression * **Core Web Vitals** \- Improve Largest Contentful Paint (LCP), Interaction to Next Paint (INP), and Cumulative Layout Shift (CLS) scores with built-in optimizations ### Workers Build and deploy serverless applications on Cloudflare's global network. [Learn more about Workers](https://developers.cloudflare.com/workers/). * **Edge logic** \- Run custom performance optimizations at the edge, such as HTML rewriting and dynamic content assembly, without round-trips to your origin ## Get started 1. [Configure Cache Rules](https://developers.cloudflare.com/cache/how-to/cache-rules/) 2. [Enable Argo Smart Routing](https://developers.cloudflare.com/argo-smart-routing/get-started/) 3. [Enable Speed optimizations](https://developers.cloudflare.com/speed/optimization/) 4. [Rewrite HTML at the edge with HTMLRewriter](https://developers.cloudflare.com/workers/runtime-apis/html-rewriter/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/web-apps/","name":"Web sites and web apps"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/web-apps/performance/","name":"Optimize performance"}}]} ``` --- --- title: Add real-time features description: Build interactive applications with WebSockets, real-time collaboration, and live updates. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/web-apps/real-time.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Add real-time features Real-time features, such as live chat, collaborative editing, and multiplayer interactions, require persistent connections and strongly consistent state. Cloudflare Durable Objects maintain WebSocket connections and coordinate shared state, while Queues handle background event processing. ## Solutions ### Durable Objects Stateful objects with strongly consistent storage and coordination. [Learn more about Durable Objects](https://developers.cloudflare.com/durable-objects/). * **WebSocket support** \- Maintain persistent connections and broadcast messages across clients in real time * **Collaborative editing** \- Build multiplayer and co-editing experiences with strongly consistent shared state * **Strong consistency** \- Coordinate state across many concurrent connections with transactional guarantees ### Queues Reliable message queuing and background processing for Workers. [Learn more about Queues](https://developers.cloudflare.com/queues/). * **Event processing** \- Handle webhooks and background jobs reliably without blocking the main request path ## Get started 1. [Durable Objects get started](https://developers.cloudflare.com/durable-objects/get-started/) 2. [WebSocket connections with Durable Objects](https://developers.cloudflare.com/durable-objects/examples/websocket-hibernation-server/) 3. [Queues get started](https://developers.cloudflare.com/queues/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/web-apps/","name":"Web sites and web apps"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/web-apps/real-time/","name":"Add real-time features"}}]} ``` --- --- title: Secure your application description: Protect your web application from attacks, bots, and abuse. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/web-apps/security.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Secure your application Web applications face threats at every layer: unencrypted traffic, injection attacks, DDoS floods, credential stuffing bots, and malicious third-party scripts. Cloudflare provides defense in depth from automatic SSL/TLS encryption through application security, DDoS protection, bot scoring, and client-side script monitoring. ## Solutions ### SSL/TLS Encrypt all traffic with free, automatic SSL certificates. [Learn more about SSL/TLS](https://developers.cloudflare.com/ssl/). * **Automatic HTTPS** \- Free Universal SSL certificates provisioned and renewed automatically ### Application security Get automatic protection from vulnerabilities and create your own custom rules. [Learn more about Application security](https://developers.cloudflare.com/waf/). * **Attack protection** \- Application security's managed rulesets block SQL injection, Cross-Site Scripting (XSS), and Open Web Application Security Project (OWASP) Top 10 vulnerabilities ### DDoS protection Automatic mitigation of volumetric and application-layer DDoS attacks. [Learn more about DDoS protection](https://developers.cloudflare.com/ddos-protection/). * **DDoS mitigation** \- Always-on layer 3/4 and layer 7 Distributed Denial of Service (DDoS) protection included at no extra cost ### Bot security Machine learning powered bot detection with granular control over bot traffic. [Learn more about Bot security](https://developers.cloudflare.com/bots/). * **Bot defense** \- Stop credential stuffing and content scraping with ML-powered bot scoring ### Turnstile Privacy-preserving CAPTCHA alternative for forms and user interactions. [Learn more about Turnstile](https://developers.cloudflare.com/turnstile/). * **Form protection** \- Privacy-preserving CAPTCHA alternative for login and signup forms ### Client-side security Monitor and control third-party scripts and outbound connections on your pages. [Learn more about Client-side security](https://developers.cloudflare.com/client-side-security/). * **Script security** \- Detect and block malicious third-party JavaScript injections ## Get started 1. [Enable SSL/TLS](https://developers.cloudflare.com/ssl/get-started/) 2. [Configure Application Security managed rules](https://developers.cloudflare.com/waf/managed-rules/deploy-zone-dashboard/) 3. [Add Turnstile to forms](https://developers.cloudflare.com/turnstile/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/web-apps/","name":"Web sites and web apps"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/web-apps/security/","name":"Secure your application"}}]} ``` --- --- title: Build serverless backends description: Deploy backend code globally with automatic scaling, fast startup times, and scheduled tasks. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/web-apps/serverless-backends.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Build serverless backends Running backend code on traditional servers requires provisioning capacity, managing scaling, and accepting cold starts. Cloudflare Workers runs your server-side code at the edge with fast startup, automatic scaling, and global distribution across 300+ locations. ## Solutions ### Workers Build and deploy serverless applications on Cloudflare's global network. [Learn more about Workers](https://developers.cloudflare.com/workers/). * **Global deployment** \- Code runs at the Cloudflare location nearest to each user automatically * **Fast startup** \- V8 isolates start in milliseconds with no warm-up period, avoiding the cold start delays of container-based platforms * **Auto-scaling** \- Handle traffic spikes without provisioning or configuration ### Cron Triggers Schedule Workers to run on a recurring basis. [Learn more about Cron Triggers](https://developers.cloudflare.com/workers/configuration/cron-triggers/). * **Scheduled tasks** \- Run Workers on a fixed schedule for background jobs and periodic tasks ### Queues Reliable message queuing and background processing for Workers. [Learn more about Queues](https://developers.cloudflare.com/queues/). * **Async processing** \- Reliably process background jobs and webhooks without blocking request handling ## Get started 1. [Workers get started](https://developers.cloudflare.com/workers/get-started/) 2. [Configure Cron Triggers](https://developers.cloudflare.com/workers/configuration/cron-triggers/) 3. [Queues get started](https://developers.cloudflare.com/queues/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/web-apps/","name":"Web sites and web apps"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/web-apps/serverless-backends/","name":"Build serverless backends"}}]} ``` --- --- title: Store application data description: Persist data with serverless databases, key-value storage, and object storage. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/web-apps/store-data.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Store application data Web applications need different storage types for different workloads — relational data, key-value lookups, file uploads, and real-time state. Cloudflare provides serverless storage options including D1 (SQL), KV (key-value), R2 (object storage), and Durable Objects (strongly consistent state). ## Solutions ### D1 Serverless SQL database built on SQLite, with global read replication. [Learn more about D1](https://developers.cloudflare.com/d1/). * **SQL database** \- Full Structured Query Language (SQL) with global read replication built on SQLite ### KV Globally distributed key-value storage for low-latency reads. [Learn more about KV](https://developers.cloudflare.com/kv/). * **Key-value storage** \- Fast globally-distributed reads for configuration, sessions, and cached data ### R2 S3-compatible object storage with zero egress fees. [Learn more about R2](https://developers.cloudflare.com/r2/). * **Object storage** \- Store user-uploaded files and assets with no egress fees ### Durable Objects Stateful objects with strongly consistent storage and coordination. [Learn more about Durable Objects](https://developers.cloudflare.com/durable-objects/). * **Real-time state** \- Strongly consistent coordination for collaborative features and live data ## Get started 1. [D1 get started](https://developers.cloudflare.com/d1/get-started/) 2. [KV get started](https://developers.cloudflare.com/kv/get-started/) 3. [R2 get started](https://developers.cloudflare.com/r2/get-started/) 4. [Durable Objects get started](https://developers.cloudflare.com/durable-objects/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/web-apps/","name":"Web sites and web apps"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/web-apps/store-data/","name":"Store application data"}}]} ``` --- --- title: APIs and microservices description: Build, protect, and monitor APIs with Cloudflare Workers, API Shield, rate limiting, mTLS, and Logpush. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/apis/index.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # APIs and microservices Build, secure, and manage Application Programming Interfaces (APIs) with rate limiting, authentication, and observability. Cloudflare Workers deploys API handlers globally with automatic scaling. API Shield validates requests against your OpenAPI specification. Rate Limiting prevents abuse. mTLS authenticates machine-to-machine communication. Cloudflare Tunnel and Access secure internal microservices. Logpush and Workers Analytics Engine provide monitoring. * [ Deploy APIs at the edge ](https://developers.cloudflare.com/use-cases/apis/deploy-apis/) * [ Protect your APIs ](https://developers.cloudflare.com/use-cases/apis/protect-apis/) * [ Connect your internal network services ](https://developers.cloudflare.com/use-cases/apis/internal-services/) * [ Monitor your APIs ](https://developers.cloudflare.com/use-cases/apis/monitor-apis/) ## Architecture patterns ### Secure API gateway Protect your APIs with defense in depth: * **API Shield** validates requests against your OpenAPI schema * **Security rules** managed rulesets block SQL injection, XSS, and OWASP Top 10 vulnerabilities * **Rate Limiting** prevents abuse and Distributed Denial of Service (DDoS) attacks * **mTLS** (mutual TLS) authenticates known clients with certificates ### Edge-native APIs Build APIs that run entirely on Cloudflare: * **Workers** handles request routing and business logic * **D1** or **KV** stores application data * **Queues** handles async processing and webhooks ### Microservices mesh Connect and secure internal services: * **Cloudflare Tunnel** exposes services without public IPs * **Access** enforces identity-based policies between services * **Workers** acts as an API gateway for external consumers --- ## Prerequisites ### Create a new application * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). * [Node.js ↗](https://nodejs.org/) (version 16.17.0 or later) installed on your machine. * [Wrangler](https://developers.cloudflare.com/workers/wrangler/install-and-update/) installed. ### Use an existing application * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). * A domain [added to Cloudflare](https://developers.cloudflare.com/fundamentals/manage-domains/add-site/) with DNS records proxied through Cloudflare. This is required for API Shield, rate limiting, and application security. * For securing internal services with Cloudflare Tunnel and Access: a [Cloudflare One organization](https://developers.cloudflare.com/cloudflare-one/setup/) created in the Cloudflare dashboard. --- ## Related resources [API Shield documentation](https://developers.cloudflare.com/api-shield/) Complete documentation for API discovery, schema validation, and security. [Workers examples](https://developers.cloudflare.com/workers/examples/) Code examples for building APIs with Workers. ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/apis/","name":"APIs and microservices"}}]} ``` --- --- title: Deploy APIs at the edge description: Deploy globally distributed APIs that scale automatically with no servers to manage. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/apis/deploy-apis.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Deploy APIs at the edge Deploying APIs on traditional infrastructure means managing servers, configuring regions, and provisioning for traffic spikes. Cloudflare Workers runs your API handlers in 300+ locations worldwide with automatic scaling and fast startup times. ## Solutions ### Workers Build and deploy serverless applications on Cloudflare's global network. [Learn more about Workers](https://developers.cloudflare.com/workers/). * **Global deployment** \- API handlers run in 300+ Cloudflare locations worldwide with no regional configuration * **Auto-scaling** \- Handle traffic spikes without provisioning servers or setting capacity limits ### Queues Reliable message queuing and background processing for Workers. [Learn more about Queues](https://developers.cloudflare.com/queues/). * **Async processing** \- Offload webhook delivery and background jobs without blocking the API response ### D1 and Durable Objects Serverless SQL database built on SQLite, with global read replication ([learn more about D1](https://developers.cloudflare.com/d1/)). Stateful objects with strongly consistent storage and coordination ([learn more about Durable Objects](https://developers.cloudflare.com/durable-objects/)). * **Integrated storage** \- Structured Query Language (SQL) database and strongly consistent state storage available as Worker bindings ## Get started 1. [Workers get started](https://developers.cloudflare.com/workers/get-started/) 2. [D1 get started](https://developers.cloudflare.com/d1/get-started/) 3. [Queues get started](https://developers.cloudflare.com/queues/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/apis/","name":"APIs and microservices"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/apis/deploy-apis/","name":"Deploy APIs at the edge"}}]} ``` --- --- title: Connect your internal network services description: Expose internal APIs and microservices securely without opening inbound firewall ports. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/apis/internal-services.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Connect your internal network services Internal services and microservices often need to communicate without exposing endpoints to the public Internet. Cloudflare Tunnel creates outbound-only connections with no inbound firewall rules, while Access enforces Zero Trust policies for every request between services. ## Solutions ### Cloudflare Tunnel Connect infrastructure to Cloudflare without opening inbound firewall ports. [Learn more about Cloudflare Tunnel](https://developers.cloudflare.com/cloudflare-one/networks/connectors/cloudflare-tunnel/). * **No public exposure** \- Internal Application Programming Interfaces (APIs) remain private; Tunnel establishes an outbound-only connection with no inbound firewall rules needed ### Access Zero Trust access control for applications and infrastructure. [Learn more about Access](https://developers.cloudflare.com/cloudflare-one/access-controls/policies/). * **Zero Trust policies** \- Verify identity and enforce per-service policies for every request between services * **Centralized policy management** \- Manage access rules for all internal services from a single control plane ### Service Tokens Non-interactive credentials for machine-to-machine authentication. [Learn more about Service Tokens](https://developers.cloudflare.com/cloudflare-one/access-controls/service-credentials/service-tokens/). * **Service-to-service auth** \- Authenticate internal services with non-interactive credentials managed in Cloudflare One ## Get started 1. [Create a Cloudflare Tunnel](https://developers.cloudflare.com/cloudflare-one/networks/connectors/cloudflare-tunnel/get-started/) 2. [Cloudflare Access get started](https://developers.cloudflare.com/cloudflare-one/access-controls/policies/) 3. [Create service tokens](https://developers.cloudflare.com/cloudflare-one/access-controls/service-credentials/service-tokens/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/apis/","name":"APIs and microservices"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/apis/internal-services/","name":"Connect your internal network services"}}]} ``` --- --- title: Monitor your APIs description: Monitor API traffic, discover undocumented endpoints, and track custom business metrics. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/apis/monitor-apis.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Monitor your APIs Understanding how your APIs are used — request volume, latency, error rates, and undocumented endpoints — is essential for reliability and security. Cloudflare API Shield Analytics discovers endpoints from observed traffic, Logpush streams logs to your analytics platform, and Workers Analytics Engine tracks custom business metrics. ## Solutions ### API Shield Analytics Discover endpoints and monitor API traffic patterns. [Learn more about API Shield Analytics](https://developers.cloudflare.com/api-shield/security/api-discovery/). * **API discovery** \- Automatically find undocumented endpoints from observed traffic * **Traffic analysis** \- Understand request volume, latency, and usage patterns per endpoint ### Logpush Stream logs from Cloudflare products to external destinations. [Learn more about Logpush](https://developers.cloudflare.com/logs/). * **Log export** \- Stream detailed API request logs to your Security Information and Event Management (SIEM) system, data warehouse, or analytics platform ### Workers Analytics Engine Store and query time-series analytics data from Workers. [Learn more about Workers Analytics Engine](https://developers.cloudflare.com/analytics/analytics-engine/). * **Custom metrics** \- Track business-specific Key Performance Indicators (KPIs) such as per-customer usage and error rates ## Get started 1. [API Shield get started](https://developers.cloudflare.com/api-shield/get-started/) 2. [Configure Logpush](https://developers.cloudflare.com/logs/logpush/) 3. [Workers Analytics Engine get started](https://developers.cloudflare.com/analytics/analytics-engine/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/apis/","name":"APIs and microservices"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/apis/monitor-apis/","name":"Monitor your APIs"}}]} ``` --- --- title: Protect your APIs description: Secure APIs against abuse and injection attacks with schema validation, rate limiting, mTLS, and WAF rules. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/apis/protect-apis.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Protect your APIs APIs are exposed to abuse, injection attacks, and unauthorized access. Cloudflare provides defense in depth with API Shield schema validation, per-endpoint rate limiting, mutual TLS (mTLS) client authentication, and security rules. ## Solutions ### API Shield Discover, secure, and monitor your APIs. [Learn more about API Shield](https://developers.cloudflare.com/api-shield/). * **Schema validation** \- Reject requests that do not conform to your OpenAPI specification before they reach your origin ### Rate Limiting Limit request rates based on flexible matching criteria. [Learn more about Rate Limiting](https://developers.cloudflare.com/waf/rate-limiting-rules/). * **Rate limiting** \- Prevent abuse and volumetric attacks with per-IP or per-API-key request limits ### mTLS Mutual TLS client certificate authentication. [Learn more about mTLS](https://developers.cloudflare.com/ssl/client-certificates/). * **Client authentication** \- Require mutual TLS certificates for machine-to-machine communication ### Application Security Get automatic protection from vulnerabilities and create your own custom rules. [Learn more about Application Security](https://developers.cloudflare.com/waf/). * **Attack protection** \- Application security's managed rulesets block SQL injection, Cross-Site Scripting (XSS), and other injection attacks ### Access Zero Trust access control for applications and infrastructure. [Learn more about Access](https://developers.cloudflare.com/cloudflare-one/access-controls/policies/). * **Identity providers** \- Integrate with Okta, Azure AD, Google Workspace, and other identity providers (IdPs) to gate API access * **Service tokens** \- Issue long-lived credentials for machine-to-machine authentication between services ### Workers Build and deploy serverless applications on Cloudflare's global network. [Learn more about Workers](https://developers.cloudflare.com/workers/). * **JWT validation** \- Verify and decode JSON Web Tokens (JWTs) at the edge before requests reach your backend * **Custom auth logic** \- Build any authentication scheme — API keys, Hash-based Message Authentication Code (HMAC) signatures, custom headers — directly at the edge ## Get started 1. [API Shield get started](https://developers.cloudflare.com/api-shield/get-started/) 2. [Configure rate limiting rules](https://developers.cloudflare.com/waf/rate-limiting-rules/) 3. [Set up mTLS authentication](https://developers.cloudflare.com/ssl/client-certificates/) 4. [Configure applications with Cloudflare Access](https://developers.cloudflare.com/cloudflare-one/access-controls/applications/http-apps/) 5. [Service tokens](https://developers.cloudflare.com/cloudflare-one/access-controls/service-credentials/service-tokens/) 6. [Workers get started](https://developers.cloudflare.com/workers/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/apis/","name":"APIs and microservices"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/apis/protect-apis/","name":"Protect your APIs"}}]} ``` --- --- title: SaaS platforms description: Build multi-tenant SaaS platforms with Cloudflare SSL for SaaS, Workers for Platforms, and per-tenant storage. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/saas/index.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # SaaS platforms Build multi-tenant platforms with custom domains, isolated compute, and per-customer configuration. Cloudflare SSL for SaaS provisions and renews SSL certificates for every customer hostname. Workers for Platforms runs customer code in isolated V8 environments. D1, KV, and R2 provide per-tenant data storage. Workers Analytics Engine and Logpush track usage for billing and compliance. * [ Customer domains with SSL for SaaS ](https://developers.cloudflare.com/use-cases/saas/custom-domains/) * [ Enable customer code deployment ](https://developers.cloudflare.com/use-cases/saas/code-deployment/) * [ Store and isolate customer data ](https://developers.cloudflare.com/use-cases/saas/data-isolation/) * [ Protect your platform ](https://developers.cloudflare.com/use-cases/saas/protect-platform/) * [ Observe customer usage and billing ](https://developers.cloudflare.com/use-cases/saas/usage-analytics/) ## Architecture patterns ### Custom domains with SSL Allow customers to use their own domains with automatic certificate management: * **SSL for SaaS** provisions and renews certificates for every custom hostname * **Cloudflare for Platforms** routes customer domains to your platform with per-tenant configuration ### Multi-tenant compute Let customers deploy their own code on your platform: * **Workers for Platforms** runs customer code in isolated V8 environments * **Dispatch namespaces** route requests to the correct tenant Worker based on hostname or path * **SSL for SaaS** handles custom domains for each tenant ### Full multi-tenant platform Combine custom domains, tenant compute, and isolated storage: * **SSL for SaaS** manages customer hostnames and certificates * **Workers for Platforms** runs per-tenant application logic * **D1** or **KV** stores per-tenant data with database-level or key-prefix isolation * **R2** stores per-tenant files and assets --- ## Prerequisites ### Create a new application * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). * A domain [added to Cloudflare](https://developers.cloudflare.com/fundamentals/manage-domains/add-site/) for your platform (for example, `yourplatform.com`). SSL for SaaS uses this as the provider domain against which customer custom hostnames are issued. Refer to [Enable Cloudflare for SaaS](https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/start/enable/). * A [Workers Paid plan](https://developers.cloudflare.com/workers/platform/pricing/) for Workers for Platforms. Dispatch namespaces, which route requests to customer-specific Workers, are not available on the free tier. * [Node.js ↗](https://nodejs.org/) (version 16.17.0 or later) and [Wrangler](https://developers.cloudflare.com/workers/wrangler/install-and-update/) installed. ### Use an existing application * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). * A domain [added to Cloudflare](https://developers.cloudflare.com/fundamentals/manage-domains/add-site/) for your platform. This is your domain, not your customers' domains. SSL for SaaS issues customer custom hostnames against this provider domain. Refer to [Enable Cloudflare for SaaS](https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/start/enable/). * [Node.js ↗](https://nodejs.org/) (version 16.17.0 or later) and [Wrangler](https://developers.cloudflare.com/workers/wrangler/install-and-update/) if you plan to add Workers for Platforms or manage bindings programmatically. --- ## Related resources [SSL for SaaS documentation](https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/) Complete documentation for managing custom hostnames and certificates. [Workers for Platforms](https://developers.cloudflare.com/cloudflare-for-platforms/workers-for-platforms/) Let customers deploy their own code on your platform. [SaaS case studies](https://www.cloudflare.com/case-studies/) Explore how SaaS companies build on Cloudflare. ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/saas/","name":"SaaS platforms"}}]} ``` --- --- title: Enable customer code deployment description: Let your customers deploy their own code on your platform with isolated execution environments. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/saas/code-deployment.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Enable customer code deployment SaaS platforms often need to let customers run their own code — custom logic, integrations, webhooks — without compromising tenant isolation or platform stability. Cloudflare Workers for Platforms runs each customer's code in a separate V8 isolate with dispatch routing based on hostname, path, or header. ## Solutions ### Workers for Platforms Deploy isolated Workers execution environments for your customers. [Learn more about Workers for Platforms](https://developers.cloudflare.com/cloudflare-for-platforms/workers-for-platforms/). * **Tenant isolation** \- Each customer's code runs in a separate V8 isolate with no shared memory between tenants * **Custom logic** \- Customers can deploy their own Workers to extend or customize your platform's behavior * **Dispatch routing** \- Route incoming requests to the correct customer Worker based on hostname, path, or header * **Observability** \- Tail Workers capture logs and errors across all tenant code from a single integration ## Get started 1. [Workers for Platforms get started](https://developers.cloudflare.com/cloudflare-for-platforms/workers-for-platforms/get-started/) 2. [Configure Dispatch Namespaces](https://developers.cloudflare.com/cloudflare-for-platforms/workers-for-platforms/configuration/dynamic-dispatch/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/saas/","name":"SaaS platforms"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/saas/code-deployment/","name":"Enable customer code deployment"}}]} ``` --- --- title: Customer domains with SSL for SaaS description: Allow your customers to use their own domains with your platform, complete with automatic SSL certificates. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/saas/custom-domains.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Customer domains with SSL for SaaS SaaS customers expect to use their own domains (for example, `app.theirdomain.com`) instead of a subdomain on your platform. Cloudflare SSL for SaaS provisions and renews SSL certificates automatically for every custom hostname, with no manual steps or customer action required. ## Solutions ### Cloudflare for Platforms Extend Cloudflare's network and services to your customers. [Learn more about Cloudflare for Platforms](https://developers.cloudflare.com/cloudflare-for-platforms/). * **Custom domains** \- Customers bring their own domains and have them route to your platform with per-tenant configuration ### SSL for SaaS Provision and manage SSL certificates for custom customer domains. [Learn more about SSL for SaaS](https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/). * **Automatic SSL** \- Certificates provisioned and renewed automatically for every customer domain with no manual steps * **No customer action required** \- Cloudflare can complete domain validation without requiring action from the customer * **Scale** \- Support thousands of custom hostnames per domain without additional per-hostname infrastructure ## Get started 1. [SSL for SaaS get started](https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/start/getting-started/) 2. [Create custom hostnames](https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/domain-support/create-custom-hostnames/) 3. [Validate certificates](https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/issue-and-validate/validate-certificates/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/saas/","name":"SaaS platforms"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/saas/custom-domains/","name":"Customer domains with SSL for SaaS"}}]} ``` --- --- title: Store and isolate customer data description: Isolate customer data in a multi-tenant SaaS platform using per-tenant databases, object storage, and key-value stores. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/saas/data-isolation.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Store and isolate customer data Multi-tenant platforms need to store customer data with appropriate isolation — per-tenant databases, separate object storage, or row-level separation. Cloudflare provides serverless storage options that support tenant isolation at the database, bucket, or key-prefix level. ## Solutions ### D1 Serverless SQL database built on SQLite, with global read replication. [Learn more about D1](https://developers.cloudflare.com/d1/). * **Database per tenant** \- Create isolated D1 databases per customer for complete data separation, or use row-level isolation in a shared database ### R2 S3-compatible object storage with zero egress fees. [Learn more about R2](https://developers.cloudflare.com/r2/). * **Object storage** \- Store customer files and assets per tenant using prefix or bucket-level isolation, with no egress fees ### Durable Objects Stateful objects with strongly consistent storage and coordination. [Learn more about Durable Objects](https://developers.cloudflare.com/durable-objects/). * **Real-time coordination** \- Manage stateful workflows and provide strong consistency for multi-tenant operations ### KV Globally distributed key-value storage for low-latency reads. [Learn more about KV](https://developers.cloudflare.com/kv/). * **Edge configuration** \- Store per-tenant settings, feature flags, and session data at the edge for low-latency reads ## Get started 1. [D1 get started](https://developers.cloudflare.com/d1/get-started/) 2. [R2 get started](https://developers.cloudflare.com/r2/get-started/) 3. [Durable Objects get started](https://developers.cloudflare.com/durable-objects/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/saas/","name":"SaaS platforms"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/saas/data-isolation/","name":"Store and isolate customer data"}}]} ``` --- --- title: Protect your platform description: Secure your SaaS platform and your customers' data. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/saas/protect-platform.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Protect your platform SaaS platforms are high-value targets because a single breach can expose data across all tenants. Cloudflare's managed rulesets protect your platform and customer endpoints, rate limiting prevents any single tenant from degrading service for others, and Cloudflare One gates admin tools behind Zero Trust policies. ## Solutions ### Application security Get automatic protection from vulnerabilities and create your own custom rules. [Learn more about Application security](https://developers.cloudflare.com/waf/). * **Platform protection** \- Application security's managed rulesets block common attacks against your platform and your customers' endpoints * **API protection** \- Secure platform Application Programming Interfaces (APIs) with security rules and per-API-key rate limits ### Rate limiting Limit request rates based on flexible matching criteria. [Learn more about Rate limiting](https://developers.cloudflare.com/waf/rate-limiting-rules/). * **Per-tenant limits** \- Apply rate limits per customer identifier to prevent one tenant from degrading service for others ### Cloudflare One Secure your organization with a cloud security platform that replaces legacy perimeters with Cloudflare's global network. [Learn more about Cloudflare One](https://developers.cloudflare.com/cloudflare-one/). * **Admin security** \- Gate internal dashboards and admin tools behind Zero Trust identity policies ## Get started 1. [Deploy application security managed rulesets](https://developers.cloudflare.com/waf/managed-rules/deploy-zone-dashboard/) 2. [Configure rate limiting rules](https://developers.cloudflare.com/waf/rate-limiting-rules/) 3. [Cloudflare Access get started](https://developers.cloudflare.com/cloudflare-one/access-controls/policies/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/saas/","name":"SaaS platforms"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/saas/protect-platform/","name":"Protect your platform"}}]} ``` --- --- title: Observe customer usage and billing description: Track usage across tenants for billing, optimization, and insights. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/saas/usage-analytics.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Observe customer usage and billing Usage-based billing and per-tenant performance monitoring require detailed analytics broken down by customer. Cloudflare Workers Analytics Engine tracks request counts, latency, and bytes per tenant ID, while Logpush exports detailed logs for compliance and audit trails. ## Solutions ### Workers Analytics Engine Store and query time-series analytics data from Workers. [Learn more about Workers Analytics Engine](https://developers.cloudflare.com/analytics/analytics-engine/). * **Per-tenant metrics** \- Track request counts, latency, and bytes transferred broken down by tenant ID * **Billing data** \- Query usage data per customer to power usage-based billing calculations * **Performance insights** \- Identify which tenants are generating the most load or experiencing the most errors ### Logpush Stream logs from Cloudflare products to external destinations. [Learn more about Logpush](https://developers.cloudflare.com/logs/). * **Compliance logging** \- Export detailed logs to your Security Information and Event Management (SIEM) system or data warehouse for audit trails and enterprise compliance ## Get started 1. [Workers Analytics Engine get started](https://developers.cloudflare.com/analytics/analytics-engine/get-started/) 2. [Configure Logpush](https://developers.cloudflare.com/logs/logpush/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/saas/","name":"SaaS platforms"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/saas/usage-analytics/","name":"Observe customer usage and billing"}}]} ``` --- --- title: AI applications description: Build AI applications on Cloudflare with Workers AI inference, AI Gateway, Vectorize, and serverless storage. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/ai/index.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # AI applications Build and deploy AI applications on Cloudflare's global network with inference at the edge, vector databases, and model gateways. Workers AI runs Large Language Models (LLMs), text embeddings, image generation, and other models with pay-per-use pricing. AI Gateway proxies requests to OpenAI, Anthropic, and other providers with caching and unified analytics. Vectorize stores embeddings for Retrieval Augmented Generation (RAG) workflows. AI applications can present unique infrastructure challenges, such as unpredictable inference costs, latency-sensitive user experiences, and the need to work with multiple model providers. Cloudflare provides a complete platform for building AI applications that are fast, cost-effective, and globally distributed. * [ Build and run AI applications ](https://developers.cloudflare.com/use-cases/ai/build-and-run/) * [ Store and retrieve context ](https://developers.cloudflare.com/use-cases/ai/store-and-retrieve-context/) * [ Control costs and improve quality ](https://developers.cloudflare.com/use-cases/ai/control-costs/) ## Architecture patterns ### Retrieval Augmented Generation (RAG) Combine vector search with Large Language Model (LLM) inference to ground responses in your own data: * **Vectorize** stores embeddings of your knowledge base * **Workers** receives user queries and searches for relevant context * **Workers AI** or **AI Gateway** generates responses using retrieved context ### Multi-provider AI gateway Use AI Gateway to route requests across providers while maintaining a single interface: * **AI Gateway** proxies requests to OpenAI, Anthropic, or Workers AI * Built-in caching reduces costs for repeated queries * Unified logging and analytics across all providers ### Real-time AI features Deploy low-latency AI features directly at the edge: * **Workers** handles requests at the nearest Cloudflare location and runs inference via the Workers AI binding — no round-trips to origin servers * **KV** caches frequent responses to reduce inference calls and latency * **D1** stores session state and conversation history alongside the inference logic --- ## Prerequisites ### Create a new application * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). * [Node.js ↗](https://nodejs.org/) (version 16.17.0 or later) installed on your machine. * [Wrangler](https://developers.cloudflare.com/workers/wrangler/install-and-update/) installed. Wrangler is the command-line interface (CLI) for deploying Workers and managing bindings. ### Use an existing application * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). * [AI Gateway](https://developers.cloudflare.com/ai-gateway/) does not require a domain added to Cloudflare. You can place it in front of any existing AI provider (OpenAI, Anthropic, and others) by updating your API endpoint to route through AI Gateway. * If you plan to add Workers AI inference or Vectorize to an existing application, you also need [Node.js ↗](https://nodejs.org/) (version 16.17.0 or later) and [Wrangler](https://developers.cloudflare.com/workers/wrangler/install-and-update/) installed. --- ## Related resources [Workers AI models](https://developers.cloudflare.com/workers-ai/models/) Browse available models for text generation, embeddings, image generation, and more. [AI Gateway providers](https://developers.cloudflare.com/ai-gateway/usage/providers/) Connect to OpenAI, Anthropic, Google AI, and other providers through AI Gateway. ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/ai/","name":"AI applications"}}]} ``` --- --- title: Build and run AI applications description: Build AI applications with serverless compute, edge inference, multi-provider gateways, and stateful coordination. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/ai/build-and-run.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Build and run AI applications To build and deploy an AI application, you need compute for application logic, a way to run inference, and a gateway to manage costs across providers. Cloudflare Workers hosts your application logic and serves your frontend. Workers AI runs inference at the edge with pay-per-use pricing. AI Gateway adds caching, rate limiting, and observability across OpenAI, Anthropic, and other providers. Durable Objects coordinate stateful workflows and multi-turn conversations. ## Solutions ### Workers Build and deploy serverless applications on Cloudflare's global network. [Learn more about Workers](https://developers.cloudflare.com/workers/). * **Streaming responses** \- Stream AI responses token-by-token as they generate, without buffering the full reply * **Full-stack deployment** \- Serve frontend and backend from a single deployment without managing separate infrastructure ### Workers AI Run inference on Cloudflare's global network via a Workers binding, with pay-per-use pricing. [Learn more about Workers AI](https://developers.cloudflare.com/workers-ai/). * **Global inference** \- Run models at the Cloudflare location nearest to the user, reducing round-trip latency * **Pay-per-use pricing** \- No GPU reservations or idle costs; pay only for tokens processed ### AI Gateway Proxy requests to any AI provider with caching, rate limiting, and unified analytics. [Learn more about AI Gateway](https://developers.cloudflare.com/ai-gateway/). * **Provider flexibility** \- Route requests to OpenAI, Anthropic, Workers AI, or any other provider through a single endpoint * **Unified observability** \- Track request volume, latency, costs, and errors across all providers in one place ### Durable Objects Stateful objects with strongly consistent storage and coordination. [Learn more about Durable Objects](https://developers.cloudflare.com/durable-objects/). * **Stateful workflows** \- Coordinate multi-step AI pipelines and maintain conversation state across requests ## Get started 1. [Workers AI get started](https://developers.cloudflare.com/workers-ai/get-started/) 2. [AI Gateway get started](https://developers.cloudflare.com/ai-gateway/get-started/) 3. [Durable Objects get started](https://developers.cloudflare.com/durable-objects/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/ai/","name":"AI applications"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/ai/build-and-run/","name":"Build and run AI applications"}}]} ``` --- --- title: Control costs and improve quality description: Reduce AI inference costs and improve reliability with response caching, rate limiting, and unified provider analytics. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/ai/control-costs.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Control costs and improve quality AI inference costs can grow unpredictably as your application scales, especially when using multiple providers. Cloudflare AI Gateway caches identical queries to avoid redundant inference calls, applies rate limits per user or API key, and provides unified analytics across all providers. ## Solutions ### AI Gateway Cache responses, rate limit requests, and monitor usage across providers. [Learn more about AI Gateway](https://developers.cloudflare.com/ai-gateway/). * **Response caching** \- Cache identical queries so repeated prompts do not trigger a new inference call * **Rate limiting** \- Set request limits per user or Application Programming Interface (API) key to prevent abuse and control spending * **Unified analytics** \- Track usage, latency, and cost across all AI providers from one dashboard ### Workers Analytics Engine Store and query time-series analytics data from Workers. [Learn more about Workers Analytics Engine](https://developers.cloudflare.com/analytics/analytics-engine/). * **Custom metrics** \- Build AI-specific dashboards tracking tokens, latency distributions, and error rates ## Get started 1. [AI Gateway get started](https://developers.cloudflare.com/ai-gateway/get-started/) 2. [Configure caching](https://developers.cloudflare.com/ai-gateway/features/caching/) 3. [Workers Analytics Engine get started](https://developers.cloudflare.com/analytics/analytics-engine/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/ai/","name":"AI applications"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/ai/control-costs/","name":"Control costs and improve quality"}}]} ``` --- --- title: Store and retrieve context description: Store vector embeddings, conversation history, and application state for AI applications using serverless databases and object storage. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/ai/store-and-retrieve-context.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Store and retrieve context AI applications need specialized storage for vector embeddings, conversation history, training data, and cached responses. Cloudflare Vectorize stores and queries embeddings for Retrieval Augmented Generation (RAG), D1 provides SQL storage for structured data, R2 stores documents and assets, and KV caches frequent responses at the edge. ## Solutions ### Vectorize Vector database for storing and querying embeddings. [Learn more about Vectorize](https://developers.cloudflare.com/vectorize/). * **Vector search** \- Store embeddings and find semantically similar content for Retrieval Augmented Generation (RAG) and recommendation features ### D1 Serverless SQL database built on SQLite, with global read replication. [Learn more about D1](https://developers.cloudflare.com/d1/). * **Structured storage** \- Structured Query Language (SQL) database for conversation history, user data, and application metadata ### R2 S3-compatible object storage with zero egress fees. [Learn more about R2](https://developers.cloudflare.com/r2/). * **Object storage** \- Store documents, training data, and generated assets with no egress fees ### KV Globally distributed key-value storage for low-latency reads. [Learn more about KV](https://developers.cloudflare.com/kv/). * **Edge caching** \- Cache frequent AI responses at the edge to reduce inference costs and latency ## Get started 1. [Vectorize get started](https://developers.cloudflare.com/vectorize/get-started/) 2. [D1 get started](https://developers.cloudflare.com/d1/get-started/) 3. [R2 get started](https://developers.cloudflare.com/r2/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/ai/","name":"AI applications"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/ai/store-and-retrieve-context/","name":"Store and retrieve context"}}]} ``` --- --- title: Media and streaming description: Deliver video, images, and media at scale with Cloudflare Stream, Images, R2, and global caching. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/media-streaming/index.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Media and streaming Deliver video, images, and rich media at scale with encoding, optimization, and global distribution. Cloudflare Stream handles video upload, encoding, and adaptive bitrate delivery. Images transforms and optimizes images on-the-fly. R2 stores media files with zero egress fees. Cache serves content from 300+ edge locations. Hotlink Protection and signed URLs secure media from unauthorized access. * [ Upload, encode, and deliver videos ](https://developers.cloudflare.com/use-cases/media-streaming/video-delivery/) * [ Optimize and transform images for the web ](https://developers.cloudflare.com/use-cases/media-streaming/image-optimization/) * [ Store media at scale ](https://developers.cloudflare.com/use-cases/media-streaming/store-media/) * [ Cache and accelerate media delivery ](https://developers.cloudflare.com/use-cases/media-streaming/cache-delivery/) * [ Secure your content ](https://developers.cloudflare.com/use-cases/media-streaming/secure-content/) ## Architecture patterns ### Video platform Build a complete video hosting and delivery solution: * **Stream** handles upload, encoding, and adaptive bitrate delivery * **Stream Live** enables live streaming with automatic recording * **Signed URLs** protect content with token authentication ### Image optimization pipeline Serve optimized images without pre-generating variants: 1. **R2** stores original high-resolution images 2. **Images** transforms images on-the-fly based on URL parameters 3. **Workers** applies custom logic for format selection and caching ### User-generated content Handle media uploads from users at scale: 1. **R2** receives uploads directly via presigned URLs 2. **Workers** validates and processes uploaded content 3. **Stream** or **Images** optimizes media for delivery --- ## Prerequisites ### Create a new application * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). Stream and R2 are account-level offerings. You do not need a domain added to Cloudflare to upload, encode, or store media. * For Image Transformations: enable the feature per domain from the [Transformations page ↗](https://dash.cloudflare.com/?to=/:account/images/transformations) in the dashboard. Refer to [Image Transformations](https://developers.cloudflare.com/images/transform-images/). ### Use an existing application * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). * A domain [added to Cloudflare](https://developers.cloudflare.com/fundamentals/manage-domains/add-site/) with DNS records proxied through Cloudflare. This is required for CDN caching, image optimization (Polish), and cache rules. * For Image Transformations on an existing domain: enable the feature from the [Transformations page ↗](https://dash.cloudflare.com/?to=/:account/images/transformations) in the dashboard. Refer to [Image Transformations](https://developers.cloudflare.com/images/transform-images/). --- ## Related resources [Stream documentation](https://developers.cloudflare.com/stream/) Complete documentation for video upload, encoding, and delivery. [Images documentation](https://developers.cloudflare.com/images/) Complete documentation for image optimization and transformation. [Media case studies](https://www.cloudflare.com/case-studies/?industry=Media%20%26%20Entertainment) Explore how media companies use Cloudflare. ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/media-streaming/","name":"Media and streaming"}}]} ``` --- --- title: Cache and accelerate media delivery description: Deliver media content from edge locations worldwide. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/media-streaming/cache-delivery.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Cache and accelerate media delivery Streaming video and serving images to a global audience requires low-latency delivery from locations close to each viewer. Cloudflare Cache serves media globally, and Argo Smart Routing ensures cache misses take the fastest path back to your origin. ## Solutions ### Cache Cache content at Cloudflare's global network of edge locations. [Learn more about Cache](https://developers.cloudflare.com/cache/). * **Global edge caching** \- Media content served from 300+ edge locations to reduce latency for global audiences * **Origin offload** \- Cached content is served directly from the edge, reducing origin bandwidth and compute costs * **Tiered caching** \- Regional cache tiers absorb repeated requests before they reach the origin, further reducing load ### Argo Smart Routing Route traffic through the fastest paths across Cloudflare's network. [Learn more about Argo Smart Routing](https://developers.cloudflare.com/argo-smart-routing/). * **Smart routing** \- Requests that miss cache are routed through the fastest available network paths to origin ## Get started 1. [Configure Cache Rules](https://developers.cloudflare.com/cache/how-to/cache-rules/) 2. [Enable Tiered Cache](https://developers.cloudflare.com/cache/how-to/tiered-cache/) 3. [Enable Argo Smart Routing](https://developers.cloudflare.com/argo-smart-routing/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/media-streaming/","name":"Media and streaming"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/media-streaming/cache-delivery/","name":"Cache and accelerate media delivery"}}]} ``` --- --- title: Optimize and transform images for the web description: Resize, crop, and convert images to WebP and AVIF on-the-fly with Cloudflare Images and Polish. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/media-streaming/image-optimization.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Optimize and transform images for the web Serving images at multiple sizes and formats traditionally requires pre-generating variants for every resolution and device. Cloudflare Images transforms images on-the-fly via URL parameters — resizing, cropping, and converting to WebP or AVIF — while Polish compresses originals without visible quality loss. ## Solutions ### Images Transform, optimize, and deliver images at scale. [Learn more about Images](https://developers.cloudflare.com/images/). * **On-the-fly transformation** \- Resize, crop, and convert images by adding URL parameters — no pre-generated variants needed * **Modern formats** \- Automatically serve WebP or AV1 Image File Format (AVIF) to supported browsers, falling back to JPEG/PNG for others * **Responsive images** \- Generate size variants on demand for different screen sizes and pixel densities ### Polish Automatic image compression without quality loss. [Learn more about Polish](https://developers.cloudflare.com/images/polish/). * **Compression** \- Reduce image file sizes through lossless or lossy compression without visible quality loss ## Get started 1. [Images get started](https://developers.cloudflare.com/images/get-started/) 2. [Enable Polish](https://developers.cloudflare.com/images/polish/) 3. [Transform images via URL](https://developers.cloudflare.com/images/transform-images/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/media-streaming/","name":"Media and streaming"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/media-streaming/image-optimization/","name":"Optimize and transform images for the web"}}]} ``` --- --- title: Secure your content description: Protect media from unauthorized access and hotlinking. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/media-streaming/secure-content.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Secure your content Media assets are vulnerable to hotlinking, unauthorized downloads, and piracy. Cloudflare Hotlink Protection blocks other sites from embedding your media, Stream signed URLs provide time-limited access tokens, and Access gates premium content behind identity policies. ## Solutions ### Hotlink Protection Block unauthorized embedding of resources from external sites. [Learn more about Hotlink Protection](https://developers.cloudflare.com/waf/tools/scrape-shield/hotlink-protection/). * **Hotlink protection** \- Block other sites from embedding or hot-linking your images and video without permission ### Stream Live streaming with automatic recording and instant playback. [Learn more about Stream Live](https://developers.cloudflare.com/stream/stream-live/). * **Token authentication** \- Issue time-limited access tokens so only authorized viewers can access protected media ### Access Zero Trust access control for applications and infrastructure. [Learn more about Access](https://developers.cloudflare.com/cloudflare-one/access-controls/policies/). * **Identity-based access** \- Gate premium or subscriber-only content behind Cloudflare Access identity policies ## Get started 1. [Enable Hotlink Protection](https://developers.cloudflare.com/waf/tools/scrape-shield/hotlink-protection/) 2. [Secure Stream videos with signed URLs](https://developers.cloudflare.com/stream/viewing-videos/securing-your-stream/) 3. [Cloudflare Access get started](https://developers.cloudflare.com/cloudflare-one/access-controls/policies/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/media-streaming/","name":"Media and streaming"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/media-streaming/secure-content/","name":"Secure your content"}}]} ``` --- --- title: Store media at scale description: Store media files with zero egress fees using R2. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/media-streaming/store-media.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Store media at scale Media files are large, and egress fees from traditional cloud storage can be significant at scale. Cloudflare R2 provides S3-compatible object storage with zero egress fees, and Workers lets you build custom processing pipelines for validation, transformation, and routing. ## Solutions ### R2 S3-compatible object storage with zero egress fees. [Learn more about R2](https://developers.cloudflare.com/r2/). * **Zero egress fees** \- No charges for data transferred out, regardless of volume * **S3 compatibility** \- Use any S3-compatible tool, SDK, or library without code changes * **Direct uploads** \- Issue presigned URLs so clients upload directly to R2 without routing through your servers ### Workers Build and deploy serverless applications on Cloudflare's global network. [Learn more about Workers](https://developers.cloudflare.com/workers/). * **Custom processing pipelines** \- Build media transformation, validation, and routing logic that runs at the edge ## Get started 1. [R2 get started](https://developers.cloudflare.com/r2/get-started/) 2. [Generate presigned URLs](https://developers.cloudflare.com/r2/api/s3/presigned-urls/) 3. [Workers get started](https://developers.cloudflare.com/workers/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/media-streaming/","name":"Media and streaming"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/media-streaming/store-media/","name":"Store media at scale"}}]} ``` --- --- title: Upload, encode, and deliver videos description: Build a complete video hosting and delivery solution with Cloudflare Stream. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/media-streaming/video-delivery.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Upload, encode, and deliver videos Building a video platform requires upload handling, encoding to multiple resolutions, adaptive bitrate delivery, and global distribution. Cloudflare Stream handles all of this — upload, transcode, store, and deliver — with no video infrastructure to manage. ## Solutions ### Stream Upload, encode, store, and deliver video with adaptive bitrate streaming. [Learn more about Stream](https://developers.cloudflare.com/stream/). * **Automatic encoding** \- Videos transcoded to multiple resolutions and formats on upload with no infrastructure to manage * **Adaptive bitrate** \- HTTP Live Streaming (HLS) and Dynamic Adaptive Streaming over HTTP (DASH) automatically adjusts quality to match viewer bandwidth * **Global delivery** \- Video served directly from Cloudflare's edge network without a separate Content Delivery Network (CDN) ### Stream Live Live streaming with automatic recording and instant playback. [Learn more about Stream Live](https://developers.cloudflare.com/stream/stream-live/). * **Live streaming** \- Low-latency live video with automatic recording and instant playback after the stream ends ### RealtimeKit Add customizable live video and voice to web or mobile applications. [Learn more about RealtimeKit](https://developers.cloudflare.com/realtime/realtimekit/). * **Real-time communication** \- Add peer-to-peer video and audio directly to your application ## Get started 1. [Stream get started](https://developers.cloudflare.com/stream/get-started/) 2. [Set up Stream Live](https://developers.cloudflare.com/stream/stream-live/) 3. [Secure videos with signed URLs](https://developers.cloudflare.com/stream/viewing-videos/securing-your-stream/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/media-streaming/","name":"Media and streaming"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/media-streaming/video-delivery/","name":"Upload, encode, and deliver videos"}}]} ``` --- --- title: E-commerce description: Protect and accelerate online stores with Cloudflare WAF, DDoS protection, caching, image optimization, and Waiting Room. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/e-commerce/index.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # E-commerce E-commerce applications require exceptional performance, security, and reliability. Cloudflare protects and accelerates online stores with application security against attacks, bot security against credential stuffing and fraud, cache and image optimization for fast global delivery of product pages, load balancing and Waiting Room for handling traffic spikes, and Zaraz for server-side analytics and marketing tags. * [ Protect your store ](https://developers.cloudflare.com/use-cases/e-commerce/protect/) * [ Accelerate your store's performance ](https://developers.cloudflare.com/use-cases/e-commerce/performance/) * [ Handle traffic at scale ](https://developers.cloudflare.com/use-cases/e-commerce/traffic-at-scale/) * [ Observe traffic patterns and analytics ](https://developers.cloudflare.com/use-cases/e-commerce/analytics/) ## Architecture patterns ### Self-hosted storefront Protect and accelerate a store running on your own infrastructure: * **SSL/TLS** encrypts all traffic between shoppers and your store * **Cache** serves static assets from 300+ edge locations * **Application security** blocks attacks before they reach your origin * **Images** optimizes product images on-the-fly ### SaaS-hosted storefront Add Cloudflare on top of a platform like Shopify, BigCommerce, or Salesforce Commerce Cloud: * **Cloudflare for SaaS** (Orange-to-Orange setup) layers your Cloudflare zone over your provider's existing Cloudflare configuration * **Application security** adds protection beyond what the platform provides * **Zaraz** loads analytics and marketing tags server-side to improve page speed ### High-traffic store Handle flash sales, seasonal peaks, and viral demand: * **Load Balancing** distributes traffic across multiple origin servers * **Waiting Room** queues excess visitors to prevent origin overload * **Cache** and **Argo Smart Routing** reduce origin load and improve response times * **Health Checks** detect unhealthy origins and reroute traffic automatically --- ## Prerequisites ### Create a new application * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). * A domain [added to Cloudflare](https://developers.cloudflare.com/fundamentals/manage-domains/add-site/) with DNS records proxied through Cloudflare. All solutions in this use case require traffic to pass through Cloudflare's network. ### Use an existing application * A [Cloudflare account ↗](https://dash.cloudflare.com/sign-up). * A domain [added to Cloudflare](https://developers.cloudflare.com/fundamentals/manage-domains/add-site/) with DNS records proxied through Cloudflare's network. * If your store is hosted on a SaaS platform that already uses Cloudflare — such as [Shopify](https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/saas-customers/provider-guides/shopify/), [BigCommerce](https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/saas-customers/provider-guides/bigcommerce/), or [Salesforce Commerce Cloud](https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/saas-customers/provider-guides/salesforce-commerce-cloud/) — follow the setup steps in the provider guide for your platform to add your own Cloudflare zone on top of your provider's existing configuration. --- ## Related resources [E-commerce case studies](https://www.cloudflare.com/case-studies/?industry=Ecommerce%20%26%20Retail) Explore how e-commerce companies use Cloudflare. [Reference architectures](https://developers.cloudflare.com/reference-architecture/) Detailed diagrams and design patterns for enterprise deployments. ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/e-commerce/","name":"E-commerce"}}]} ``` --- --- title: Observe traffic patterns and analytics description: Understand your traffic, identify issues, and optimize your store with Cloudflare analytics. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/e-commerce/analytics.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Observe traffic patterns and analytics Understanding how shoppers experience your store — page load times, security events, and traffic patterns — requires analytics that do not slow down your site. Cloudflare Web Analytics collects real user metrics without cookies, Security Analytics shows WAF and bot activity, and Logpush exports logs for compliance. ## Solutions ### Web analytics Privacy-first, cookie-free analytics for websites. [Learn more about Web analytics](https://developers.cloudflare.com/web-analytics/). * **Real user metrics** \- Core Web Vitals and performance data collected from actual visitors without cookies or sampling ### Security analytics Analyze security events and fine-tune your Application Security configuration. [Learn more about Security analytics](https://developers.cloudflare.com/waf/analytics/). * **Security visibility** \- Understand application security rule triggers, bot activity patterns, and attack trends in one view ### Logpush Stream logs from Cloudflare products to external destinations. [Learn more about Logpush](https://developers.cloudflare.com/logs/). * **Compliance logging** \- Export detailed request logs to your Security Information and Event Management (SIEM) system or data warehouse for audit trails and forensic analysis ## Get started 1. [Enable Web Analytics](https://developers.cloudflare.com/web-analytics/get-started/) 2. [Configure Logpush](https://developers.cloudflare.com/logs/logpush/) 3. [Review Security Analytics](https://developers.cloudflare.com/waf/analytics/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/e-commerce/","name":"E-commerce"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/e-commerce/analytics/","name":"Observe traffic patterns and analytics"}}]} ``` --- --- title: Accelerate your store's performance description: Speed up an e-commerce store with edge caching, image optimization, asset minification, and server-side tag loading. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/e-commerce/performance.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Accelerate your store's performance Slow page loads directly reduce e-commerce conversion rates. Cloudflare accelerates your storefront with global edge caching, on-the-fly image optimization for product images, automatic asset minification, and server-side loading of analytics and marketing tags through Zaraz. ## Solutions ### Cache Cache content at Cloudflare's global network of edge locations. [Learn more about Cache](https://developers.cloudflare.com/cache/). * **Global content delivery** \- Static assets served from 300+ edge locations, reducing load times for international shoppers ### Images Transform, optimize, and deliver images at scale. [Learn more about Images](https://developers.cloudflare.com/images/). * **Image optimization** \- Automatic WebP/AV1 Image File Format (AVIF) conversion and on-the-fly responsive resizing for product images ### Speed Automatic optimizations for HTML, CSS, JavaScript, and fonts. [Learn more about Speed](https://developers.cloudflare.com/speed/). * **Core Web Vitals improvement** \- Faster Largest Contentful Paint (LCP), reduced Cumulative Layout Shift (CLS), and improved Interaction to Next Paint (INP) through automatic asset optimization ### Zaraz Server-side loading of third-party tools to improve performance and privacy. [Learn more about Zaraz](https://developers.cloudflare.com/zaraz/). * **Third-party script control** \- Load analytics, chat, and marketing tags through Cloudflare without blocking page rendering ### Workers Build and deploy serverless applications on Cloudflare's global network. [Learn more about Workers](https://developers.cloudflare.com/workers/). * **Edge logic** \- Run custom performance optimizations at the edge, such as HTML rewriting and dynamic content assembly, without round-trips to your origin ## Get started 1. [Configure Cache Rules](https://developers.cloudflare.com/cache/how-to/cache-rules/) 2. [Set up Cloudflare Images](https://developers.cloudflare.com/images/get-started/) 3. [Enable Speed optimizations](https://developers.cloudflare.com/speed/optimization/) 4. [Configure Zaraz](https://developers.cloudflare.com/zaraz/get-started/) 5. [Rewrite HTML at the edge with HTMLRewriter](https://developers.cloudflare.com/workers/runtime-apis/html-rewriter/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/e-commerce/","name":"E-commerce"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/e-commerce/performance/","name":"Accelerate your store's performance"}}]} ``` --- --- title: Protect your store description: Before driving traffic to your store, establish security controls to protect against attacks and fraud. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/e-commerce/protect.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Protect your store Online stores are targets for DDoS attacks, credential stuffing, payment fraud, and supply chain script injections. Cloudflare provides layered security — from SSL/TLS encryption and application security managed rulesets to bot detection and client-side script monitoring — that protects your store without adding friction for shoppers. ## Solutions ### SSL/TLS Encrypt all traffic with free, automatic SSL certificates. [Learn more about SSL/TLS](https://developers.cloudflare.com/ssl/). * **PCI DSS compliance support** \- Transport Layer Security (TLS) encryption and application security managed rulesets help meet Payment Card Industry (PCI) payment security requirements ### Application security Get automatic protection from vulnerabilities and create your own custom rules. [Learn more about application security](https://developers.cloudflare.com/waf/). ### DDoS protection Automatic mitigation of volumetric and application-layer DDoS attacks. [Learn more about DDoS protection](https://developers.cloudflare.com/ddos-protection/). * **HTTP DDoS protection** \- Automatic, always-on mitigation of HTTP flood attacks, cache-busting attacks, and application-layer Distributed Denial of Service (DDoS) attacks at layer 7\. No configuration required — active on all Cloudflare domains by default ### Bot security Machine learning powered bot detection with granular control over bot traffic. [Learn more about Bot security](https://developers.cloudflare.com/bots/). * **Credential stuffing protection** \- ML-powered bot detection blocks automated login and account takeover attacks ### Turnstile Privacy-preserving CAPTCHA alternative for forms and user interactions. [Learn more about Turnstile](https://developers.cloudflare.com/turnstile/). * **Payment form security** \- Privacy-preserving CAPTCHA alternative that protects checkout without adding user friction ### Client-side security Monitor and control third-party scripts and outbound connections on your pages. [Learn more about Client-side security](https://developers.cloudflare.com/client-side-security/). * **Supply chain protection** \- Detects malicious scripts injected by compromised third-party vendors (Magecart-style attacks) ## Get started 1. [Enable SSL/TLS](https://developers.cloudflare.com/ssl/get-started/) 2. [Configure Application Security managed rules](https://developers.cloudflare.com/waf/managed-rules/deploy-zone-dashboard/) 3. [Set up Bot security](https://developers.cloudflare.com/bots/get-started/) 4. [Add Turnstile to forms](https://developers.cloudflare.com/turnstile/get-started/) 5. [Enable Client-side security](https://developers.cloudflare.com/client-side-security/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/e-commerce/","name":"E-commerce"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/e-commerce/protect/","name":"Protect your store"}}]} ``` --- --- title: Handle traffic at scale description: Handle flash sales and traffic spikes for e-commerce stores with load balancing, visitor queuing, and smart routing. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/e-commerce/traffic-at-scale.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Handle traffic at scale Flash sales, seasonal peaks, and viral moments can overwhelm your origin infrastructure. Cloudflare Load Balancing distributes traffic across multiple origins with automatic failover, Waiting Room queues excess visitors to prevent overload, and Argo Smart Routing reduces latency between edge and origin. ## Solutions ### Load balancing Distribute traffic across origins with health checks and automatic failover. [Learn more about Load balancing](https://developers.cloudflare.com/load-balancing/). * **Origin protection** \- Distribute traffic across origin servers and queue excess visitors to prevent overload during peak events * **Automatic failover** \- Health checks detect unhealthy origins and reroute traffic automatically ### Waiting Room Manage visitor queuing during traffic surges. [Learn more about Waiting Room](https://developers.cloudflare.com/waiting-room/). * **Flash sale readiness** \- Queue visitors fairly during extreme demand, preserving a consistent experience without crashing the site ### Argo Smart Routing Route traffic through the fastest paths across Cloudflare's network. [Learn more about Argo Smart Routing](https://developers.cloudflare.com/argo-smart-routing/). * **Reduced latency** \- Route requests through the fastest available network paths between edge and origin ## Get started 1. [Set up Load Balancing](https://developers.cloudflare.com/load-balancing/get-started/) 2. [Configure Waiting Room](https://developers.cloudflare.com/waiting-room/get-started/) 3. [Create Health Checks](https://developers.cloudflare.com/health-checks/get-started/) ## See also Cloudflare Smart Shield acts as an intermediate caching layer between Cloudflare's content delivery network and your origin server, consolidating multiple requests from various locations into a single request.[Learn more about Smart Shield](https://developers.cloudflare.com/smart-shield/). ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/e-commerce/","name":"E-commerce"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/e-commerce/traffic-at-scale/","name":"Handle traffic at scale"}}]} ```