Help us test our DNSSEC implementation
2015-01-29
Today is a big day for CloudFlare! We are publishing our first two DNSSEC signed zones for the community to analyze and give feedback on....
Flexible SSL & Wordpress: Fixing “Mixed Content” Errors
2015-01-21
As many are aware, CloudFlare launched Universal SSL several months ago. We saw lots of customers sign up and start using these new, free SSL certificates. For many customers that didn’t already have an SSL certificate, they were able to use “Flexible SSL”....
DDoS Packet Forensics: Take me to the hex!
2015-01-06
A few days ago, my colleague Marek sent an email about a DDoS attack against one of our DNS servers that we'd been blocking with our BPF rules....
CloudFlare in 2014: Bigger, Faster, Securer
2014-12-31
At the end of 2013 we posted a blog article titled 2013: Rebuild the Engine; 2014: Step on the Gas which explained how in 2013 we had been rebuilding the engine that powers CloudFlare and how we expected 2014 to be when we stepped on the gas....
Kyoto Tycoon Secure Replication
2014-12-22
Kyoto Tycoon is a distributed key-value store written by FAL Labs, and it is used extensively at CloudFlare. Like many popular key-value stores, Kyoto Tycoon uses timestamp-based replication to ensure eventual consistency and guarantee ordering....
Improving PicoHTTPParser further with AVX2
2014-12-18
In a recent post, Kazuho's Weblog describes an improvement to PicoHTTPParser. This improvement utilizes the SSE4.2 instruction PCMPESTRI in order to find the delimiters in a HTTP request/response and parse them accordingly. ...
Johannesburg: CloudFlare’s 30th data center
2014-12-09
Fire up the celebration braai, Jozi! CloudFlare is here, and it’s a big one. An important milestone (our 30th data center) calls for an equally important new location: Johannesburg, South Africa, our first data center in Africa....
Lima, Peru: CloudFlare’s 29th data center
2014-12-03
Just when you thought we’d reached the end, CloudFlare’s Latin America data center expansion continues. Hot on the heels of our recent expansion into Santiago, São Paulo, and Medellin, this holiday season commences in Lima with our 29th data center globally, and our fourth in Latin America....
Prepare Your Site for Traffic Spikes this Holiday Season
2014-11-17
The holiday season is approaching, and everyone is thinking about gifts for their friends and family. As people increasingly shop online, this means huge spikes in traffic for web sites---especially ecommerce sites....
Migrating to the Ghost Blogging Platform
2014-11-11
For those of you that follow the CloudFlare blog, you’ll know that we try to be prolific. We have industry leaders like Matthew Prince, John Graham-Cumming, Nick Sullivan, and others publishing pieces weekly from the front lines of internet performance and security....
CloudFlare and SHA-1 Certificates
2014-11-10
At CloudFlare, we’re dedicated to ensuring sites are not only secure, but also available to the widest audience. In the coming months, both Google’s Chrome browser and Mozilla’s Firefox browser are changing their policy with respect to certain web site certificates....
DNSSEC: Complexities and Considerations
2014-11-05
DNSSEC is an extension to DNS: it provides a system of trust for DNS records. In this post we examine some of the complications of DNSSEC, and what CloudFlare plans to do to reduce any negative impact they might have. ...
Take a break and watch two recent engineering talks
2014-10-30
Recently, I spoke at the dotGo 2014 conference in Paris and my colleague (and creator of OpenResty) Yichun Zhang spoke at the first NGINX conference in San Francisco....
Drupal 7 SA-CORE-2014-005 SQL Injection Protection
2014-10-16
Yesterday the Drupal Security Team released a critical security patch for Drupal 7 that fixes a very serious SQL injection vulnerability....
SSLv3 Support Disabled By Default Due to POODLE Vulnerability
2014-10-14
For the last week we've been tracking rumors about a new vulnerability in SSL. This specific vulnerability, which was just announced, targets SSLv3. ...
Automatic protection for common web platforms
2014-10-14
If you are a CloudFlare Pro or above customer you enjoy the protection of the CloudFlare WAF. If you use one of the common web platforms, such as WordPress, Drupal, Plone, WHMCS, or Joomla, then it's worth checking if the relevant CloudFlare WAF ruleset is enabled....
DNSSEC: An Introduction
2014-10-07
At CloudFlare our mission is to help build a better Internet. Part of this effort includes making web sites faster, more reliable, and more trustworthy....
The little extra that comes with Universal SSL
2014-10-06
Last Monday we announced our SSL for Free plan users called Universal SSL. Universal SSL means that any site running on CloudFlare gets a free SSL certificate, and is automatically secured over HTTPS....
Route leak incident on October 2, 2014
2014-10-02
Today, CloudFlare suffered downtime which caused customers’ sites to be inaccessible in certain parts of the world....
Universal SSL: How It Scales
2014-10-01
On Monday, we announced Universal SSL, enabling HTTPS for all websites using CloudFlare’s Free plan. Universal SSL represents a massive increase in the number of sites we serve over HTTPS—from tens of thousands, to millions....