Posts by John Graham-Cumming

Making code better with reviews

Published on by John Graham-Cumming.

In the past we've written about how CloudFlare isn't afraid to rip out and replace chunks of code that have proved to be hard to maintain or have simply reach end of life. For example, we wrote a brand new DNS server and replaced our old

Tracking our SSL configuration

Published on by John Graham-Cumming.

Over time we've updated the SSL configuration we use for serving HTTPS as the security landscape has changed. In the past we've documented those changes in blog posts; to make things simpler to track, and so that people can stay up to date on the configuration

Searching for The Prime Suspect: How Heartbleed Leaked Private Keys

Published on by John Graham-Cumming.

Within a few hours of CloudFlare launching its Heartbleed Challenge the truth was out. Not only did Heartbleed leak private session information (such as cookies and other data that SSL should have been protecting), but the crown jewels of an HTTPS web server were also vulnerable: the private SSL keys