Protection against critical Windows vulnerability (CVE-2015-1635)

Published on by Ben Cartwright-Cox.

A few hours ago, more details surfaced about the MS15-034 vulnerability. Simple PoC code has been widely published that will hang a Windows web server if sent a request with an HTTP Range header containing large byte offsets. We have rolled out a WAF rule that blocks these requests. Customers on a paid plan and who have the WAF enabled are automatically protected against this problem. It is…

CloudFlare is now a Google Cloud Platform Technology Partner

Published on by Maria Karaivanova.

We’re excited to announce that CloudFlare has just been named a Google Cloud Platform Technology Partner. So what does this mean? Now, Google Cloud Platform customers can experience the best of both worlds—the power and protection of the CloudFlare community along with the flexibility and scalability of Google’s infrastructure. We share many mutual customers with Google, and this collaboration makes it even easier for Google…

The oldest trick in the ASCII book

Published on by John Graham-Cumming.

If you're old enough (or interested enough) to have spent a lot of time messing around with the ASCII table then you might have run into a strange fact: it's possible to uppercase ASCII text using just bitwise AND. And it turns out that in some situations this isn't just a curiosity, but actually useful. Here are the ASCII characters 0x20 (space) to 0x7E (tilde). 0123456789ABCDEF0123456789ABCDEF +-------------------------------- 0x20|…

Scaling out PostgreSQL for CloudFlare Analytics using CitusDB

Published on by Albert Strasheim.

When I joined CloudFlare about 18 months ago, we had just started to build out our new Data Platform. At that point, the log processing and analytics pipeline built in the early days of the company had reached its limits. This was due to the rapidly increasing log volume from our Edge Platform where we’ve had to deal with traffic growth in excess of 400% annually. Our…

CloudFlare's Buenos Aires data center now online

Published on by Joshua Motta.

Che, ya estamos en Argentina! It is con placer that we announce our 32nd data center in Buenos Aires, Argentina. Our Buenos Aires data center is our 5th in Latin America following deployments in Santiago, São Paulo, Medellin, and Lima. As of this moment, CloudFlare is now mere milliseconds away from nearly all of Latin America's 300 million Internet users. Argentina may be better known as the land…

Improving compression with a preset DEFLATE dictionary

Published on by Vlad Krasnov.

A few years ago Google made a proposal for a new HTTP compression method, called SDCH (SanDwiCH). The idea behind the method is to create a dictionary of long strings that appear throughout many pages of the same domain (or popular search results). The compression is then simply searching for the appearance of the long strings in a dictionary and replacing them with references to the aforementioned dictionary.…