Open sourcing our NGINX HTTP/2 + SPDY code
2016-05-13
In December, we released HTTP/2 support for all customers and on April 28 we released HTTP/2 Server Push support as well....
How we built Origin CA: Web Crypto
2016-05-10
At CloudFlare we strive to combine features that are simple, secure, and backed by solid technology. The Origin CA is a great example of this. You no longer need to go to a third-party certificate authority to protect the connection between CloudFlare and your origin server....
python-cloudflare
2016-05-09
Very early on in the company’s history we decided that everything that CloudFlare does on behalf of its customer-base should be controllable via an API. In fact, when you login to the CloudFlare control panel, you’re really just making API calls to our backend services....
Sunsetting API v1 In Favor Of CloudFlare’s Current Client API: API v4
2016-05-09
Today we’re announcing the sunsetting of CloudFlare’s first client API, API v1. Starting November 9th, 2016 at noon Pacific Time (20:00 UTC), CloudFlare will no longer be supporting API v1....
Inside ImageTragick: The Real Payloads Being Used to Hack Websites
2016-05-09
Last week multiple vulnerabilities were made public in the popular image manipulation software, ImageMagick. These were quickly named ImageTragick. ...
First Bay Area OpenResty Meetup
2016-05-09
On March 9, 章亦春, known to most of us as agentzh, organized the first Bay Area OpenResty Meetup at CloudFlare's San Francisco office....
Everybody gets WebSockets
2016-05-05
Two summers ago, with a seemed-big-at-the-time network of 28 datacenters, not long after introducing Medellin, CloudFlare introduced support for WebSockets, initially for our Enterprise customers....
Dan Kaminsky Will Be Taking Your Questions At Our DNS Meetup Next Week In San Francisco
2016-05-04
Our last DNS meetup was a packed house with Paul Mockapetris, the original inventor of DNS. We learned why DNS answers have a question count but always only one question, why underscores aren’t allowed in domain names, and the history of how DNS came to be....
Yet Another Padding Oracle in OpenSSL CBC Ciphersuites
2016-05-04
Yesterday a new vulnerability has been announced in OpenSSL/LibreSSL. A padding oracle in CBC mode decryption, to be precise. Just like Lucky13. Actually, it’s in the code that fixes Lucky13....
Introducing CloudFlare Origin CA
2016-05-03
In the fall of 2014 CloudFlare launched Universal SSL and doubled the number of sites on the Internet accessible via HTTPS. In just a few days we issued certificates protecting millions of our customers’ domains and became the easiest way to secure your website with SSL/TLS....
Stronger protection and more control over security settings with CloudFlare’s new cPanel plugin
2016-05-02
CloudFlare has released a new version of our plugin for cPanel with two new features and more control over the security settings of your website....
Bangkok, Thailand: CloudFlare’s 79th Data Center
2016-05-01
CloudFlare just turned up our newest data center in Bangkok, the capital of Thailand and a very popular destination with travelers in Southeast Asia. This expands our network to span 32 cities across Asia, and 79 cities globally....
Lizard Squad Ransom Threats: New Name, Same Faux Armada Collective M.O.
2016-04-29
CloudFlare recently wrote about the group of cyber criminals claiming to be be the "Armada Collective." In that article, we stressed that this group had not followed through on any of the ransom threats they had made. ...
Announcing Support for HTTP/2 Server Push
2016-04-28
Last November, we rolled out HTTP/2 support for all our customers. At the time, HTTP/2 was not in wide use, but more than 88k of the Alexa 2 million websites are now HTTP/2-enabled....
Ask Me Anything About HTTP/2
2016-04-27
We're big fans of HTTP/2 at CloudFlare. Our customers make up the majority of HTTP/2 enabled domains today. HTTP/2 is a key part of the modern web, and its growth and adoption is changing how websites and applications are built....
Building the simplest Go static analysis tool
2016-04-27
Go native vendoring (a.k.a. GO15VENDOREXPERIMENT) allows you to freeze dependencies by putting them in a vendor folder in your project. The compiler will then look there before searching the GOPATH....
Kyiv, Ukraine: Cloudflare’s 78th Data Center
2016-04-26
Здоровенькі були! CloudFlare just turned up our newest datacenter in Kiev, the capital and largest city of Ukraine. Kiev is an old city with more than 1,000 years of history. ...
Empty DDoS Threats: Meet the Armada Collective
2016-04-25
Beginning in March 2016, we began hearing reports of a gang of cybercriminals once again calling themselves the Armada Collective. The calling card of the gang was an extortion email sent to a wide variety of online businesses threatening to launch DDoS attacks if they weren't paid in Bitcoin....
Today Is A Big Day For Page Rules
2016-04-19
Today we're releasing a whole suite of upgrades to page rules: API support, additional settings, pausing a page rule and a mobile-friendly design. ...