The Cloudflare Blog

CloudFlare's new WAF: compiling to Lua

2013-08-23

We use nginx throughout our network for front-line web serving, proxying and traffic filtering. In some cases, we've augmented the core C code of nginx with our own modules, but recently we've made a major move to using Lua in conjunction with nginx. One project that's now almost entirely written in Lua is the new CloudFlare WAF that we blogged about the other day. The Lua WAF uses the nginx Lua module to embed Lua code and execute that code as part of the normal nginx handling of phases....

John Graham-Cumming

Updating Our Privacy Policy

2013-08-20

Legal Privacy

Hi I’m Ken Carter, CloudFlare’s newly minted in-house counsel. Now that I have introduced myself, feel free to introduce yourself. Or, don’t. You may want to remain anonymous because you value your privacy. We do, too. ...

Kenneth R. Carter

Heuristics and Rules: Why We Built a New Old WAF

2013-08-19

Reliability WAF

We just rolled out an update to CloudFlare's Web Application Firewall (WAF). Previously, CloudFlare's WAF has received criticism from people who have tested it and found that it didn't behave as traditional WAFs are expected to. ...

Matthew Prince

Cloudflare and Free Speech

2013-08-09

Freedom of Speech Legal Cloudflare History

This question assumes the answer. A website is speech. It is not a bomb. There is no imminent danger it creates and no provider has an affirmative obligation to monitor and make determinations about the theoretically harmful nature of speech a site may contain....

Matthew Prince

What's the story behind the names of CloudFlare's name servers?

2013-08-06

Cloudflare History DNS Ninjas

We're going to do a series of blog posts about some of the inner workings of CloudFlare. One of the questions we get often is what the names of our name servers mean. Here's the story....

Matthew Prince

DDoS Prevention: Protecting The Origin

2013-07-30

DDoS Reliability

One of the many great features that CloudFlare provides is protection from Distributed Denial of Service (DDoS) attacks. A malicious party who wants to make your website or web service unavailable could try to overwhelm it with requests from compromised machines (or bots) all around the world. ...

Nick Sullivan

A Tour Inside CloudFlare's Latest Generation Servers

2013-07-22

Speed & Reliability Reliability Cloudflare Network

CloudFlare operates at a significant scale, handling more than a trillion requests through our network every month. ...

Matthew Prince

Government Surveillance: Why Transparency Matters

2013-07-18

Legal Privacy

The web is one of the greatest inventions of human history because it has made the world more transparent. Fundamentally, that's what the web does: it takes information that was inaccessible and opaque and makes it available and lucid....

Matthew Prince

Railgun Gives our Ecommerce Sites the Edge

2013-07-15

eCommerce Railgun Speed & Reliability

In March 2013, we started testing Railgun, and slowly rolled it out across our three web properties. We saw immediate results. First, we saw instant reductions in time to retrieve uncached HTML documents, and as an ecommerce web property every millisecond counts....

Guest Author

Staying on top of TLS attacks

2013-07-11

TLS RC4 Attacks Security

CloudFlare makes extensive use of TLS connections throughout our service which makes staying on top of the latest news about security problems with TLS a priority. We use TLS both externally and internally and different uses of TLS have different constraints....

John Graham-Cumming

Integrating Kyoto Tycoon With PostgreSQL

2013-07-08

SQL Speed & Reliability Cloudflare Network

CloudFlare has Points of Presence (PoPs) in 23 datacenters around the world and plans to expand to many more soon. It also has a single portal, CloudFlare.com, where website owners interact with the system. ...

Matvey Arye

Mirage 2.0: Solving the Mobile Browsing Speed Challenge

2013-06-13

Mirage Mobile Speed Speed & Reliability

Almost exactly a year ago, CloudFlare announced a feature called Mirage. Mirage was designed to make the loading of images faster in two primary ways....

Matthew Prince

CloudFlare will be at HostingCon 2013 in Full Force

2013-06-12

Events Austin Hosting Con SWAG Railgun Texas

The CloudFlare team will be at HostingCon 2013 in Austin next week. This is our third year at the show and we have a lot of things in store for partners. ...

Kristin Tarr

CloudFlare, PRISM, and Securing SSL Ciphers

2013-06-12

SSL

Over the last week we've closely watched the disclosures about the alleged NSA PRISM program. At CloudFlare, we have never been approached to participate in PRISM or any other similar program. ...

Matthew Prince

Happy IPv6 Day: Usage On the Rise, Attacks Too

2013-06-06

IPv6 Attacks Reliability IPv4 World IPv6 Day

June 6th is known as World IPv6 Day so we thought it was a good time to look at the trends in IPv6 usage across CloudFlare's network. ...

Matthew Prince

Today's Network Issue

2013-05-31

Network Post Mortem

Today at 16:13 UTC a large amount of traffic began hitting our Los Angeles data center. We have an in-house team that monitors our network 24x7x365 and immediately all their alarms went off....

Matthew Prince

Syrian Internet Restored

2013-05-08

Outage Syria

Yesterday, Syria's Internet connectivity was cut off from the rest of the world. At 14:12 UTC, approximately 19 hours and 30 minutes after it had been shut down, connectivity was returned....

Matthew Prince

How Syria Turned Off the Internet (Again)

2013-05-07

Network BGP Outage Syria

Today at 18:48 UTC, Syria dropped off the Internet. Based on the data we collect from our network, as well as reports from other organizations monitoring network routes, it appears that someone systematically withdrew the BGP. ...

Matthew Prince

Cribs: CloudFlare London Edition

2013-04-28

Life at Cloudflare Cloudflare History

CloudFlare's first international office opened this month near St. Paul's Cathedral in London. We decided to open this office for two major reasons: to get access to high quality software engineering, network operations and tech support folks, and to expand our 24/7 operations and support. ...

John Graham-Cumming

W3TC and WP Super Cache Vulnerability Discovered, We've Automatically Patched

2013-04-24

WordPress Vulnerabilities

The team at the research firm Sucuri announced a serious vulnerability to W3TC and WP Super Cache this afternoon. (Update: it appears the vulnerability was first reported on WordPress.org about a month ago.)...

Matthew Prince

← Newer Posts

Older Posts →