When comparing Akamai vs CloudFlare, the Slant community recommends CloudFlare for most people. In the question“What are the best content delivery networks (CDNs)?” CloudFlare is ranked 1st while Akamai is ranked 3rd. The most important reason people chose CloudFlare is:
CloudFlare offers a [free plan](https://www.cloudflare.com/plans) with basic DDoS protection and promises to always provide a free service with at least the feature set that it has today. More advanced DDoS protection is available for the higher plans, which can be added as your needs grow.
Ranked in these QuestionsQuestion Ranking
Pro Large scale point of presence
Being one of the worlds largest CDNs, Akamai's large scale gives it a huge point of presence (PoP) to handle volumetric attacks.
Pro Deeply customizable rules
The Kona Site Defender rules are all customizable, with continuous updates from Akamai. This means you can see how they are protecting your site under the hood, and adjust them to your needs.
Pro Lots of dedicated bandwidth specifically for DDoS absorption
Through Prolexic's PLXedge, Akamai provides their customers with a total of 2.3 Tbps of dedicated DDoS absorption bandwidth.
Pro Rules for rate limiting
Akamai provides tools for rate controlling traffic segments based on their request rate behavior.
Pro Capped bursting fees
If a sudden attack sucks up a lot of bandwidth, the bandwidth costs are capped.
Pro Application layer protection
Akamai utilizes a proprietary web application firewall in order to provide scalable protection against application layer attacks.
Pro Very affordable
CloudFlare offers a free plan with basic DDoS protection and promises to always provide a free service with at least the feature set that it has today. More advanced DDoS protection is available for the higher plans, which can be added as your needs grow.
Pro Works with static and dynamic content
Pro Automatic IPv6
Pro SSL encryption
As of late 2014 Cloudflare offers SSL encryption for all sites using its service.
Pro Handled some of the largest DDoS attacks in history
Cloudflare was able to deflect 2 massive DDoS attacks. During the March 2013 attack on Spamhaus, they were able to absorb a peak 120Gbps attack that lasted 4 days, as well as a 400Gbps attack in February 2014.
Their track record shows their ability to protect against DDoS attacks in practice.
Pro Easy management interface
Pro Highly secure
Pro Anyone can add or update libraries
Pro Has npm auto-update
Pro Site enhancing apps
Cloudflare has a wide selection of app support that allows the user to install the app easily through Cloudflare instead of in their site. This creates ease of use, time saved and less degradation of performance.
Pro Works with other CDNs
Pro Page Rules are powerful
Pro Railgun optimization for Business & Enterprise plans
Railgun allows caching dynamic and personalized sites, allowing for up to 140% performance increase.
Pro Official WordPress plugin
Cloudflare offers an official WordPress plugin that allows for customization through the user panel.
Pro Has tag based cache spoilage for Enterprise plan
Pro Free service is Best
Akami's services cost more than triple comparative packages from other security companies. At 13k a month for DDoS protection, there are many other choices out there that cost less for the same protection.
Con Slower security rule propagation
Because of Akamai's large CDN structure, it can take some time for security rules to propagate, making it harder to adjust security responses on the fly.
Con Slow support
Even on paid (Pro) account, support often takes several hours per reply. So a single query can take days to resolve.
Con Practices Man-in-the-Middle certificate forgery
Https ("secure") comunications with sites using CloudFlare are intercepted at their servers, decrypted and recrypted with CloudFlare's certificates. This poses huge problem with what users perceive as safe communication - browsers fail to display notice about MitM taking place.
Con Lowers usability of the web for Tor users
Tor users are required to enter captcha at each site using CloudFlare. In some circumstances, this introduces unsolvable roadblock.
Con Relies on intrusive captcha screens to validate visitors
During large attacks, Cloudflare will block users with captcha screens to filter out malicious attacks. Albeit effective, they cause a considerable annoyance to legitimate users.
Con Support doesn't have access to logs
Log access is an enterprise feature and priced at the "contact us" level. So when an error code is returned to the user that wasn't returned from your app, debugging this is impossible at the pro level. Unfortunately these logs aren't available to support personnel either so they have no way of tracking/validating issues.
Con Lack of cache control
If you want to cache all kinds of content (e.g. HTML, JSON), you need the "Cache Everything" setting, and this imposes a long "max-age" directive of 2 hours. It ignores your origin server's value.
Con Layer 7 attacks must be manually identified
In order to enable layer 7 protection with Cloudflare, customers must manually press an "I'm under attack" button.