End-to-End Integrity with IPFS
September 17, 2018 1:02 PM
Use Cloudflare’s IPFS gateway to set up a website which is end-to-end secure, while maintaining the performance and reliability benefits of being served from Cloudflare’s edge network....
Cloudflare goes InterPlanetary - Introducing Cloudflare’s IPFS Gateway
September 17, 2018 1:01 PM
Today we’re excited to introduce Cloudflare’s IPFS Gateway, an easy way to access content from the the InterPlanetary File System (IPFS) that doesn’t require installing and running any special software on your computer....
Welcome to Crypto Week
September 17, 2018 1:00 PM
The Internet isn’t perfect. It was put together piecemeal through publicly funded research, private investment, and organic growth that has left us with an imperfect tapestry....
Fixing an old hack - why we are bumping the IPv6 MTU
September 10, 2018 9:21 AM
Back in 2015 we deployed ECMP routing - Equal Cost Multi Path - within our datacenters. This technology allowed us to spread traffic heading to a single IP address across multiple physical servers....
Website Security Myths
September 08, 2018 3:00 PM
Some conversations are easy; some are difficult. Some are harmonious and some are laborious. But when it comes to website security, the conversation is confusing. Every organisation agrees, in theory, that their websites need to be secure....
MORE POSTS
August 20, 2018 3:53 PM
How Cloudflare protects customers from cache poisoning
A few days ago, Cloudflare — along with the rest of the world — learned of a "practical" cache poisoning attack. In this post I’ll walk through the attack and explain how Cloudflare mitigated it for our customers....
- By
August 16, 2018 3:01 PM
Enable Private DNS with 1.1.1.1 on Android 9 Pie
Android 9 Pie includes a slew of new features around digital well-being and privacy. Here's how to use the new Private DNS feature with 1.1.1.1....
- By
August 15, 2018 9:00 PM
Three new ways teams are using Cloudflare Access
Since leaving beta three weeks ago, Cloudflare Access has become our fastest-growing subscription service. Every day, more teams are using Access to leave their VPN behind and connect to applications quickly and securely from anywhere in the world....
- By
August 10, 2018 11:00 PM
A Detailed Look at RFC 8446 (a.k.a. TLS 1.3)
TLS 1.3 (RFC 8446) was published today. This article provides a deep dive into the changes introduced in TLS 1.3 and its impact on the future of internet security....
- By
July 26, 2018 3:04 PM
The Road to QUIC
QUIC (Quick UDP Internet Connections) is a new encrypted-by-default Internet transport protocol, that provides a number of improvements designed to accelerate HTTP traffic as well as make it more secure, with the intended goal of eventually replacing TCP and TLS on the web....
- By
July 24, 2018 5:32 PM
Going Proactive on Security: Driving Encryption Adoption Intelligently
It's no secret that Cloudflare operates at a huge scale. Cloudflare provides security and performance to over 9 million websites all around the world, from small businesses and WordPress blogs to Fortune 500 companies. That means one in every 10 web requests goes through our netw...
- By
July 24, 2018 4:15 PM
Cloudflare Access: Now teams of any size can turn off their VPN
Using a VPN breaks your workflow with logins, needs separate credentials for admins to handle, slows you when not in the office, and brings security risks that extend past mere inconvenience to users....
- By
July 24, 2018 3:04 PM
Today, Chrome Takes Another Step Forward in Addressing the Design Flaw That is an Unencrypted Web
I still remember my first foray onto the internet as a university student back in the mid 90's. It was a simpler time back then, of course; we weren't doing our personal banking or our tax returns or handling our medical records so encrypting the transport layer wasn't exactly a ...
- By
July 14, 2018 5:13 PM
DNS-Over-TLS Built-In & Enforced - 1.1.1.1 and the GL.iNet GL-AR750S
Back in April, I wrote about how it was possible to modify a router to encrypt DNS queries over TLS using Cloudflare's 1.1.1.1 DNS Resolver and a GL.iNet router; the folks at GL.iNet read that blog post and decided to bake DNS-Over-TLS support into their new router using the 1.1....
- By
July 06, 2018 1:00 PM
How to drop 10 million packets per second
Internally our DDoS mitigation team is sometimes called "the packet droppers". When other teams build exciting products to do smart things with the traffic that passed through our network, we take joy in discovering novel ways of discarding it....
- By
June 28, 2018 5:40 PM
Delivering a Serverless API in 10 minutes using Workers
In preparation for Chrome’s Not Secure flag, which will update the indicator to show Not Secure when a site is not accessed over https, we wanted people to be able to test whether their site would pass. ...
- By
May 16, 2018 5:28 PM
You get TLS 1.3! You get TLS 1.3! Everyone gets TLS 1.3!
It's no secret that Cloudflare has been a big proponent of TLS 1.3, the newest edition of the TLS protocol that improves both speed and security, since we have made it available to our customers starting in 2016. ...
- By
May 02, 2018 3:00 PM
Expanding Multi-User Access on dash.cloudflare.com
One of the most common feature requests we get is to allow customers to share access to their account. This has been supported at our Enterprise level of service, but is now expanding to all customers. ...
- By
April 24, 2018 10:31 PM
BGP leaks and cryptocurrencies
Over the few last hours, a dozen news stories have broken about how an attacker attempted (and perhaps managed) to steal cryptocurrencies using a BGP leak....
- By