When comparing Verisign vs CloudFlare, the Slant community recommends CloudFlare for most people. In the question“What are the best services to protect against DDoS attacks for startups?” CloudFlare is ranked 2nd while Verisign is ranked 4th. The most important reason people chose CloudFlare is:
CloudFlare offers a [free plan](https://www.cloudflare.com/plans) with basic DDoS protection and promises to always provide a free service with at least the feature set that it has today. More advanced DDoS protection is available for the higher plans, which can be added as your needs grow.
Ranked in these QuestionsQuestion Ranking
Pro Thorough and customized set up process
Verisign uses a very thorough set up process that can take weeks. This allows them to customize the payees service to their site/s in order to provide the best protection possible.
Pro Signature analysis, dynamic profiling and filtering of the OSI stack are used to detect DDoS attacks
Verisign uses a multitude of tools simultaneously to detect security breaches and DDoS attacks. By using signature analysis and dynamic profiling along with filtering of the OSI stack (in order to detect DDoS attacks that are not coming from the network layer) Verisign can easily detect attacks to then alert the user as well as start mitigating the attack.
Pro Very affordable
CloudFlare offers a free plan with basic DDoS protection and promises to always provide a free service with at least the feature set that it has today. More advanced DDoS protection is available for the higher plans, which can be added as your needs grow.
Pro Works with static and dynamic content
Pro Automatic IPv6
Pro SSL encryption
As of late 2014 Cloudflare offers SSL encryption for all sites using its service.
Pro Handled some of the largest DDoS attacks in history
Cloudflare was able to deflect 2 massive DDoS attacks. During the March 2013 attack on Spamhaus, they were able to absorb a peak 120Gbps attack that lasted 4 days, as well as a 400Gbps attack in February 2014.
Their track record shows their ability to protect against DDoS attacks in practice.
Pro Easy management interface
Pro Highly secure
Pro Anyone can add or update libraries
Pro Has npm auto-update
Pro Site enhancing apps
Cloudflare has a wide selection of app support that allows the user to install the app easily through Cloudflare instead of in their site. This creates ease of use, time saved and less degradation of performance.
Pro Works with other CDNs
Pro Page Rules are powerful
Pro Railgun optimization for Business & Enterprise plans
Railgun allows caching dynamic and personalized sites, allowing for up to 140% performance increase.
Pro Official WordPress plugin
Cloudflare offers an official WordPress plugin that allows for customization through the user panel.
Pro Has tag based cache spoilage for Enterprise plan
Pro Free service is Best
Con No 24/7 live chat
Verisign does not offer 24/7 live chat for customer service, only 24/7 telephone and e-mail support.
Con Slow support
Even on paid (Pro) account, support often takes several hours per reply. So a single query can take days to resolve.
Con Practices Man-in-the-Middle certificate forgery
Https ("secure") comunications with sites using CloudFlare are intercepted at their servers, decrypted and recrypted with CloudFlare's certificates. This poses huge problem with what users perceive as safe communication - browsers fail to display notice about MitM taking place.
Con Lowers usability of the web for Tor users
Tor users are required to enter captcha at each site using CloudFlare. In some circumstances, this introduces unsolvable roadblock.
Con Relies on intrusive captcha screens to validate visitors
During large attacks, Cloudflare will block users with captcha screens to filter out malicious attacks. Albeit effective, they cause a considerable annoyance to legitimate users.
Con Support doesn't have access to logs
Log access is an enterprise feature and priced at the "contact us" level. So when an error code is returned to the user that wasn't returned from your app, debugging this is impossible at the pro level. Unfortunately these logs aren't available to support personnel either so they have no way of tracking/validating issues.
Con Lack of cache control
If you want to cache all kinds of content (e.g. HTML, JSON), you need the "Cache Everything" setting, and this imposes a long "max-age" directive of 2 hours. It ignores your origin server's value.
Con Layer 7 attacks must be manually identified
In order to enable layer 7 protection with Cloudflare, customers must manually press an "I'm under attack" button.