Case Study: LendingTree achieves 70% fewer API attacks, $250K in savings, and up to 70% faster page loads with Cloudflare

Cloudflare’s security, performance, and serverless solutions provide LendingTree with security at the speed of business

LendingTree, an online marketplace that connects consumers with 400+ lenders and serves over 15 million active users, faced mounting security and performance problems: a metered DDoS vendor that billed massive overages and mistakenly blocked legitimate traffic during marketing spikes, plus sophisticated bots scraping APIs that drove bandwidth and opportunity costs and forced constant manual rule changes.

By moving to Cloudflare’s unmetered DDoS mitigation, Bot Management, Rate Limiting, WAF, Workers, and performance tools, LendingTree stopped abusive traffic and restored legitimate traffic flows—attacks on a frequently abused API endpoint dropped 70%, Rate Limiting saved about $250,000 in five months, Workers fixed partner communication instantly with zero downtime and enabled edge A/B testing, page load times improved up to 70%, and automated TLS certificates cut roughly $50,000/year—delivering substantial cost savings, improved security, and faster site performance.

LendingTree

John Turner

Application Security Lead