You can disable the captcha-feature, as far as I know, and this is just a way to mitigate DDoS. You'd think Google would recognize that you were serving your content via a CDN, it's not like it's something new or anything.
And I'm not buying into that you could have law enforcement on your doorstep. How on earth would they tie it to you? The IP-adress is registered to CloudFlare, not you. If they have the means to find a "kiddy porn"-site, they also have the knowledge to see that it's distributed by a Content Delivery Network.
Are you really comparing a globally distributed content delivery network with a squid installed at one location on one provider?
CloudFlare might not be worth the headache, but for entirely different reasons than you have listed.
You can disable the captcha-feature, as far as I know
Cloudflare displays a cloudflare-branded error page when anything goes wrong. That happens quite often, and as far as I know you can not turn that off. Oftentimes Cloudflare claims the "the backend is down" when the backend is, in fact, serving fine (which I've verified on more than one occasion).
Furthermore Cloudflare significantly degraded both latency and availability outside the US when we tested them, versus using the US origin. We've seen their error-page and 'connection refused' errors spike into the 10% range multiple times a day. Latency variance was pretty wild, with europe spiking into the 500ms(!) range.
The only other CDN I've seen similarly atrocious performance from was MaxCDN.
If you're looking for a CDN to speed your site up (duh!) then I'd recommend to go with one of the more established players. Cedexis provides a nice report that tells you which CDNs perform best in your market; http://www.cedexis.com/country-reports
(I'm not affiliated with them, take their figures with a grain of salt, do your own testing on an evaluation account!)
You seem to be using CloudFlare and CloudFront interchangeably. From context I think your talking about the "free cdn startup", not the AWS service. Could you edit for clarity?
Either way, given their performance we were not interested to upgrade. Cedexis currently shows CloudFlare with 22.9% error rate and 1123ms slowest avg response time, in the USA.
If you can tolerate that kind of performance in a primary market then you don't need a CDN to begin with.
The Cedexis numbers seem very suspicious. Their own 'Multi CDN Optimized' service wins every comparison by a lot, and if their methodology is somehow failing for CloudFlare (which I've used with minimal problems — certainly not a 22%+ error rate! — it's not clear they'd be motivated to fix it.
Well, as said, I'm not affiliated with them, but their methodology is documented (see link at the top of the page) and I doubt they have an interest to fudge numbers that can be verified by third parties.
I assume Cloudflare is having a temporary problem right now, their figures don't normally look this bad (last I checked they were in the top10 on cedexis).
However, this mirrors what we observed in our lengthy evaluation. Performance was extremely variable, up to the point of some regions becoming effectively unavailable for hours at a time. Today might be such a time...
I would love to see how CloudFlare response to this. If they do. From my own testing Cloudflare definitely isn't the fastest CDN, but it has been improving since start of the year and now to an acceptable standard for a CDN. Especially it is free.
And I'm not buying into that you could have law enforcement on your doorstep. How on earth would they tie it to you? The IP-adress is registered to CloudFlare, not you. If they have the means to find a "kiddy porn"-site, they also have the knowledge to see that it's distributed by a Content Delivery Network.
Are you really comparing a globally distributed content delivery network with a squid installed at one location on one provider?
CloudFlare might not be worth the headache, but for entirely different reasons than you have listed.