Zenn

Classmethod strengthens Zenn blog platform security, maintains reliable performance, and cuts costs with Cloudflare

Based in Japan, Zenn is an information-sharing platform that hosts technical blogs written by engineers. Driven by a mission of “rewarding engineers for sharing knowledge,” Zenn enables engineers to easily contribute their unique insights to the IT community.

Zenn is run by Classmethod — a leading cloud integrator and service provider in Japan. “Our top priority is to deliver a consistent writing experience without compromising performance or disrupting service continuity,” says Yusuke Wada, an engineer at Classmethod.

Unfortunately, a rise in cyber attacks has threatened those consistent experiences. Classmethod today is focused on strengthening security to enhance platform reliability. The company needs an adaptable platform that can help them respond rapidly to the latest threats and maintain application performance.

“Writing technical articles is a very labor-intensive task. Solid application performance is critical for the writing experience — and for the reading experience,” says Wada. “If performance issues sour the experience during output, it has a direct impact on repeat business. We see sudden increases in load and DDoS attacks as threats to performance.”

Facing a disruptive attack and moving to Cloudflare

In February 2024, a DDoS attack disrupted the Zenn platform’s services. “Performance declined, which had a negative impact on both the writing and reading experience,” says Wada. “The attack also significantly increased cloud infrastructure costs.”

The Classmethod team needed an alternative to the tools available through their cloud provider. “DDoS defense capabilities were available for the cloud infrastructure, but their high cost made them impractical for us given the scale of our services,” says Wada.

After considering other solutions, the team homed in on Cloudflare, which was top of mind for network security. “We chose Cloudflare because of the straightforward setup, affordable fixed costs, and low-risk rollout,” says Wada.

The presence of multiple Cloudflare data centers in Japan was another plus. Classmethod would be able to use security capabilities running in those data centers without adding latency.

Successfully addressing threats with Cloudflare security capabilities

Classmethod rapidly implemented DDoS protection and the Cloudflare Web Application Firewall (WAF). “The WAF plays a pivotal role for us,” says Wada. “The managed rules have reduced most threats. We also consistently apply rate limiting to traffic from the same IP address to reduce the risk of extreme load increases.”

Because the Zenn platform is dedicated to engineers in Japan, the Classmethod team decided to restrict all traffic to that country. “We have created custom rules that block access from outside Japan as a safeguard against DDoS attacks,” says Wada.

Meanwhile, Classmethod is also protecting traffic within Japan. Cloudflare Tunnel creates an encrypted tunnel between the origin web server and the nearest Cloudflare data center.

In addition, Cloudflare capabilities help keep spam off the Zenn platform. “Spam posts were a problem,” says Wada. “We were able to use Cloudflare’s no-code features to quickly create access blocking rules in the editor to reduce spam.”

Streamlining operational workloads

Thwarting threats is helping to avoid excessive operational workloads for the Classmethod IT team. “We’ve seen fewer application performance issues outside the usual access spikes. As a result, we can have fewer team members on call,” says Wada.

Automated capabilities are also streamlining typical tasks. “We usually see about three latency alerts per month. Before rolling out Cloudflare, someone had to spend 30 minutes on every alert ensuring everything was OK,” says Wada. “Cloudflare DDoS protection addresses issues automatically, before anyone needs to check them, saving us about 90 minutes of operational time every month.”

Driving down content delivery costs

As part of the move to Cloudflare, the Classmethod team is taking advantage of the Cloudflare content delivery network (CDN) to provide responsive, low-latency performance to users. Employing Cloudflare as a CDN is also saving the company money.

“We had been using the CDN service that was bundled with our cloud provider’s load balancer,” says Wada. “Our previous CDN cost approximately ¥100,000 per month. With the move to Cloudflare, we are paying just a few thousand yen. That’s a huge cost savings for us.”

Maintaining reliable experiences with the latest functionality

The Classmethod team can now better maintain reliable, responsive user experiences for the Zenn platform. With extensive Cloudflare documentation, the team also has the information they need to make the most of existing capabilities and take advantage of the latest functionality.

Given their role in supporting Zenn — a platform for sharing technical information — it’s no surprise that the Classmethod team appreciates the strong documentation from Cloudflare. “Cloudflare regularly updates their comprehensive documentation, which is incredibly helpful. It goes beyond standard manuals and procedures by including security insights and industry trends,” says Wada. “The documentation makes things easier for developers and is very useful when explaining key concepts to decision-makers.”