Why some cryptographic keys are much smaller than others
09/20/2013
If you connect to CloudFlare's web site using HTTPS the connection will be secured using one of the many encryption schemes supported by SSL/TLS. ...
Why secure systems require random numbers
09/13/2013
If you've been following recent news about technical spying by the US National Security Agency and the UK's Government Communications Headquarters you may have come across a claim that the NSA was involved in weakening a random number generator. ...
Recycling memory buffers in Go
08/24/2013
This blog post is very old now. You probably don't want to use the techniques described here. GO'S sync.Pool is a better way to go....
CloudFlare's new WAF: compiling to Lua
08/23/2013
We use nginx throughout our network for front-line web serving, proxying and traffic filtering. In some cases, we've augmented the core C code of nginx with our own modules, but recently we've made a major move to using Lua in conjunction with nginx. One project that's now almost entirely written in Lua is the new CloudFlare WAF that we blogged about the other day. The Lua WAF uses the nginx Lua module to embed Lua code and execute that code as part of the normal nginx handling of phases....
Staying on top of TLS attacks
07/11/2013
CloudFlare makes extensive use of TLS connections throughout our service which makes staying on top of the latest news about security problems with TLS a priority. We use TLS both externally and internally and different uses of TLS have different constraints....
Cribs: CloudFlare London Edition
04/28/2013
CloudFlare's first international office opened this month near St. Paul's Cathedral in London. We decided to open this office for two major reasons: to get access to high quality software engineering, network operations and tech support folks, and to expand our 24/7 operations and support. ...
Go London User Group
03/07/2013
We've mentioned before that we're using Go internally for projects such as Railgun (and a new DNS server and SSL infrastructure amongst other things). ...
CloudFlare London: We're hiring
02/28/2013
When we talk about international expansion we're usually talking about adding data centers around the world. The last one we added was in Seoul, South Korea....
WordPress London Meetup January 2013
01/18/2013
Cloudflare MeetupsWordPressAlways OnlineRocket LoaderProduct NewsSpeed & ReliabilityUnited KingdomCommunity
Last night I gave a short presentation about how to use CloudFlare with WordPress sites to about 60 people attending the WordPress London Meetup. CloudFlare was happy to be sponsor of the event providing drinks, beers and lots and lots of pizza. The meetup was held at the Google Campus....
Railgun in the real world: faster web page load times
12/21/2012
To solve that problem CloudFlare came up with a delta compression technique that recognizes that even dynamically-generated or personalized pages change only a little over time or between users....
Hackers love the holidays
12/21/2012
Looking at the latest DDoS attack statistics from CloudFlare's network, it seems that hackers love the holidays....
Efficiently compressing dynamically generated web content
12/06/2012
With the widespread adoption of high bandwidth Internet connections in the home, offices and on mobile devices, limitations in available bandwidth to download web pages have largely been eliminated....
Syrian Internet access reestablished starting 1432 UTC
12/01/2012
Syria has reestablished partial connectivity to the Internet. The following map of BGP connectivity shows Syria's 29386 network connected to multiple networks outside Syria....
Do you want to work with Go?
11/18/2012
It's no secret that CloudFlare has adopted Go for some production systems; we've written about our use of Go in the past. But over time it's become clear to us that Go is an important language for the sort of high-performance, highly-concurrent software we have to write....
CloudFlare London Meetup
11/07/2012
We're having a CloudFlare London Meetup tomorrow night (Thursday, November 8). Three CloudFlare employees will be there: Dane, John and Ian. Come have a beer and exchange ideas with the CloudFlare crew at the Old Coffee House on Beak St....
Turning "I'm Under Attack" into "I'm Doing Some Good"
08/28/2012
CloudFlare's I'm Under Attack mode allows our customers to, at the click of a button, tell us that they are experiencing an attack and enable automatic protection. It works by slowing down visits to the web site that's under attack and performing extra work to identify malicious visitors. ...
Saturday Night Fever: Layer 7 attacks against CloudFlare sites
08/16/2012
Recently, I've taken a look at DDoS attacks against CloudFlare sites at the IP level and the source of those attacks. The worst time for those DDoS attacks is the Wednesday Witching Hour and because of source IP address forgery most of the attacks seem to come from Mars. ...
Mars Attacks!
08/06/2012
Following on from my recent post about when attacks hit CloudFlare, here's a follow up looking at where they come from. Or at least where they say they come from. Looking at attack statistics for the month of July 2012 the largest source of attacks is Mars....
The Wednesday Witching Hour: CloudFlare DoS Statistics
08/03/2012
Data from inside CloudFlare's network shows that over 40% of the time there's a denial of service attack happening and directed at us. And that's just up to network layer 4 (i.e. it doesn't include more sophisticated attacks targeting applications themselves at layer 7)....
Stop worrying about Time To First Byte (TTFB)
07/05/2012
Time To First Byte is often used as a measure of how quickly a web server responds to a request and common web testing services report it. The faster it is the better the web server (in theory). But the theory isn't very good....