How we made Firewall Rules
March 04, 2019 1:00 PM
Recently we launched Firewall Rules, a new feature that allows you to construct expressions that perform complex matching against HTTP requests and then choose how that traffic is handled....
Cloudflare’s RPKI Toolkit
February 24, 2019 5:00 PM
A few months ago, we made a first then a second announcement about Cloudflare’s involvement in Resource Public Key Infrastructure (RPKI), and our desire to make BGP Internet routing more secure....
Cloudflare Registrar at three months
February 22, 2019 7:42 PM
We’re excited to make Cloudflare Registrar available to all of our customers and we’d like to share some insights and data about domain registration that we learned during the early access period....
Cloudflare Access now supports RDP
February 21, 2019 3:18 PM
Last fall, the United States FBI warned organizations of an increase in attacks that exploit vulnerabilities in the Remote Desktop Protocol (RDP). Attackers stole sensitive data and compromised networks by taking advantage of desktops left unprotected....
Stop the Bots: Practical Lessons in Machine Learning
February 20, 2019 3:14 PM
Bot-powered credential stuffing is a scourge on the modern Internet. These attacks attempt to log into and take over a user’s account by assaulting password forms with a barrage of dictionary words and previously stolen account credentials....
MORE POSTS
February 07, 2019 5:00 PM
Give your automated services credentials with Access service tokens
Cloudflare Access secures your internal sites by adding authentication. When a request is made to a site behind Access, Cloudflare asks the visitor to login with your identity provider....
- By
February 05, 2019 4:00 PM
Cloudflare Support for Azure Customers
Cloudflare seeks to help its end customers use whichever public and private clouds best suit their needs. Towards that goal, we have been working to make sure our solutions work well with various public cloud providers including Microsoft’s Azure platform....
- By
January 24, 2019 5:57 PM
HTTP/3: From root to tip
Explore HTTP/3 from root to tip and discover the backstory of this new HTTP syntax that works on top of the IETF QUIC transport....
- By
January 23, 2019 9:13 AM
Tracing Soon-to-Expire Federal .gov Certificates with CT Monitors
As of December 22, 2018, parts of the US Government have “shut down” because of a lapse in appropriation. ...
- By
January 16, 2019 5:01 PM
One-Click DNSSEC with Cloudflare Registrar
When you launch a domain, you rely on the Domain Name System to direct your users to your site. However, DNS can't guarantee that visitors reach your content because basic DNS lacks authentication....
- By
December 25, 2018 5:42 PM
Concise Christmas Cryptography Challenges 2019
We've put together some Christmas Cryptography questions. Do you think you can solve them?...
- By
December 21, 2018 1:11 PM
Firewall Rules - Priority and Ordering
Firewall Rules are one of the best security features we released this year, and have been an overwhelming success. Customers have been using Firewall Rules to solve interesting security related use cases....
- By
December 20, 2018 1:00 PM
Banking-Grade Credential Stuffing: The Futility of Partial Password Validation
Recently when logging into one of my credit card providers, I was greeted by a familiar screen. After entering in my username, the service asked me to supply 3 random characters from my password to validate ownership of my account....
- By
November 29, 2018 9:54 AM
Know your SCM_RIGHTS
As TLS 1.3 was ratified earlier this year, I was recollecting how we got started with it here at Cloudflare. We made the decision to be early adopters of TLS 1.3 a little over two years ago. It was a very important decision, and we took it very seriously....
- By
November 28, 2018 7:59 PM
L4Drop: XDP DDoS Mitigations
Efficient packet dropping is a key part of Cloudflare’s distributed denial of service (DDoS) attack mitigations. In this post, we introduce a new tool in our packet dropping arsenal: L4Drop....
- By
November 16, 2018 11:00 AM
Announcing SSH Access through Cloudflare
You can now place applications that require SSH connections, like your source control repository, behind Cloudflare Access. We’re excited to release that same feature so that your team can also destroy your own VPN....
- By
November 15, 2018 5:22 PM
How a Nigerian ISP Accidentally Knocked Google Offline
Last Monday evening — 12 November 2018 — Google and a number of other services experienced a 74 minute outage. Incidents like this only serve to demonstrate just how much frailty is involved in how packets get from one point on the Internet to another....
- By
November 13, 2018 7:33 PM
Real URLs for AMP Cached Content Using Cloudflare Workers
As Cloudflare Workers matures, we continue to push ourselves to develop and deploy important features using them. Today, we’re excited to announce support for HTTP signed exchanges, generated by Cloudflare Workers!...
- By
November 12, 2018 11:27 AM
The rise of multivector DDoS attacks
It's been a while since we last wrote about Layer 3/4 DDoS attacks on this blog. This is a good news - we've been quietly handling the daily onslaught of DDoS attacks. Since our last write-up, a handful of interesting L3/4 attacks have happened. Let's review them....
- By