<devsplainers>

Tool Showdown

Vercel vs Netlify vs Cloudflare Pages in 2026

Vercel vs Netlify vs Cloudflare Pages, compared for 2026: real pricing, cold starts, and the $104,500 bill that shows why bandwidth decides everything.

By Ricardo de Jong 9 min read 7:08 video

Watch the explainer

Six figures for a static site. Not a typo. One developer woke up to a $104,500 Netlify bill after a DDoS attack hit a site that served plain HTML and CSS, no backend, no database, just 190 terabytes of bot traffic. On Cloudflare, that exact scenario costs nothing.

Vercel, Netlify, and Cloudflare Pages all feel identical when you use them. Git push, preview URL, done. Underneath, they are different machines with different pricing models, different runtimes, and very different failure modes. This guide compares them on the things that actually decide a project: cost, speed, the backend, and how badly a bad month can hurt.

Vercel vs Netlify vs Cloudflare Pages: the short answer

If your app is bandwidth-heavy, high-traffic, static, or cost-sensitive, Cloudflare Pages is the strongest default in 2026, because it does not charge for bandwidth at all. If you live in Next.js and want the smoothest possible workflow, Vercel earns its premium. If you want built-in forms and a free tier that physically cannot bill you, Netlify is the safe middle.

None of them is a wrong choice. They bake in different trade-offs, and those trade-offs stay invisible right up until your project succeeds. This comparison is about that later moment, when traffic and the bill get serious and you find out which platform you actually want to be on.

What’s the real difference under the hood?

The deepest split is where your code runs. Vercel and Netlify both build on AWS Lambda, so server code executes as region-based functions in a data center somewhere. Cloudflare runs your code in V8 isolates, the same lightweight sandboxes a browser tab uses, spread across 330+ cities in 125+ countries. Requests execute close to the user, usually within 50 milliseconds of most of the internet.

That design choice ripples everywhere. Isolates boot almost instantly and sit near everyone, which is why Cloudflare is fast and cheap to run globally. Lambda gives you a clean, familiar Node.js environment with generous memory, but it lives in a region and bills for the bandwidth leaving it.

Vercel AWS Lambda microVMs + Edge (V8) Region-based functions
Memory up to 3 GB room for heavy Node workloads
Netlify AWS Lambda + Deno Edge Functions default to us-east-2
Memory 1 GB fixed, no tuning
Cloudflare V8 isolates (Workers) 330+ cities, 125+ countries
Memory 128 MB strict per isolate
Fig. 1 Three different engines. Vercel and Netlify run AWS Lambda functions tied to a region; Cloudflare runs V8 isolates across hundreds of cities. The memory ceiling is the price of that speed.

The isolate model has a catch. Cloudflare limits you to 128 MB of memory per isolate, while Vercel allows up to 3 GB. Heavy Node workloads like PDF generation or image processing can hit that wall quickly. So the architecture question becomes a values question: do you want raw global speed, or the headroom to run traditional backend code without thinking about it?

How much do they actually cost?

Cloudflare is dramatically cheaper at scale, and the reason is simple: it does not charge for bandwidth. All three offer a free tier, all three look generous, and all three hide a catch. Vercel’s Hobby plan is free but forbids commercial use, so the moment your project earns money you upgrade. Netlify allows commercial use but gives you 300 credits a month, and a production deploy costs 15 credits, so you get roughly 20 deploys before the site pauses. Cloudflare gives unlimited bandwidth with no credits and no egress charges.

Now scale it up. Say your app reaches 5 terabytes of bandwidth and 10 million function calls a month. On Vercel that lands around $600 to $800. On Netlify, roughly $500 to $700. On Cloudflare, about $50 to $80. That gap is not subtle.

1M pageviews / mo
Vercel $50–100+
Netlify $50–100+
Cloudflare ~$5
5 TB + 10M functions / mo
Vercel $600–800
Netlify $500–700
Cloudflare $50–80

Bandwidth drives almost all of it. Vercel and Netlify meter egress; Cloudflare charges nothing for it.

Fig. 2 The same two workloads on each platform. Cloudflare's no-charge bandwidth is why its bars barely move while the other two climb into the hundreds.

The free tiers also differ in how they fail, which matters more than the headline numbers. Netlify’s free plan has a hard cap: hit it and the site pauses with zero charges. Vercel sends alerts but has no true hard stop, so usage keeps accumulating while your site stays live. Cloudflare removes the biggest risk by making bandwidth free, leaving only modest compute costs.

Why do these platforms cause surprise bills?

Because two of them meter bandwidth, and bandwidth is exactly what a DDoS attack floods you with. The most famous case: in February 2024, a free-tier Netlify site that served only static files absorbed 190 TB of bot traffic over four days and generated a $104,500 bill. The attack hammered a single 3.44 MB audio file roughly 55 million times. Netlify’s CEO waived the charge, then shipped the hard-capped free plan that exists today.

Vercel has its own pattern. One founder watched his bill jump from $50 to $1,200 the month his app hit $5K MRR, driven by unoptimized function invocations. Vercel also says it does not bill for traffic its DDoS mitigation blocks, but traffic that reaches your functions still counts. On Cloudflare, the whole category of disaster simply does not exist for bandwidth.

Netlify $104,500

A free-tier static site absorbed 190 TB of DDoS traffic in four days. The CEO waived it, then shipped a hard-capped free plan.

Vercel $1,200

A solo founder’s bill jumped from $50 the month his app hit $5K MRR, driven by unoptimized function invocations.

Cloudflare $0

The same DDoS-floods-your-bill scenario cannot happen. Bandwidth is free on every plan, so there is no egress meter to spike.

Fig. 3 Three documented outcomes: two horror stories on the metered platforms, and the structural zero on Cloudflare, where there is no egress meter to spike.

Which one is fastest?

Cloudflare is the most consistent, and on cold starts the gap is stark. A cold start is the delay when a function spins up from idle to serve its first request. Cloudflare Workers cold-start in under 20 milliseconds. Vercel’s Edge runtime does too. Netlify’s Node.js functions, running on AWS Lambda, can take 3.8 to nearly 6 seconds. That is slow enough for a non-technical user to notice.

The reason is the engine again. V8 isolates are effectively always warm, so there is almost nothing to boot. A traditional Node.js function has to start a container first. Edge runtimes on all three platforms erase the problem; it only appears on classic serverless functions.

Cloudflare Workers < 20 ms V8 isolate
Vercel Edge < 20 ms V8 isolate
Netlify Edge < 30 ms Deno isolate
Vercel Functions (Node) ~1,089 ms microVM boot
Netlify Functions (Node) 3.8–5.9 s AWS Lambda boot

Edge runtimes erase cold starts on all three. The gap only opens on traditional Node.js functions.

Fig. 4 Cold start, worst to best. Edge and isolate runtimes are effectively instant on every platform. The multi-second gap only opens on traditional Node.js functions.

Steady-state speed follows the same shape. On dynamic, server-rendered requests, Cloudflare averages around 50 milliseconds globally, Vercel around 70, and Netlify around 90, with Cloudflare staying flat across regions because every city runs your code. For purely static files, all three land within a few milliseconds of each other, so the difference only shows up on dynamic workloads.

Which has the best backend and data platform?

Cloudflare, and it is not close. It offers a full native stack: D1 for SQL, KV for key-value storage, R2 for object storage with zero egress fees, Durable Objects for state, and built-in AI inference. If you want everything integrated in one place, nothing else comes near it.

Vercel’s storage products are mostly managed wrappers around third-party services, like Postgres through Neon and KV through Upstash, with markup on top. Netlify’s native data offering is the thinnest of the three. For a full-stack edge app where the data lives beside the code, Cloudflare holds the strongest position by a clear margin.

Cloudflare Full native platform
  • D1 — SQLite at the edge
  • R2 — object storage, zero egress
  • KV — key-value store
  • Durable Objects — state
  • Built-in AI inference
Vercel Wrappers + markup
  • Postgres (Neon under the hood)
  • KV (Upstash under the hood)
  • Blob storage
  • Edge Config
  • AI SDK
Netlify Minimal native data
  • Netlify DB (beta)
  • Blobs
  • Forms (still unique)
  • AI Gateway
Fig. 5 Native depth versus wrappers. Cloudflare ships its own data layer end to end; Vercel resells third-party services with markup; Netlify keeps its native data minimal.

What about developer experience and lock-in?

This is where Vercel earns its reputation. Preview deployments are excellent: every pull request gets a live URL, and stakeholders can leave comments directly on the UI. Builds are fast, around 45 seconds for a medium Next.js app, and the CLI auto-detects frameworks with almost no configuration. It feels polished in a way the others are still chasing.

That polish has a cost. Many Next.js features, including ISR, image optimization, and Edge Config, are tied tightly to Vercel’s infrastructure, so moving away means reworking parts of your app. Netlify sits between the two worlds, with strong framework support and useful extras like Forms, though the credit system adds friction to frequent deploys. Cloudflare’s developer experience has improved a lot with recent Wrangler updates, but it still asks you to understand its runtime model before you are productive.

The vinext saga: a Next.js clone built by AI

The biggest story in this space is about who controls Next.js. In February 2026, Cloudflare released vinext, a reimplementation of the Next.js API on top of Vite. One engineer directed AI over about 800 coding sessions in roughly a week, spending around $1,100 in tokens. The result claimed 94% API coverage of Next.js 16, 4.4 times faster builds, and 57% smaller client bundles. It got attention fast.

Then came the security reckoning. Vercel disclosed 7 vulnerabilities, 2 of them critical, and an independent firm reported 45 issues, 24 manually confirmed, in a write-up cheekily titled “Vibe-hacking Cloudflare’s vibe-coded Next.js replacement.” Cloudflare shipped WAF and adapter mitigations in response. Despite all of it, vinext is already running CIO.gov in production.

The build
1 week One engineer + AI, ~800 coding sessions
$1,100 Total API token cost to build it
94% Of the Next.js 16 API surface covered
4.4× Faster builds, with 57% smaller bundles
The fallout

Vercel disclosed 7 vulnerabilities (2 critical). An independent security firm then reported 45 issues, 24 manually confirmed, in a write-up titled “Vibe-hacking Cloudflare’s vibe-coded Next.js replacement.” vinext is still experimental, and already running CIO.gov in production.

Fig. 6 The vinext story in two beats: an impressive AI-assisted build, then a wave of security findings. It is still experimental, and already live on a .gov site.

The drama matters less than what it signals. A small team can now use AI to clone a flagship framework in a week, good enough to run a government site, and buggy enough to scare a security team. That is a shift in how frameworks might get built and deployed, and it lands directly on the platform you choose.

Vercel vs Netlify vs Cloudflare Pages, head to head

Here is the quick version across the dimensions that decide most projects. Read it as a map, not a verdict, since the right pick depends on which row you care about most.

DimensionVercelNetlifyCloudflare Pages
Bandwidth pricingMetered (1 TB included on Pro)Metered via creditsUnlimited, free on all plans
Cost at 5 TB + 10M calls$600–800$500–700$50–80
Free tierNon-commercial only~20 deploys/mo, hard capCommercial OK, unlimited bandwidth
RuntimeAWS Lambda + Edge (V8)AWS Lambda + Deno EdgeV8 isolates, 330+ cities
Cold start (Node)≈1,089 ms3.8–5.9 s< 20 ms (isolates)
Memory ceilingup to 3 GB1 GB128 MB per isolate
Native dataWrappers (Neon, Upstash)Minimal (DB beta, Blobs)D1, R2, KV, Durable Objects, AI
Bill-shock riskHigh (no hard cap)Low (hard-capped free)None for bandwidth
Best atNext.js + DXForms, predictable costsScale, static, edge data

So which should you choose?

Match the platform to the thing you actually care about, not the feature list. If you are fully invested in Next.js and want the smoothest experience, pick Vercel. If your app is bandwidth-heavy, high-traffic, or static, pick Cloudflare. If you want built-in forms and predictable costs, pick Netlify. If you are building a full-stack edge app with integrated data, Cloudflare again. And if a surprise bill is your nightmare, Cloudflare’s free bandwidth or Netlify’s hard-capped free plan both remove the risk, where Vercel does not.

Deep into Next.js, DX is everything Vercel
Bandwidth-heavy or high-traffic Cloudflare
Static site (Astro, Hugo, plain HTML) Cloudflare
Full-stack edge app with built-in data Cloudflare
Want built-in forms, predictable costs Netlify
Growing team, many seats CloudflareNetlify
Terrified of a surprise bill CloudflareNetlify
Fastest cold starts Cloudflare
Fig. 7 Pick by what you care about most. Each driver maps to the platform that wins it; a few list two when either fits.

The real decision is not about features. It is about which trade-offs you want baked into your stack from day one. Vercel trades cost and portability for polish. Cloudflare trades a little setup and a tight memory limit for speed and near-free scale. Netlify trades raw power for predictability. Those choices stay quiet while you build, and they get loud the moment your project succeeds.

For the animated version of this showdown, with the pricing math and the bill-shock stories laid out on screen, watch the full breakdown on YouTube.

Frequently asked questions

Which is cheapest: Vercel, Netlify, or Cloudflare Pages?

Cloudflare Pages, by a wide margin at scale. Because it never charges for bandwidth, a workload that costs $600 to $800 on Vercel or $500 to $700 on Netlify runs about $50 to $80 on Cloudflare. The gap is roughly an order of magnitude, and bandwidth pricing drives almost all of it.

Is Cloudflare Pages better than Vercel?

It depends on the job. Cloudflare wins on price, cold starts, and global reach, and ships a full native data platform. Vercel wins on developer experience and Next.js support, where new features land first. Pick Cloudflare for bandwidth-heavy or static sites, Vercel for a polished Next.js workflow.

Why are Vercel bills so unpredictable?

Vercel meters bandwidth and function usage and has no true hard spending cap, so a traffic spike or a DDoS attack keeps accumulating charges while your site stays live. Developers have reported jumps from $50 to $1,200 after a project took off, driven by unoptimized function invocations.

Can a static site really run up a huge bill?

Yes, on a metered platform. In February 2024 a free-tier Netlify site that served only static files absorbed 190 TB of DDoS traffic in four days and generated a $104,500 bill. The CEO waived it. On Cloudflare the same attack costs nothing, because bandwidth is free.

Is Netlify still worth it in 2026?

For some teams, yes. Netlify offers built-in Forms, strong multi-framework support, and a hard-capped free plan that cannot surprise you with charges. The friction is its credit system: a production deploy costs 15 credits, so the free tier covers only around 20 deploys a month before the site pauses.

What is vinext?

vinext is Cloudflare's February 2026 reimplementation of the Next.js API on top of Vite, built by one engineer directing AI over about a week for $1,100 in tokens. It covers 94% of the Next.js 16 API, but Vercel and security researchers found dozens of vulnerabilities soon after launch.

Sources

  1. Hacker News · "Netlify just sent me a $104k bill for a simple static site" (Feb 2024) · retrieved 2026-06-04
  2. ServerlessHorrors · Netlify $104,500 incident write-up · retrieved 2026-06-04
  3. Reddit r/startups · founder's Vercel bill jumped from $50 to $1,200 at $5K MRR · retrieved 2026-06-04
  4. Vercel · Pricing · retrieved 2026-06-04
  5. Netlify · Pricing · retrieved 2026-06-04
  6. Cloudflare · Workers & Pages pricing · retrieved 2026-06-04
  7. Cloudflare · The network (330+ cities) · retrieved 2026-06-04
  8. GitHub · cloudflare/vinext · retrieved 2026-06-04
  9. InfoQ · Cloudflare Releases Experimental Next.js Alternative Built with AI (Mar 2026) · retrieved 2026-06-04
  10. Hacktron AI · "Vibe-hacking Cloudflare's vibe-coded Next.js replacement" · retrieved 2026-06-04
  11. Cloudflare changelog · WAF and adapter mitigations for React and Next.js vulnerabilities (May 2026) · retrieved 2026-06-04
</>

Ricardo de Jong

Creator of Devsplainers

Ricardo de Jong makes Devsplainers, turning complex developer and AI topics into short animated videos and written companions. Each article is built from the same research and script behind the video. No hype, no jargon walls.

YouTube Take-Outs newsletter

The newsletter

Liked this? Get the Take-Outs.

One email every Tuesday: a spicy take on a trending dev topic, video out-takes, and the tool of the week. Free.

Subscribe
<devsplainers>