December 20, 2018
Recently when logging into one of my credit card providers, I was greeted by a familiar screen. After entering in my username, the service asked me to supply 3 random characters from my password to validate ownership of my account....
November 29, 2018
As TLS 1.3 was ratified earlier this year, I was recollecting how we got started with it here at Cloudflare. We made the decision to be early adopters of TLS 1.3 a little over two years ago. It was a very important decision, and we took it very seriously....
November 28, 2018
Efficient packet dropping is a key part of Cloudflare’s distributed denial of service (DDoS) attack mitigations. In this post, we introduce a new tool in our packet dropping arsenal: L4Drop....
November 16, 2018
You can now place applications that require SSH connections, like your source control repository, behind Cloudflare Access. We’re excited to release that same feature so that your team can also destroy your own VPN....
November 15, 2018
Last Monday evening — 12 November 2018 — Google and a number of other services experienced a 74 minute outage. Incidents like this only serve to demonstrate just how much frailty is involved in how packets get from one point on the Internet to another....
November 12, 2018
It's been a while since we last wrote about Layer 3/4 DDoS attacks on this blog. This is a good news - we've been quietly handling the daily onslaught of DDoS attacks. Since our last write-up, a handful of interesting L3/4 attacks have happened. Let's review them....
October 18, 2018
A couple of weeks ago we announced support for the encrypted Server Name Indication (SNI) TLS extension (ESNI for short). As promised, our friends at Mozilla landed support for ESNI in Firefox Nightl. ...
October 15, 2018
This October is the 15th annual National Cybersecurity Awareness Month in the United States, a collaboration between the US government and industry to raise awareness about the part we can all play in staying more secure online....
October 05, 2018
We built Access to solve a problem here at Cloudflare: our VPN. Our team members hated the slowness and inconvenience of VPN but, that wasn’t the issue we needed to solve. The security risks posed by a VPN required a better solution....
October 03, 2018
Threat landscapes change every second. As attackers evolve, vulnerabilities materialise faster than engineers can patch systems becoming more dynamic and devious. Part of Cloudflare’s mission is to keep you and your applications safe....
October 02, 2018
Here at Cloudflare, we rely on a set of productivity tools built by Atlassian, including Jira and Confluence. We secure them with Cloudflare Access. In the past, when our team members wanted to reach those applications, they first logged in with our identity provider credentials ...
September 28, 2018
This week we celebrated our 8th Birthday Week by announcing new offerings that benefit our customers and the global Internet community....
September 25, 2018
Six o’clock already, I was just in the middle of a dream, now I’m up, awake, looking at my Twitter stream. As I do that the Twitter app is making multiple API calls over HTTPS to Twitter’s servers somewhere on the Internet....
September 24, 2018
Today we announced support for encrypted SNI, an extension to the TLS 1.3 protocol that improves privacy of Internet users....
September 24, 2018
Cloudflare launched on September 27, 2010. Since then, we've considered September 27th our birthday. This Thursday we'll be turning 8 years old. Ever since our first birthday, we've used the occasion ...
September 24, 2018
Cloudflare wurde am 27. September 2010 gestartet. Seitdem betrachten wir den 27. September als unseren Geburtstag. Am kommenden Donnerstag werden wir 8 Jahre alt....
September 23, 2018
I have always loved birthdays. It is a chance to get together with loved ones, a chance to have fun and a chance to reflect on anything you want to keep doing or change in the upcoming year....
September 21, 2018
When you visit a secure website, it offers you a TLS certificate that asserts its identity. Every certificate has an expiration date, and when it’s passed due, it is no longer valid....
September 20, 2018
Two years ago this week Cloudflare introduced Opportunistic Encryption, a feature that provided additional security and performance benefits to websites that had not yet moved to HTTPS....
