Introducing Certificate Transparency and Nimbus
March 23, 2018 2:45 PM
Certificate Transparency (CT) is an ambitious project to help improve security online by bringing accountability to the system that protects HTTPS. ...
HTTPS or bust: Chrome’s plan to label sites as "Not Secure"
February 14, 2018 8:00 PM
Google just announced that beginning in July 2018, with the release of Chrome 68, web pages loaded without HTTPS will be marked as “not secure”. More than half of web visitors will soon see this warning when visiting unencrypted HTTP sites....
Simple Cyber Security Tips (for your Parents)
December 25, 2017 3:32 PM
Today, December 25th, Cloudflare offices around the world are taking a break. From San Francisco to London and Singapore; engineers have retreated home for the holidays (albeit with those engineers on-call closely monitoring their mobile phones)....
The Curious Case of Caching CSRF Tokens
December 13, 2017 2:00 PM
It is now commonly accepted as fact that web performance is critical for business. Slower sites can affect conversion rates on e-commerce stores, they can affect your sign-up rate on your SaaS service and lower the readership of your content....
Performing & Preventing SSL Stripping: A Plain-English Primer
October 20, 2017 4:23 PM
Over the past few days we learned about a new attack that posed a serious weakness in the encryption protocol used to secure all modern Wi-Fi networks....
MORE POSTS
September 26, 2017 1:00 PM
Introducing the Cloudflare Geo Key Manager
Cloudflare’s customers recognize that they need to protect the confidentiality and integrity of communications with their web visitors....
- By
September 12, 2017 4:29 PM
Understanding the prevalence of web traffic interception
This post summarizes how prevalent encrypted web traffic interception is and how it negatively affects online security according to a study published at NDSS 2017 authored by several researchers including the author of this post and Nick Sullivan of Cloudflare. ...
- By
July 10, 2017 12:43 PM
High-reliability OCSP stapling and why it matters
At Cloudflare our focus is making the internet faster and more secure. Today we are announcing a new enhancement to our HTTPS service: High-Reliability OCSP stapling....
- By
July 06, 2017 1:35 PM
How to make your site HTTPS-only
The Internet is getting more secure every day as people enable HTTPS, the secure version of HTTP, on their sites and services....
- By
September 24, 2016 3:46 PM
How we brought HTTPS Everywhere to the cloud (part 1)
CloudFlare's mission is to make HTTPS accessible for all our customers. It provides security for their websites, improved ranking on search engines, better performance with HTTP/2, and access to browser features such as geolocation that are being deprecated for plaintext HTTP....
- By
September 22, 2016 2:34 PM
Fixing the mixed content problem with Automatic HTTPS Rewrites
It used to be difficult, expensive, and slow to set up an HTTPS capable web site. Then along came CloudFlare’s Universal SSL that made switching from http:// to https:// as easy as clicking a button. ...
- By
September 21, 2016 3:51 PM
Opportunistic Encryption: Bringing HTTP/2 to the unencrypted web
Encrypting the web is not an easy task. Various complexities prevent websites from migrating from HTTP to HTTPS, including mixed content, which can prevent sites from functioning with HTTPS. ...
- By
September 20, 2016 1:04 PM
Introducing TLS 1.3
The encrypted Internet is about to become a whole lot snappier. When it comes to browsing, we’ve been driving around in a beat-up car from the 90s for a while. Little does anyone know, we’re all about to trade in our station wagons for a smoking new sports car. ...
- By
September 20, 2016 1:04 PM
Encryption Week
Since CloudFlare’s inception, we have worked tirelessly to make encryption as simple and as accessible as possible. Over the last two years, we’ve made CloudFlare the easiest way to enable encryption for web properties and internet services. ...
- By
May 03, 2016 11:40 AM
Introducing CloudFlare Origin CA
In the fall of 2014 CloudFlare launched Universal SSL and doubled the number of sites on the Internet accessible via HTTPS. In just a few days we issued certificates protecting millions of our customers’ domains and became the easiest way to secure your website with SSL/TLS....
- By
March 28, 2016 9:00 PM
Going to IETF 95? Join the TLS 1.3 hackathon
If you’re in Buenos Aires on April 2-3 and are interested in building, come join the IETF Hackathon. CloudFlare and Mozilla will be working on TLS 1.3, the first new version of TLS in eight years!...
- By
March 23, 2016 4:03 PM
TLS Certificate Optimization: The Technical Details behind "No Browser Left Behind"
Back in early December we announced our "no browser left behind" initiative to the world. Since then, we have served well over 500 billion SHA-1 certificates to visitors that otherwise would not have been able to communicate securely with our customers’ sites using HTTPS....
- By
February 11, 2016 12:49 AM
Change the (S)Channel! Deconstructing the Microsoft TLS Session Resumption bug
Several months ago we started hearing occasional reports from .NET developers that they were having trouble maintaining HTTPS sessions with one of our customer’s websites. ...
- By
June 24, 2015 1:57 PM
How to build your own public key infrastructure
A major part of securing a network as geographically diverse as CloudFlare’s is protecting data as it travels between datacenters. Customer data and logs are important to protect but so is all the control data that our applications use to communicate with each other. ...
- By