By Andrew Baker, CIO at Capitec Bank
There is a truth that most technology vendors either do not understand or choose to ignore: the best sales pitch you will ever make is letting someone use your product for free. Not a watered down demo, not a 14-day trial that expires before anyone has figured out the interface, but a genuinely generous free tier that lets people build real things and solve real problems. Cloudflare understands this better than almost anyone in the industry right now, and it has made me a genuine advocate in a way that no amount of marketing spend ever could.
1. How I Found Cloudflare and Almost Lost It
My journey with Cloudflare did not begin with enthusiasm. I came in with low awareness of what genuinely differentiated it from other CDN and security platforms, and early on there were real friction points. The lack of private peering between Cloudflare and AWS in South Africa was a meaningful concern. For anyone running infrastructure in the South African market, network latency and data sovereignty matter enormously, and the absence of a direct peering arrangement had me seriously considering whether Cloudflare was the right long-term choice for protecting andrewbaker.ninja.
Then came a series of outages in 2025. Any one of those incidents in isolation might have been forgivable, but cumulatively they put Cloudflare in a difficult position. For a platform whose core value proposition is reliability and availability, sustained turbulence shakes confidence.
Here is the thing though: I stayed. I worked through those issues rather than walking away. And the reason I stayed was not because of a reassuring account manager call or a compelling analyst report. It was because the free tier had given me genuine, hands-on depth of knowledge about the platform. When things wobbled, I understood the architecture well enough to diagnose, to find workarounds, and to make an informed judgment about whether the underlying platform was structurally sound despite the turbulence. That knowledge did not come from a sales deck. It came from building with the product.
2. What Cloudflare Actually Gives You for Free
The Cloudflare free tier is, frankly, extraordinary. When I first started using it for my personal blog, I expected the usual pattern: enough capability to see the shape of the product, but with enough gates and limits to push you toward a paid plan. What I found instead was a comprehensive platform that covers almost every dimension of modern web security and performance at zero cost.
2.1 DDoS Protection
Cloudflare’s free tier includes unmetered DDoS mitigation. Not capped, not throttled after a threshold, unmetered. This is a remarkable statement of intent. For a personal blog or a small business site, volumetric attacks are existential threats. The fact that Cloudflare absorbs this at no cost demonstrates a confidence in their network scale that is itself a product differentiator. You experience that confidence directly rather than reading about it in a whitepaper.
2.2 CDN and Global Edge Network
The content delivery network spans over 300 cities worldwide, and free tier users sit on the same global edge infrastructure as enterprise customers. Your static assets are cached and served from points of presence close to your visitors regardless of whether you are paying anything. For andrewbaker.ninja this means readers in Europe, Asia, or the Americas get fast load times even though the origin infrastructure lives in a specific region. Experiencing this performance benefit directly makes the value proposition visceral in a way that no benchmark comparison table ever achieves.
2.3 Caching
Cloudflare’s caching layer is one of the most practically useful parts of the free tier and deserves more attention than it typically gets in introductory discussions of the platform. At its core, Cloudflare caches your static assets at edge nodes globally, meaning repeat visitors are served content directly from the nearest point of presence without the request ever reaching your origin server. For a WordPress-based blog like andrewbaker.ninja, this has a direct and measurable impact on both load times and origin server load.
What makes the free tier caching genuinely interesting is the degree of control you retain. Cache rules allow you to define caching behaviour by URL pattern, file type, request header, or cookie presence. You can bypass the cache for authenticated sessions, force cache for specific asset types regardless of origin headers, and set custom edge TTLs that differ from what your origin instructs. This level of granularity is not normally associated with a free offering.
Cache purging is available on the free tier too, either by individual URL or as a full cache purge across all edge nodes. For a content site where you are regularly publishing and updating posts, the ability to purge specific URLs instantly means you are never waiting for TTL expiry before visitors see updated content. This sounds operational rather than strategic but the first time you publish a correction to a widely shared post and need it to propagate immediately, you appreciate having the control.
The cache analytics overlay, which feeds into the broader analytics dashboard, shows you cache hit rates broken down by content type and geography. Watching your cache hit ratio improve as you tune your cache rules is one of those feedback loops that makes the free tier genuinely educational. You develop an intuitive understanding of how caching interacts with your content delivery architecture that translates directly into how you think about caching strategy at far larger scales.
Cloudflare also handles cache behaviour intelligently around query strings, cookies, and Vary headers, with configuration options available even on the free tier to tune how these affect cache key construction. Getting this wrong is one of the most common sources of cache poisoning risk and unexpectedly low hit rates, and having the ability to experiment with these settings in a low-stakes environment builds a depth of understanding that is difficult to acquire any other way.
For anyone running a personal site on a low end AWS instance type, and most personal blogs and side projects do exactly that, Cloudflare caching is not a nice to have. It is genuinely life or death for the origin server. A t3.micro or t4g.small running WordPress has a ceiling. Under normal traffic patterns it holds up adequately, but a post that gets picked up by a newsletter, shared on LinkedIn with any momentum, or referenced from a high traffic site will send concurrent requests that a small instance simply cannot absorb. Without caching at the edge, the origin buckles. With a well configured Cloudflare cache serving the majority of that traffic, the origin barely notices the spike. I have watched this play out against andrewbaker.ninja more than once. The cache hit ratio in the analytics dashboard tells the story clearly: the origin handles a fraction of total requests while Cloudflare absorbs the rest. That is an availability and cost story simultaneously. You are protecting a constrained origin and avoiding the instinct to over-provision just to handle infrequent traffic peaks.
One area where I think Cloudflare could meaningfully extend the free tier experience is 404 error tracking. Currently this sits behind paid plans, but a limited version, perhaps tracking 404s for just a handful of pages or a capped number of events per day, would give free tier users a genuine taste of the error analytics capability. The philosophy I would advocate for is that every service in the Cloudflare catalogue should have at least a small free window through which you can experience it directly, even in a constrained way. Understanding that you have broken links, misconfigured redirects, or content that has moved without proper forwarding is fundamental operational awareness for any site owner. Letting free tier users experience that capability, even modestly, would follow the same logic that makes the rest of the free tier so effective: exposure drives understanding, understanding drives advocacy, and advocacy drives enterprise pipeline far more reliably than any campaign.
2.4 SSL/TLS Certificates
Free, automated, and renewed without any manual intervention. This sounds mundane in 2025 but the operational overhead it removes is genuinely significant. Free tier includes full SSL termination at the edge, flexible and full encryption modes, and the ability to enforce HTTPS across your entire domain. For a technical audience reading a blog about enterprise architecture and banking technology, running over HTTP would be reputationally damaging. Cloudflare makes the secure default the effortless default.
2.5 Cloudflare Workers (Free Tier)
This is where the free tier becomes genuinely remarkable and strategically interesting. Workers gives you serverless compute at the edge, and the free plan includes 100,000 requests per day. For a personal site this is more than enough to experiment with meaningful functionality: A/B testing, request transformation, custom authentication flows, API proxying, and edge-side personalisation. When you spend time building with Workers on the free tier you start to understand the architectural implications of edge compute in a way that reshapes how you think about distributed systems design more broadly. That is enormously valuable learning for any technologist.
2.6 Cloudflare Pages
Free static site hosting with unlimited requests, unlimited bandwidth, and up to 500 builds per month. Integrated with git workflows and deployable in minutes. Pages is competitive with the best JAMstack hosting platforms and the free tier is genuinely production-grade. Many organisations run meaningful workloads here at no cost.
2.7 DNS Management
Cloudflare’s authoritative DNS is widely regarded as one of the fastest in the world, with query response times that consistently outperform incumbents. The free tier gives you access to this infrastructure plus DNSSEC, custom nameservers, and a clean management interface. The DNS product alone would justify attention, but as part of a broader free offering it becomes an anchor that draws users into the broader ecosystem.
2.8 Web Application Firewall
The free tier includes five managed WAF rules. This is a meaningful concession. WAF is a category where vendors historically extract significant revenue, and giving away even basic rule sets trains users to expect WAF as a standard component of web infrastructure rather than a premium add-on. Five rules might not cover every enterprise use case but for a personal site or small project they cover the most critical OWASP categories and give you a direct experience of how managed rules interact with your traffic patterns.
2.9 Analytics and Traffic Insights
Free tier analytics give you a genuinely comprehensive view of what the platform is doing on your behalf, and this transparency is itself a differentiator. Unlike platforms that gate analytics behind paid tiers as a way of obscuring the value they are delivering until you commit to spending, Cloudflare shows you everything from day one.
The primary dashboard surfaces total requests, bandwidth served, cache hit ratios, and threats mitigated over configurable time windows. But the depth goes considerably further than a headline summary. Traffic analytics break down requests by country of origin, giving you a real picture of where your audience actually lives versus where you assumed they were. For andrewbaker.ninja, seeing the geographic distribution of readers across the African continent and beyond was information I simply did not have before, and it directly shaped decisions about content focus and technical framing.
Security analytics show you threats blocked categorised by type, including DDoS mitigation events, WAF rule triggers, and bot management actions. Watching this data in real time during a period of elevated scanning activity against the blog made the security layer concrete rather than abstract. You are not trusting that protection is happening. You are watching it happen, with enough detail to understand what categories of threat are most active against your specific site.
Cache analytics integrate with the main traffic view and show you hit rates by content type, the split between cached and uncached bandwidth, and how cache performance varies by geography. This last dimension is particularly valuable for understanding where your edge caching configuration is working well and where it might benefit from tuning. A low cache hit rate from a specific region often indicates a configuration gap that the analytics surface directly.
Web Vitals data is also available on the free tier, showing you real user performance metrics including Largest Contentful Paint, First Input Delay, and Cumulative Layout Shift aggregated across actual visitor sessions. This is not synthetic benchmarking. It is real performance data from real users, segmented by country and connection type. Having access to this level of performance insight at no cost fundamentally changes how you approach front-end optimisation because you are working from evidence rather than inference.
2.10 Rate Limiting and Bot Management Basics
Basic bot protection is included at no cost. For a blog with public endpoints this matters. Scrapers, credential stuffers, and scanning bots represent a real and constant noise floor of malicious traffic. Seeing Cloudflare identify and handle this traffic on the free tier builds an intuitive understanding of bot behaviour and the mechanisms used to address it that directly informs how I think about fraud prevention architecture at a far larger scale in my day job.
2.11 Zero Trust Access (Cloudflare Access Free Tier)
Up to 50 users on the Zero Trust free plan. This is genuinely significant. Zero Trust Network Access is a category that enterprise vendors price at significant per-user premiums, and having hands-on experience with the Cloudflare Access model, the identity provider integrations, and the policy engine shapes how you evaluate ZTNA architectures in enterprise contexts. That experience has real currency in boardroom conversations about security investment.
3. The Strategic Value of Free Tier as a Leadership Development Tool
Working through Cloudflare’s free tier on a personal project is one of the most effective ways I have found to build genuine platform depth. This is not an accident. It is the mechanism by which technology companies build the most durable kind of influence: informed advocates rather than captured customers.
When I encountered challenges with Cloudflare in 2025, my response was shaped entirely by the depth of understanding I had developed through free tier usage. I knew enough about how the network operated, where the architectural constraints lay, and what the realistic recovery trajectory looked like to make a considered judgment rather than a reactive one. That knowledge is also what I draw on when evaluating Cloudflare capabilities in enterprise contexts. I am not reading vendor documentation in isolation. I have built things. I have watched things fail. I have seen what recovery looks like. That is a categorically different foundation for decision making.
The same pattern holds with AWS. My understanding of AWS architecture began with free tier experimentation. The 12 months of free tier access that AWS provides across a substantial catalogue of services is one of the smartest investments they have made in their developer ecosystem. My seven AWS certifications represent formal validation of knowledge that was built largely through hands-on experimentation that the free tier enabled. When I evaluate AWS proposals at Capitec or advocate for specific AWS architectural patterns, that credibility traces back to free tier experience. No marketing budget produces that outcome.
Free tier products are, in effect, a leadership development programme that technology vendors run at their own expense. Every future CIO, CTO, or technology decision maker working their way up through an organisation is building instincts and preferences right now through the products they can access and experiment with freely. The vendors who understand this invest in those experiences. The vendors who do not are optimising for short-term revenue extraction at the cost of long-term pipeline development.
4. The Slack Cautionary Tale
Slack represents the opposite lesson, and it is worth examining honestly.
I used Slack’s free tier heavily for years. Across multiple communities, interest groups, and peer networks, Slack was the default platform precisely because the free tier was generous enough to make it viable for groups that could not or would not pay. It was through this extensive free tier use that I developed deep familiarity with the product, its integrations, its workflow automation capabilities, and its organisational model. That familiarity translated directly into Slack advocacy in enterprise contexts.
Then came a series of changes to the free tier. Message history limits became more restrictive. Integration constraints tightened. The experience of being a free tier user shifted from feeling like a valued participant in the platform ecosystem to feeling like someone being actively nudged toward payment.
The result was not that the communities I participated in upgraded to paid Slack. The result was that those communities moved to other platforms. Discord absorbed many of them. Some moved to Microsoft Teams. Others fragmented across different tools. In most cases the community did not reconstitute on Slack at a paid tier. It simply left.
The downstream consequence for Salesforce, which acquired Slack for approximately 27.7 billion dollars, is a meaningful erosion of exactly the pipeline that free tier usage was building. Every community organiser, technology professional, and business leader who built their Slack intuitions through free tier usage and then migrated to an alternative platform is now building comparable depth of knowledge on a competing product. The future enterprise purchasing decisions of those individuals will reflect that. Slack did not just lose free tier users. It cut off future sales pipeline development at the roots.
This is a cautionary tale that should sit prominently in the strategic planning conversations of any technology company considering changes to their free tier offering. The immediate revenue signal from restricting free tier is misleading. The long-term signal, which is harder to measure and slower to manifest, is the erosion of informed advocacy and the diversion of future decision makers toward alternatives.
5. The Legacy Pricing Trap
There is a category of enterprise technology vendor whose approach to pricing is so fundamentally at odds with how purchasing decisions actually get made that it borders on self-defeating. I will not name them directly. They tend to employ a lot of lawyers, and this blog has enough going on already without that particular excitement.
You know who they are though. Their pricing model is built on tiers, each one separated from the next by a gap that costs companies millions of dollars to cross. The product catalogue is divided up such that anything genuinely interesting sits in a tier that requires a significant commercial commitment before you can touch it. You cannot experiment with it. You cannot build intuition about it. You cannot develop the informed advocacy that would eventually lead your organisation to invest in it properly. The gate comes before the experience, and the gate is expensive.
This is anti-sales dressed up as a pricing strategy.
It gets worse. These same vendors have a habit of quietly moving products that sit in your current tier up into a higher tier at contract renewal. The feature set you budgeted for and built processes around is now in the next tier up, and the message is clear: pay more or lose capability. The commercial logic from the vendor’s side is understandable in the narrow short-term sense. The strategic damage is severe and largely invisible until it is too late to reverse.
The practical consequence is that customers become genuinely reluctant to adopt new products within their current tier, even when those products are included and theoretically free to use. The rational response to a vendor that periodically reclassifies features upward is to avoid becoming dependent on anything you are not paying explicitly to retain. So the products sit unused. The integration work does not happen. The institutional knowledge does not develop. And the vendor wonders why adoption of their broader portfolio is lower than the addressable opportunity suggests it should be.
The generational problem this creates is profound and slow-moving enough that most of these vendors will not feel it until it is structurally very difficult to address. The technology leaders who bought into these platforms did so in an era where the vendor had sufficient market leverage to make the tier-based model stick. Those leaders are gradually retiring. The generation replacing them grew up with AWS free tier, with Cloudflare free tier, with open source everything, with the expectation that you experience a product before you commit to it. They have spent their formative professional years building instincts on platforms that trusted them with real capability before asking for money.
When those leaders sit across a procurement table from a vendor whose pitch begins with a multi-million dollar tier commitment required just to evaluate the relevant product set, the cultural mismatch is immediate and significant. It is not just a price objection. It is a philosophical incompatibility with how they believe technology decisions should be made. And unlike the previous generation of buyers who perhaps had fewer alternatives, this generation has grown up with genuinely competitive options that do not impose the same barriers.
The vendors who have built their commercial model on tier-based access restrictions have a window to adapt. That window is not permanent. Every year that passes without meaningful change to how they allow potential customers to experience their products is another cohort of future decision makers building their instincts and loyalties elsewhere.
The root cause of this strategic blindness is that there is no metric for the depth of understanding your product has in the marketplace. You cannot put it in a board report. You cannot trend it quarter on quarter. You cannot attribute it to a campaign or a sales motion. And because it is unmeasurable, short-sighted technology companies convince themselves the gap can be bridged through other means. So they invest in snappy Gartner acronyms that reframe existing capability as visionary innovation, and they deploy fleets of well-heeled sales teams whose job is to manufacture urgency and compress evaluation cycles before the prospect has time to develop genuine product intuition. It works, right up until it does not. The deal closes but the understanding never develops, and without understanding there is no organic advocacy, no internal champion who truly believes in the platform, and no resilience when the product disappoints.
Technology companies run by engineers tend to understand this instinctively. Engineers know what it means to learn by doing. They know the difference between reading documentation and actually building something. They know that genuine conviction about a technology comes from hands-on experience and cannot be manufactured by a sales process however well resourced. When engineers run product strategy, free tier investment makes intuitive sense because they have lived the experience themselves. When the company is run primarily by people whose mental model of selling is about controlling access and extracting maximum value at each gate, the free tier looks like revenue left on the table rather than pipeline being built. That framing error is expensive, and it compounds over time in ways that do not show up in any dashboard until the generational shift is already well underway.
6. Rethinking the Marketing Mix
I hold a view that is probably uncomfortable for most marketing organisations: technology companies should meaningfully reduce marketing spend in favour of free tier investment.
I understand why this is a hard argument to make internally. Marketing spend produces attributable metrics. Pipeline influenced, leads generated, impressions delivered. Free tier investment produces outcomes that are diffuse, long horizon, and resistant to attribution. The CIO who advocates for your platform in a 2028 procurement decision because they built something meaningful with your free tier in 2024 is almost impossible to trace back to that original free tier investment in any marketing analytics framework.
But the influence is real and it is durable in a way that no campaign achieves. You can say anything you want about a product through marketing. You can claim reliability, performance, security posture, developer experience, and operational simplicity until every available channel is saturated. None of it carries the weight of having used the product yourself, watched it perform under real conditions, seen it recover from real failures, and built genuine intuition about its architectural strengths and constraints.
The most credible advocate for any technology platform is someone who has built with it. The most credible moment to test platform loyalty is when things go wrong in production. Marketing cannot create either of those conditions. A generous free tier can.
Cloudflare has clearly internalised this. Their free tier is not a reluctant concession to market norms. It is a deliberate investment in developing the next generation of platform advocates. The breadth of capability they make available at no cost, spanning network security, edge compute, DNS, analytics, and Zero Trust access, reflects a confidence that the product will demonstrate its own value to the people who use it.
That confidence is justified. It worked on me.
7. Conclusion: Experience is the Proof of Concept
The technology industry has a persistent tendency to over-invest in the proxies for value rather than value itself. Brand recognition, analyst rankings, conference presence, and content marketing are all proxies. They describe a product from a distance. They cannot substitute for the experience of building with it, debugging it at midnight, watching it absorb an attack, or navigating an outage with enough architectural understanding to maintain composure.
Free tier products close the distance between description and experience. They are the most honest form of marketing because they are not marketing at all. They are just the product, made accessible.
For Cloudflare specifically, the free tier has been transformative in how I understand and advocate for the platform. The journey was not without friction. Early knowledge gaps, infrastructure concerns in the South African market, and a difficult period of platform instability all created genuine pressure points. But the depth of understanding that free tier access enabled was exactly what allowed those pressure points to be navigated rather than becoming exit triggers.
For Slack, the contraction of free tier generosity has had the opposite effect, redirecting communities and the professional development of their members toward competing platforms in ways that will compound as career trajectories advance.
The lesson is straightforward even if the organisational will to act on it is not. Invest in free tiers. Invest generously. The future pipeline you are building is less visible than the one your sales team can point to today, but it is deeper, more durable, and ultimately more valuable. Let people experience your product. Trust that it is good enough to speak for itself. If it is not, that is the more important problem to solve.
Andrew Baker is the Chief Information Officer at Capitec Bank in South Africa. He writes about enterprise architecture, cloud infrastructure, banking technology, and leadership at andrewbaker.ninja.
