What we've been doing with Go
2013-11-11
Almost two years ago CloudFlare started working with Go. What started as an experiment on one network and concurrency heavy project has turned into full, production use of Go for multiple services....
CloudFlare And Open Source Software: A Two-Way Street
2013-10-07
CloudFlare uses a great deal of open source and free software. Our core server platform is nginx (which is released using a two-clause BSD license) and our primary database of choice is postgresql (which is released using their own BSD-like license). ...
Why some cryptographic keys are much smaller than others
2013-09-20
If you connect to CloudFlare's web site using HTTPS the connection will be secured using one of the many encryption schemes supported by SSL/TLS. ...
Why secure systems require random numbers
2013-09-13
If you've been following recent news about technical spying by the US National Security Agency and the UK's Government Communications Headquarters you may have come across a claim that the NSA was involved in weakening a random number generator. ...
Recycling memory buffers in Go
2013-08-24
This blog post is very old now. You probably don't want to use the techniques described here. GO'S sync.Pool is a better way to go....
CloudFlare's new WAF: compiling to Lua
2013-08-23
We use nginx throughout our network for front-line web serving, proxying and traffic filtering. In some cases, we've augmented the core C code of nginx with our own modules, but recently we've made a major move to using Lua in conjunction with nginx. One project that's now almost entirely written in Lua is the new CloudFlare WAF that we blogged about the other day. The Lua WAF uses the nginx Lua module to embed Lua code and execute that code as part of the normal nginx handling of phases....
Staying on top of TLS attacks
2013-07-11
CloudFlare makes extensive use of TLS connections throughout our service which makes staying on top of the latest news about security problems with TLS a priority. We use TLS both externally and internally and different uses of TLS have different constraints....
Cribs: CloudFlare London Edition
2013-04-28
CloudFlare's first international office opened this month near St. Paul's Cathedral in London. We decided to open this office for two major reasons: to get access to high quality software engineering, network operations and tech support folks, and to expand our 24/7 operations and support. ...
Go London User Group
2013-03-07
We've mentioned before that we're using Go internally for projects such as Railgun (and a new DNS server and SSL infrastructure amongst other things). ...
CloudFlare London: We're hiring
2013-02-28
When we talk about international expansion we're usually talking about adding data centers around the world. The last one we added was in Seoul, South Korea....
WordPress London Meetup January 2013
2013-01-18
Cloudflare MeetupsWordPressAlways OnlineRocket LoaderProduct NewsSpeed & ReliabilityUnited KingdomCommunity
Last night I gave a short presentation about how to use CloudFlare with WordPress sites to about 60 people attending the WordPress London Meetup. CloudFlare was happy to be sponsor of the event providing drinks, beers and lots and lots of pizza. The meetup was held at the Google Campus....
Railgun in the real world: faster web page load times
2012-12-21
To solve that problem CloudFlare came up with a delta compression technique that recognizes that even dynamically-generated or personalized pages change only a little over time or between users....
Hackers love the holidays
2012-12-21
Looking at the latest DDoS attack statistics from CloudFlare's network, it seems that hackers love the holidays....
Efficiently compressing dynamically generated web content
2012-12-06
With the widespread adoption of high bandwidth Internet connections in the home, offices and on mobile devices, limitations in available bandwidth to download web pages have largely been eliminated....
Syrian Internet access reestablished starting 1432 UTC
2012-12-01
Syria has reestablished partial connectivity to the Internet. The following map of BGP connectivity shows Syria's 29386 network connected to multiple networks outside Syria....
Do you want to work with Go?
2012-11-18
It's no secret that CloudFlare has adopted Go for some production systems; we've written about our use of Go in the past. But over time it's become clear to us that Go is an important language for the sort of high-performance, highly-concurrent software we have to write....
CloudFlare London Meetup
2012-11-07
We're having a CloudFlare London Meetup tomorrow night (Thursday, November 8). Three CloudFlare employees will be there: Dane, John and Ian. Come have a beer and exchange ideas with the CloudFlare crew at the Old Coffee House on Beak St....
Turning "I'm Under Attack" into "I'm Doing Some Good"
2012-08-28
CloudFlare's I'm Under Attack mode allows our customers to, at the click of a button, tell us that they are experiencing an attack and enable automatic protection. It works by slowing down visits to the web site that's under attack and performing extra work to identify malicious visitors. ...
Saturday Night Fever: Layer 7 attacks against CloudFlare sites
2012-08-16
Recently, I've taken a look at DDoS attacks against CloudFlare sites at the IP level and the source of those attacks. The worst time for those DDoS attacks is the Wednesday Witching Hour and because of source IP address forgery most of the attacks seem to come from Mars. ...
Mars Attacks!
2012-08-06
Following on from my recent post about when attacks hit CloudFlare, here's a follow up looking at where they come from. Or at least where they say they come from. Looking at attack statistics for the month of July 2012 the largest source of attacks is Mars....