Blog What we do Support Community
Login Sign up

Posts by John Graham-Cumming

Tracking our SSL configuration

Published on by John Graham-Cumming.

Over time we've updated the SSL configuration we use for serving HTTPS as the security landscape has changed. In the past we've documented those changes in blog posts; to make things simpler to track, and so that people can stay up to date on the configuration

Searching for The Prime Suspect: How Heartbleed Leaked Private Keys

Published on by John Graham-Cumming.

Within a few hours of CloudFlare launching its Heartbleed Challenge the truth was out. Not only did Heartbleed leak private session information (such as cookies and other data that SSL should have been protecting), but the crown jewels of an HTTPS web server were also vulnerable: the private SSL keys

The Web's Silver Jubilee

Published on by John Graham-Cumming.

No matter what your age, it's hard to believe that the World-Wide Web is 25 today. For the young the web has always been part of their lives, for the older it seems like it was invented only yesterday. But, in truth, the World-Wide Web sprang into life