# I built a Cloudflare Worker so you can give the public free AI, without ever getting a surprise bill

> Source: <https://dev.to/mister_buds_4874bbe643dda/i-built-a-cloudflare-worker-so-you-can-give-the-public-free-ai-without-ever-getting-a-surprise-1042>
> Published: 2026-07-17 01:21:58+00:00

I built a Cloudflare Worker so you can give the public free AI without ever getting a surprise bill

Every time I wanted to add an AI feature to one of my apps and let anyone try it no login, no "enter your card," just here, use it the same thing stopped me: the bill.

The moment your API key is reachable by the public, you're one traffic spike, one bored person with a for loop, or one leaked key away from waking up to a four-figure invoice. So most of us do one of two things: bolt a login onto something that was supposed to be free, or just… never ship it.

I got tired of that trade-off, so I built the piece that was missing.

What it is

Free-Tier AI Relay is a ~20 KB Cloudflare Worker plus a zero-dependency browser client that sits between your app and the AI providers. You drop it in, drag it to Cloudflare's free plan, and you've got a public AI endpoint that can't run away with your money.

The whole design is built around one idea: ration a free allowance to anonymous strangers, and guarantee a spend ceiling.

How it actually works

Your key stays server-side. The browser only ever talks to your Worker — the provider key never touches the client.

Providers are tried in cost order, not reliability order. This is the part that's different from a normal gateway. It calls your cheapest option firs free tiers before anything paid. As shipped, that's Google Gemini's free tier, then free community models on OpenRouter. A paid model is only ever reached if you deliberately uncomment one. Out of the box, it calls only free tiers, so it costs $0 to run.

Free usage is capped three ways, every day, and a request has to pass all three:

per anonymous device (a UUID) soft fairness so one person can't hog it,

per network (a hashed IP, so you're not storing anyone's raw address) catches the easy device-reset abuse,

a hard global ceiling the one that actually protects your wallet. Once the whole app hits it for the day, the free tier closes until reset. You set that number from a budget you can live with.

It's one config file. Providers, cost order, caps, and endpoints all live in a single file. Adding a provider or a whole new AI feature needs zero code changes. There's also a one-toggle kill switch that pauses the entire free tier instantly, no redeploy.

"So do I ever actually pay?"

No not unless you choose to. The default state calls only free providers. The single paid-fallback line in the config is commented out; it does nothing until you uncomment it. And even if you do turn on a paid provider later (to get higher limits once you scale), the global daily cap becomes a hard ceiling on what you could possibly spend. Worst case is a number you picked in advance, not a surprise.

How it's different from LiteLLM / Portkey / other gateways

Those are great — at a different job. General LLM gateways make paid traffic from your own trusted backend reliable and observable, ordered by uptime. They assume you want to spend efficiently.

This solves the opposite problem: rationing a free allowance to an untrusted public, ordered by price, with a guaranteed ceiling. It's five minutes of your own code that you own and deploy — not a service you funnel your keys and traffic through.

Why I'm sharing it

I built this for my own apps first, then realized the "free AI feature that can't bankrupt me" problem is one basically every indie dev hits. So I've packaged it as a boilerplate.

Full disclosure so there's no bait-and-switch: it's a commercial boilerplate, pay-what-you-want, not open source — you can grab it here: [https://privateapps.gumroad.com/l/xenenx](https://privateapps.gumroad.com/l/xenenx). There's a ~40-second demo on that page showing the free-scan counter tick down to zero and the app cleanly refuse the next request instead of calling a paid model.

But I mostly want to hear what other people building public-facing AI think about the approach:

Does a three-layer cap (device + IP + global) feel like enough, or would you add a fourth lever?

How do you currently stop anonymous traffic from draining a free tier — or do you just gate everything behind a login?

Genuinely curious. Happy to go deep on the cap logic or the provider-fallback ordering in the comments.
