geiserzone.com already points its DNS at Cloudflare. The whole stack a modern site needs — hosting, storage, app security, Zero Trust access and AI — can be built on that same network instead of farmed out to a handful of SaaS bills. One platform, one control plane, $0 egress, and most of it on free or usage-based pricing.
The apex isn’t serving anything yet. Deploy the site on Pages and run logic on Workers — Git-push deploys, instant global rollout, no servers to patch.
S3-compatible object storage that charges $0 egress — the natural origin for media, backups and any data your Workers, AI or analytics read.
The moment the apex serves traffic, it’s a target. Turn on the managed WAF, Bot Management and always-on DDoS at the edge — same network, one toggle.
Put any admin panel, staging URL or internal tool behind Access with SSO + device posture — no VPN. Gateway + WARP add DNS/SWG filtering for your own devices.
Run inference on Workers AI, store embeddings in Vectorize, and stand up retrieval over your own content with AutoRAG — with AI Gateway logging, caching and capping spend across any model.
No MX is configured today. Add free Email Routing to forward custom @geiserzone.com addresses, with SPF/DKIM/DMARC set correctly — and layer Email Security for phishing/BEC defense.
Host and adaptively deliver video with Stream, and do URL-based resize / crop / format-shifting with Images — both delivered from the CDN already serving the zone.
Privacy-first Web Analytics, Log Explorer / Logpush for querying edge logs, and Zaraz to load third-party scripts server-side — visibility without bolting on another analytics vendor.
| Function | Today | How it was identified | On Cloudflare |
|---|---|---|---|
| DNS | Cloudflare active | NS: ricardo / savanna.ns.cloudflare.com | Cloudflare DNS (already here) |
| Web hosting / apex | Not serving yet | apex A/AAAA: none at recon | Pages + Workers |
| App security | Not yet activated | Zone on Cloudflare DNS only | WAF + Bot + DDoS |
| Object storage | None observed | Greenfield | R2 (egress-free) |
| Identity / access | None observed | Greenfield | Zero Trust (Access / WARP / Gateway) |
| AI | None observed | Greenfield | Workers AI + AI Gateway |
| No mail configured | MX / SPF: none at recon | Email Routing + Email Security | |
| Observability | None observed | Greenfield | Web Analytics + Log Explorer |