What’s new in Cloudflare: Account Owned Tokens and Zaraz Automated Actions2024-11-14Cloudflare customers can now create Account Owned Tokens , allowing more flexibility around access control for their Cloudflare services. Additionally, Zaraz Automation Actions streamlines event tracking and third-party tool integration. ...Continue reading »Joseph SoOmar MohammadYo'av Moshe
How we prevent conflicts in authoritative DNS configuration using formal verification2024-11-08DNSResearchAddressingFormal MethodsWe describe how Cloudflare uses a custom Lisp-like programming language and formal verifier (written in Racket and Rosette) to prevent logical contradictions in our authoritative DNS nameserver’s behavior....James LarischSuleman AhmadMarwan Fayed
A look at the latest post-quantum signature standardization candidates2024-11-07Post-QuantumResearchCryptographyTLSNIST has standardized four post-quantum signature schemes so far, and they’re not done yet: there are fourteen new candidates in the running for standardization. In this blog post we take measure of them and discover why we ended up with so many PQ signatures....Bas WesterbaanLuke Valenta
Exploring Internet traffic shifts and cyber attacks during the 2024 US election2024-11-06Cloudflare RadarElectionsAthenian ProjectTrendsDDoSCloudflare for CampaignsInternet TrafficElection SecurityElection Day 2024 in the US saw a surge in cyber activity. Cloudflare blocked several DDoS attacks on political and election sites, ensuring no impact. In this post, we analyze these attacks, as well Internet traffic increases across the US and other key trends....João ToméJocelyn Woolbright
Workers Builds: integrated CI/CD built on the Workers platform2024-10-31Developer PlatformDevelopersAgile Developer ServicesCloudflare WorkersWorkers Builds, an integrated CI/CD pipeline for the Workers platform, recently launched in open beta. We walk through how we built this product on Cloudflare’s Developer Platform....Serena Shah-SimpsonJacob HandsNatalie Rogers
Moving Baselime from AWS to Cloudflare: simpler architecture, improved performance, over 80% lower cloud costs2024-10-31ObservabilityCloudflare WorkersDeveloper PlatformPerformancePost-acquisition, we migrated Baselime from AWS to the Cloudflare Developer Platform and in the process, we improved query times, simplified data ingestion, and now handle far more events, all while cutting costs. Here’s how we built a modern, high-performing observability platform on Cloudflare’s network. ...Boris Tane
Cloudflare’s perspective of the October 30 OVHcloud outage2024-10-30Cloudflare RadarTrendsConsumer ServicesOutageOn October 30, 2024, cloud hosting provider OVHcloud (AS16276) suffered a brief but significant outage. Within this post, we review Cloudflare’s perspective on this outage....Bryton HerdesDavid BelsonTanner Ryan
Migrating billions of records: moving our active DNS database while it’s in use2024-10-29DNSAPIDatabaseKafkaPostgresTracingQuicksilverDNS records have moved to a new database, bringing improved performance and reliability to all customers....Alex FattoucheCorey Horton
Forced offline: the Q3 2024 Internet disruption summary2024-10-29Cloudflare RadarInternet QualityInternet ShutdownOutageInternet TrafficConsumer ServicesThe third quarter of 2024 was particularly active, with quite a few significant Internet disruptions. Underlying causes included government-directed shutdowns, power outages, hurricane damage, terrestrial and submarine cable cuts, military action, and more....David Belson
Elephants in tunnels: how Hyperdrive connects to databases inside your VPC networks2024-10-25Developer PlatformDeep DiveCloudflare WorkersHyperdrivePostgresSQLRustWebSocketsHyperdrive (Cloudflare’s globally distributed SQL connection pooler and cache) recently added support for directing database traffic from Workers across Cloudflare Tunnels. We dive deep on what it took to add this feature....Andrew ReppEmilio AssunçãoAbhishek Chanda
Build durable applications on Cloudflare Workers: you write the Workflows, we take care of the rest2024-10-24Developer PlatformCloudflare WorkersDurable ObjectsWorkflowsCloudflare Workflows is now in open beta! Workflows allows you to build reliable, repeatable, long-lived multi-step applications that can automatically retry, persist state, and scale out. Read on to learn how Workflows works, how we built it on top of Durable Objects, and how you can deploy your first Workflows application....Sid ChatterjeeMatt SilverlockCelso Martinho
Billions and billions (of logs): scaling AI Gateway with the Cloudflare Developer Platform2024-10-24AIAI GatewayDurable ObjectsD1Developer PlatformDevelopersAgile Developer ServicesCloudflare WorkersR2 StorageHow we scaled AI Gateway to handle and store billions of requests, using Cloudflare Workers, D1, Durable Objects, and R2....Catarina Pires MotaGabriel MassadasNelson Duarte
Durable Objects aren't just durable, they're fast: a 10x speedup for Cloudflare Queues2024-10-24Product NewsCloudflare QueuesCloudflare WorkersDurable ObjectsDevelopersDeveloper PlatformLearn how we built Cloudflare Queues using our own Developer Platform and how it evolved to a geographically-distributed, horizontally-scalable architecture built on Durable Objects. Our new architecture supports over 10x more throughput and over 3x lower latency compared to the previous version....Josh WheelerSiddhant SinhaTodd MantellPranshu Maheshwari
4.2 Tbps of bad packets and a whole lot more: Cloudflare's Q3 DDoS report2024-10-23DDoS ReportsDDoSAdvanced DDoSCloudflare RadarAttacksThe number of DDoS attacks spiked in the third quarter of 2024. Cloudflare mitigated nearly 6 million DDoS attacks, representing a 49% increase QoQ and 55% increase YoY....Omer YoachimikJorge Pacheco
Fearless SSH: short-lived certificates bring Zero Trust to infrastructure2024-10-23Zero TrustCloudflare Zero TrustAcquisitionsSSHCloudflare AccessCloudflare OneComplianceAccess for Infrastructure, BastionZero’s integration into Cloudflare One, will enable organizations to apply Zero Trust controls to their servers, databases, Kubernetes clusters, and more. Today we’re announcing short-lived SSH access as the first available feature of this integration. ...Sharon GoldbergAnn Ming SamborskiSebby Lipman
Training a million models per day to save customers of all sizes from DDoS attacks2024-10-23DDoSDeep DiveMachine LearningIn this post we will describe how we use anomaly detection to watch for novel DDoS attacks. We’ll provide an overview of how we build models which flag unusual traffic and keep our customers safe....Nick WoodManish Arora
Is this thing on? Using OpenBMC and ACPI power states for reliable server boot2024-10-22InfrastructureOpen SourceOpenBMCServersFirmwareCloudflare’s global fleet benefits from being managed by open source firmware for the Baseboard Management Controller (BMC), OpenBMC. This has come with various challenges, some of which we discuss here with an explanation of how the open source nature of the firmware for the BMC enabled us to fix the issues and maintain a more stable fleet....Nnamdi AjahRyan ChowGiovanni Pereira Zantedeschi
Building Vectorize, a distributed vector database, on Cloudflare’s Developer Platform2024-10-22EngineeringDeveloper PlatformEdge DatabaseDeep DiveStorageVectorize was recently upgraded and made generally available, now supporting indexes of up to 5 million vectors, delivering faster responses, with lower pricing and a free tier. This post dives deep into how we built Vectorize to enable these improvements....Jérôme SchneiderAlex Graham
The story of web framework Hono, from the creator of Hono2024-10-17Cloudflare WorkersCloudflare PagesHono is a web framework that is fast, lightweight, and built using the Web Standards API. Hear the story of Hono by the creator of Hono....Yusuke Wada
Analysis of the EPYC 145% performance gain in Cloudflare Gen 12 servers2024-10-15AMDEPYCHardwareCloudflare NetworkCloudflare’s Gen 12 server is the most powerful and power efficient server that we have deployed to date. Through sensitivity analysis, we found that Cloudflare workloads continue to scale with higher core count and higher CPU frequency, as well as achieving a significant boost in performance with larger L3 cache per core....JQ LauSyona Sarma