So you want to expose Go on the Internet
December 26, 2016 2:59 PM
Back when crypto/tls was slow and net/http young, the general wisdom was to always put Go servers behind a reverse proxy like NGINX. That's not necessary anymore!...
TLD glue sticks around too long
December 05, 2016 1:54 PM
Recent headline grabbing DDoS attacks provoked heated debates in the DNS community. Everyone has strong opinions on how to harden DNS to avoid downtime in the future. Is it better to use a single DNS provider or multiple? ...
The Daily DDoS: Ten Days of Massive Attacks
December 02, 2016 1:21 PM
In March 2015, we wrote about a Winter of Whopping Weekend DDoS Attacks where we were seeing 400Gbps attacks. We speculated that attackers were busy with something else during the week....
HPACK: the silent killer (feature) of HTTP/2
November 28, 2016 2:10 PM
If you have experienced HTTP/2 for yourself, you are probably aware of the visible performance gains possible with HTTP/2 due to features like stream multiplexing, explicit stream dependencies, and Server Push. ...
98.01% of sites on Cloudflare now use IPv6
November 21, 2016 2:14 PM
It's 2016 and almost every site using Cloudflare (more than 4 million of them) is using IPv6. Cloudflare sees significant IPv6 traffic globally where networks have enabled IPv6 to the consumer....
MORE POSTS
October 27, 2016 12:10 PM
How the Dyn outage affected Cloudflare
Last Friday the popular DNS service Dyn suffered three waves of DDoS attacks that affected users first on the East Coast of the US, and later users worldwide. ...
- By
October 26, 2016 12:59 PM
How Cloudflare's Architecture Allows Us to Scale to Stop the Largest Attacks
The last few weeks have seen several high-profile outages in legacy DNS and DDoS-mitigation services due to large scale attacks. Cloudflare's customers have, understandably, asked how we are positioned to handle similar attacks....
- By
October 21, 2016 6:22 PM
Dyn issues affecting joint customers
Today there is an ongoing, large scale Denial-of-Service attack directed against Dyn DNS. While Cloudflare services are operating normally, if you are using both Cloudflare and Dyn services, your website may be affected....
- By
October 12, 2016 3:05 PM
TLS nonce-nse
One of the base principles of cryptography is that you can't just encrypt multiple messages with the same key. At the very least, what will happen is that two messages that have identical plaintext will also have identical ciphertext, which is a dangerous leak. ...
- By
October 11, 2016 12:59 PM
Say Cheese: a snapshot of the massive DDoS attacks coming from IoT cameras
Over the last few weeks we've seen DDoS attacks hitting our systems that show that attackers have switched to new, large methods of bringing down web applications....
- By
September 30, 2016 7:56 PM
Rate Limiting: Live Demo
Cloudflare helps customers control their own traffic at the edge. One of two products that we introduced to empower customers to do so is Cloudflare Rate Limiting....
- By
September 30, 2016 5:42 AM
Introducing Dedicated SSL Certificates
When we launched Universal SSL in September 2014 we eliminated the costly and confusing process of securing a website or app with SSL, and replaced it with one free step: sign up for Cloudflare....
- By
September 24, 2016 3:46 PM
How we brought HTTPS Everywhere to the cloud (part 1)
CloudFlare's mission is to make HTTPS accessible for all our customers. It provides security for their websites, improved ranking on search engines, better performance with HTTP/2, and access to browser features such as geolocation that are being deprecated for plaintext HTTP....
- By
September 23, 2016 4:01 PM
An overview of TLS 1.3 and Q&A
The CloudFlare London office hosts weekly internal Tech Talks (with free lunch picked by the speaker). My recent one was an explanation of the latest version of TLS, 1.3, how it works and why it's faster and safer....
- By
September 22, 2016 2:34 PM
Fixing the mixed content problem with Automatic HTTPS Rewrites
It used to be difficult, expensive, and slow to set up an HTTPS capable web site. Then along came CloudFlare’s Universal SSL that made switching from http:// to https:// as easy as clicking a button. ...
- By
September 21, 2016 3:51 PM
Opportunistic Encryption: Bringing HTTP/2 to the unencrypted web
Encrypting the web is not an easy task. Various complexities prevent websites from migrating from HTTP to HTTPS, including mixed content, which can prevent sites from functioning with HTTPS. ...
- By
September 20, 2016 1:04 PM
Introducing TLS 1.3
The encrypted Internet is about to become a whole lot snappier. When it comes to browsing, we’ve been driving around in a beat-up car from the 90s for a while. Little does anyone know, we’re all about to trade in our station wagons for a smoking new sports car. ...
- By
September 20, 2016 1:04 PM
Encryption Week
Since CloudFlare’s inception, we have worked tirelessly to make encryption as simple and as accessible as possible. Over the last two years, we’ve made CloudFlare the easiest way to enable encryption for web properties and internet services. ...
- By
September 19, 2016 8:00 PM
CloudFlare’s new WordPress plugin
Over 25% of all websites use WordPress, and over 10% of all internet traffic flows through CloudFlare; WordPress + CloudFlare has always been a winning combination, and now with CloudFlare’s new WordPress plugin, it's easier than ever to make your site 60% faster....
- By