What we've been doing with Go
2013-11-11
Almost two years ago CloudFlare started working with Go. What started as an experiment on one network and concurrency heavy project has turned into full, production use of Go for multiple services....
Cloud-o-ween
2013-10-31
Over the weekend, I happened by a pumpkin carving contest in Monterey. One of the winning pumpkins was a low-relief scene of a pirate ship. The hull was created by carving the pumpkin in the traditional way....
A (Relatively Easy To Understand) Primer on Elliptic Curve Cryptography
2013-10-24
Elliptic Curve Cryptography (ECC) is one of the most powerful but least understood types of cryptography in wide use today. At CloudFlare, we make extensive use of ECC to secure everything from our customers' HTTPS connections to how we pass data between our data centers....
CloudFlare And Open Source Software: A Two-Way Street
2013-10-07
CloudFlare uses a great deal of open source and free software. Our core server platform is nginx (which is released using a two-clause BSD license) and our primary database of choice is postgresql (which is released using their own BSD-like license). ...
How I created the viral sensation: isthegovernmentopen.com
2013-10-04
A few years ago, amidst the final crunch of a project deadline, a friend and former colleague looked me directly in the eye and said, "It's like I don't even know how to build a website anymore."...
Patching a WHMCS zero day on day zero
2013-10-03
A critical zero-day vulnerability was published today affecting any hosting provider using WHMCS. As part of building a safer web, CloudFlare has added a ruleset to our Web Application Firewall (WAF) to block the published attack vector....
Ensuring Randomness with Linux's Random Number Generator
2013-10-03
When building secure systems, having a source of random numbers is essential. Without them, most cryptographic systems break down and the privacy and authenticity of communications between two parties can be subverted....
Cloudflare: Happy 3rd Birthday
2013-09-27
Today is CloudFlare's birthday. We opened to the public exactly three years ago today, September 27, 2010. In those three years we've grown to power more than 1.5 million websites and sit in front of more than 4% of all web requests....
Why some cryptographic keys are much smaller than others
2013-09-20
If you connect to CloudFlare's web site using HTTPS the connection will be secured using one of the many encryption schemes supported by SSL/TLS. ...
Why secure systems require random numbers
2013-09-13
If you've been following recent news about technical spying by the US National Security Agency and the UK's Government Communications Headquarters you may have come across a claim that the NSA was involved in weakening a random number generator. ...
SXSW 2014: Get your PanelPicker votes in today!
2013-09-05
CloudFlare is headed to the Interactive portion of SXSW in Austin from March 7-11, 2014. We are very excited to share some of the knowledge and experiences we’ve gained since our CloudFlare journey began. ...
Details Behind Today's Internet Hacks
2013-08-27
At 1:19pm, a researcher noticed that the New York Times' website wasn't loading. We know the New York Times tech team, so we emailed to check in. Minutes later, the CTO of the NYT called us back. ...
The story of a little DNS easter egg
2013-08-27
About a year ago, we realized that CloudFlare's current DNS infrastructure had some challenges. We were using PowerDNS, an open source DNS server that is popular with hosting providers. ...
Recycling memory buffers in Go
2013-08-24
This blog post is very old now. You probably don't want to use the techniques described here. GO'S sync.Pool is a better way to go....
CloudFlare's new WAF: compiling to Lua
2013-08-23
We use nginx throughout our network for front-line web serving, proxying and traffic filtering. In some cases, we've augmented the core C code of nginx with our own modules, but recently we've made a major move to using Lua in conjunction with nginx. One project that's now almost entirely written in Lua is the new CloudFlare WAF that we blogged about the other day. The Lua WAF uses the nginx Lua module to embed Lua code and execute that code as part of the normal nginx handling of phases....
Updating Our Privacy Policy
2013-08-20
Hi I’m Ken Carter, CloudFlare’s newly minted in-house counsel. Now that I have introduced myself, feel free to introduce yourself. Or, don’t. You may want to remain anonymous because you value your privacy. We do, too. ...
Heuristics and Rules: Why We Built a New Old WAF
2013-08-19
We just rolled out an update to CloudFlare's Web Application Firewall (WAF). Previously, CloudFlare's WAF has received criticism from people who have tested it and found that it didn't behave as traditional WAFs are expected to. ...
Cloudflare and Free Speech
2013-08-09
This question assumes the answer. A website is speech. It is not a bomb. There is no imminent danger it creates and no provider has an affirmative obligation to monitor and make determinations about the theoretically harmful nature of speech a site may contain....
What's the story behind the names of CloudFlare's name servers?
2013-08-06
We're going to do a series of blog posts about some of the inner workings of CloudFlare. One of the questions we get often is what the names of our name servers mean. Here's the story....
DDoS Prevention: Protecting The Origin
2013-07-30
One of the many great features that CloudFlare provides is protection from Distributed Denial of Service (DDoS) attacks. A malicious party who wants to make your website or web service unavailable could try to overwhelm it with requests from compromised machines (or bots) all around the world. ...