L4Drop: XDP DDoS Mitigations
November 28, 2018 7:59 PM
Efficient packet dropping is a key part of Cloudflare’s distributed denial of service (DDoS) attack mitigations. In this post, we introduce a new tool in our packet dropping arsenal: L4Drop....
Announcing SSH Access through Cloudflare
November 16, 2018 11:00 AM
You can now place applications that require SSH connections, like your source control repository, behind Cloudflare Access. We’re excited to release that same feature so that your team can also destroy your own VPN....
How a Nigerian ISP Accidentally Knocked Google Offline
November 15, 2018 5:22 PM
Last Monday evening — 12 November 2018 — Google and a number of other services experienced a 74 minute outage. Incidents like this only serve to demonstrate just how much frailty is involved in how packets get from one point on the Internet to another....
Real URLs for AMP Cached Content Using Cloudflare Workers
November 13, 2018 7:33 PM
As Cloudflare Workers matures, we continue to push ourselves to develop and deploy important features using them. Today, we’re excited to announce support for HTTP signed exchanges, generated by Cloudflare Workers!...
The rise of multivector DDoS attacks
November 12, 2018 11:27 AM
It's been a while since we last wrote about Layer 3/4 DDoS attacks on this blog. This is a good news - we've been quietly handling the daily onslaught of DDoS attacks. Since our last write-up, a handful of interesting L3/4 attacks have happened. Let's review them....
MORE POSTS
October 15, 2018 5:15 PM
DC CyberWeek Is Here!
This October is the 15th annual National Cybersecurity Awareness Month in the United States, a collaboration between the US government and industry to raise awareness about the part we can all play in staying more secure online....
- By
October 05, 2018 6:30 PM
Leave your VPN and cURL secure APIs with Cloudflare Access
We built Access to solve a problem here at Cloudflare: our VPN. Our team members hated the slowness and inconvenience of VPN but, that wasn’t the issue we needed to solve. The security risks posed by a VPN required a better solution....
- By
October 03, 2018 8:20 PM
Announcing Firewall Rules
Threat landscapes change every second. As attackers evolve, vulnerabilities materialise faster than engineers can patch systems becoming more dynamic and devious. Part of Cloudflare’s mission is to keep you and your applications safe....
- By
October 02, 2018 6:56 PM
Cloudflare Access: Sharing our single-sign on plugin for Atlassian
Here at Cloudflare, we rely on a set of productivity tools built by Atlassian, including Jira and Confluence. We secure them with Cloudflare Access. In the past, when our team members wanted to reach those applications, they first logged in with our identity provider credentials ...
- By
September 28, 2018 7:40 PM
Birthday Week Wrap-Up: Every day is launch day at Cloudflare
Our customers are accustomed to us launching new services, features, and functionality at a feverish pace, but recently, we’ve been especially active. This week we celebrated our 8th Birthday Week by announcing new offerings that benefit our customers and the global Internet comm...
- By
September 25, 2018 12:00 PM
The QUICening
Six o’clock already, I was just in the middle of a dream, now I’m up, awake, looking at my Twitter stream. As I do that the Twitter app is making multiple API calls over HTTPS to Twitter’s servers somewhere on the Internet....
- By
September 24, 2018 12:01 PM
Encrypt it or lose it: how encrypted SNI works
Today we announced support for encrypted SNI, an extension to the TLS 1.3 protocol that improves privacy of Internet users....
- By
September 24, 2018 12:00 PM
Encrypting SNI: Fixing One of the Core Internet Bugs
Cloudflare launched on September 27, 2010. Since then, we've considered September 27th our birthday. This Thursday we'll be turning 8 years old. Ever since our first birthday, we've used the occasion to launch new products or services....
- By
September 23, 2018 12:00 PM
Cloudflare Turns 8 — here’s what we mean by a “better Internet”
I have always loved birthdays. It is a chance to get together with loved ones, a chance to have fun and a chance to reflect on anything you want to keep doing or change in the upcoming year....
- By
September 21, 2018 12:00 PM
Roughtime: Securing Time with Digital Signatures
When you visit a secure website, it offers you a TLS certificate that asserts its identity. Every certificate has an expiration date, and when it’s passed due, it is no longer valid....
- By
September 20, 2018 12:00 PM
Introducing the Cloudflare Onion Service
Two years ago this week Cloudflare introduced Opportunistic Encryption, a feature that provided additional security and performance benefits to websites that had not yet moved to HTTPS....
- By
September 19, 2018 12:01 PM
RPKI and BGP: our path to securing Internet Routing
This article will talk about our approach to network security using technologies like RPKI to sign Internet routes and protect our users and customers from route hijacks and misconfigurations....
- By
September 19, 2018 12:00 PM
RPKI - The required cryptographic upgrade to BGP routing
We have talked about the BGP Internet routing protocol before. We have talked about how we build a more resilient network and how we can see outages at a country-level via BGP. We have even talked about the network community that is vital to the operation of the global Internet....
- By
September 18, 2018 1:00 PM
Expanding DNSSEC Adoption
Cloudflare first started talking about DNSSEC in 2014 and at the time, Nick Sullivan wrote: “DNSSEC is a valuable tool for improving the trust and integrity of DNS, the backbone of the modern Internet.”...
- By