I'm currently running a SaaS on Cloudflare Workers + Pages. The developer experience is genuinely good, deploying serverless functions and static sites from the same repo has been seamless.
But I hit a real issue recently: CDN edge caching served stale HTML after a deploy, and the service worker cached the bad response. Took a CDN purge from the dashboard to fix. The debugging experience when things go wrong at the edge is painful, you're always guessing which cache layer is the problem.
That being said, the free tier is hard to beat for getting started. Workers, Pages, KV, R2 — you can run a full production app at near-zero cost until you hit scale. Not sure if Bunny offers that.
Cloudflare's biggest benefit is the wrangler cli which when paired with claude code means that you can completely handoff setup/debugging/analysis.
Some of you may be skeptical about this but it allows for much easier management when working on multiple SaaS/hobby projects/personal tools.
I deploy to Google just fine with Claude and have ZERO use for Cloudflare's toxic code.
Bunny has a lot of that (they have a sqlite compatible API, edge functions, but the call it something different, etc.)
That being said, I had enough issues with Bunny and CF debugging across regions that I made this free tool to do both remote HTTP and TCP traceroutes to keep my sanity: https://dnsisbeautiful.com/global-http-availability
This is why we purge cache from CI after a deploy[0], and other places when our users publish a story, etc.
That said, the edge-caching being how it is, it's possible to run into some race-conditions where the cache has been purged but not propagated to the edge network, and if visited too soon, the stale version might end up back into the cache.
[0]:
Yeah ran into that too, and found someone else that wrote a script for it, so we're not alone: https://bash.cyberciti.biz/web-server/linuxunix-bash-shell-s...
Bunny doesn’t have a free tier, but their greatest asset is that it has prepaid billing: there’s zero risk of running up a surprise six figure bill just because of being attacked, making a mistake with a deploy, or other sudden sources of resource usage. I’d rather my site go down than to be on the hook for hundreds of thousands, which many projects have no hope of generating from sudden spikes in traffic of any source.
There’s a cost limit to how much high availability is worth on any project but vendors like CloudFlare don’t respect that.
And this is why I am immediately shifting to bunny from cloudflare at this point.
A week ago I (a hobbyist running a small side project for a dollar or two a month in normal usage, so my account is marked as "individual") got hit with a ~$17,000 bill from Google cloud because some combination of key got leaked or my homelab got compromised, and the attacker consumed tens of thousands in gemini usage in only a few hours.
Google denied a rate adjustment, and haven't reached back out to me for a good few days now. My credit card denied the charge because it was over my credit limit by a good few thousand dollars and they suspected fraud, but now I am terrified of being taken to collections and ruining my prospects of renting an apartment due to my credit score/history being ruined, or them just taking me to court.
I am never going to use "use now pay later" services, especially with cloud portals where it's so hard to put in a actual cap, and the cloud provider not having any sane rate limits. I am fine paying if it was negligence or a mistake on my part as a very expensive lesson in security, but 17k is brutal.
The fact they don't have an easy way to hard cap usage (especially for an individual account) and have ineffective rate limits (how on earth is an account that pays a few dollars a month able to run up tens of thousands in just a few hours), makes me never want to use their (or any use now pay later with no easy caps or rate limits) service ever again. Or even a phone number to call.
If you're in the USA contact your state AG + Senator and present your case. Mention that Google is abusing small owners due to their ineptitude in security practices, construct the argument that makes it appear Google is squeezing small users like a mob boss/cartel.
Also before doing this save anything important that Google owns (gmail, youtube videos, anything in storage). The leaders at Google are vengeful enough to completely lock you out for challenging them.
Just this month Google shipped what I understand as hard limits in AI Studio/Gemini/whatever it's called this week. I had existing billing alerts (best you could do before IIUC), but set these new hard limits up immediately. Feels good!
DB seems like the main shortcoming in the stack for them. I don't want to deal with the limitations of D1. Seems like a serverless postgres setup a la Neon/Supabase would be a slam dunk.
They have Durable Objects which should be enough for most use cases (it’s SQLite with no limitations). Have you tried that?
I've used DO's quite a bit. I'm a big fan... however I find the database latency pretty hard to deal with. In the past 6 months I've seen upwards of 30s for little side projects running tiny (100's of kb) databases. Sometimes it's lightning fast... sometimes it's a disaster.
As a consequence I've had to build quite defensively - adopting a PWA approach - heavy caching and background sync. My hope is that latency improves over time because the platform is nice to work with.
Yeah, but then I'm heavily coupled to their proprietary infrastructure. Maybe a good thing for them, but a nonstarter for thinking about building a real business on, for me and many others I'd presume.