>but was you or anyone you know affected by a DDoS?

Yes, all the damned time.

Some people must have experienced a completely different internet from the one I've had to run servers on over the years. I've had tiny, local sites for customers randomly get gigabytes of traffic per second for days. No rhyme or reason why. Try to run anything with a forum on it where people have strongly held beliefs, yea eventually you'll get a DDOS. Have a site where some global competitor can influence your sales by slowing traffic on important holidays... you can see where this is going. Heck, I've even worked at ISPs where we had to take particular IPs out of the DHCP pool and null route them because for some reason they were getting traffic blasted for weeks at a time.

While they do sale fear, it's not really an irrational one for those that have worked in the industry.

> cloudflare sells fear

A lot of people here don't just run trivial hobby sites. They work for companies that actually have a real need for DDOS and WAF protection. Maybe you have no experience with that, but it is extremely common and even required for sites that require compliance certifications like SOC2.

Sorry I pressed downvote and cannot revert my press...

I had to set up CF for a small local business in a very small country that has ecommerce presence targeted mainly at local population. It just gets non-stop ongoing traffic a hosting provider cannot handle.