December 25, 2018 5:42PM
Concise Christmas Cryptography Challenges 2019
Crypto Cryptography Security Holidays FunWe've put together some Christmas Cryptography questions. Do you think you can solve them?...
December 20, 2018 4:13PM
Ten new data centers: Cloudflare expands global network to 165 cities
Cloudflare Network Data Center Middle East North America United States Pakistan Vietnam Bahrain RussiaCloudflare is excited to announce the addition of ten new data centers across the United States, Bahrain, Russia, Vietnam, Pakistan and France (Reunion)....
December 20, 2018 1:00PM
Banking-Grade Credential Stuffing: The Futility of Partial Password Validation
Passwords SecurityRecently when logging into one of my credit card providers, I was greeted by a familiar screen. After entering in my username, the service asked me to supply 3 random characters from my password to validate ownership of my account....
August 09, 2018 3:42PM
Optimising Caching on Pwned Passwords (with Workers)
Workers Cache Cache Everything Speed & Reliability ServerlessIn February, Troy Hunt unveiled Pwned Passwords v2. Containing over half a billion real world leaked passwords, this database provides a vital tool for correcting the course of how the...
July 24, 2018 5:32PM
Going Proactive on Security: Driving Encryption Adoption Intelligently
HTTPS Chrome SSL Support SecurityIt's no secret that Cloudflare operates at a huge scale. Cloudflare provides security and performance to over 9 million websites all around the world, from small businesses and WordPress blogs to Fortune 500 companies. That means one in every 10 web requests goes through our network....
July 14, 2018 5:13PM
DNS-Over-TLS Built-In & Enforced - 1.1.1.1 and the GL.iNet GL-AR750S
1.1.1.1 DNS TLS Privacy Resolver IoT SecurityBack in April, I wrote about how it was possible to modify a router to encrypt DNS queries over TLS using Cloudflare's 1.1.1.1 DNS Resolver and a GL.iNet router; the folks at GL.iNet read that blog post and decided to bake DNS-Over-TLS support into their new router using the 1.1.1.1 resolver....
April 09, 2018 7:20PM
Privacy-Protecting Portable Router: Adding DNS-Over-TLS support to OpenWRT (LEDE) with Unbound
1.1.1.1 Privacy Encryption TLS DNS SecurityThis blog post explains how you can configure an OpenWRT router to encrypt DNS traffic to Cloudflare Resolver using DNS-over-TLS....
February 21, 2018 7:00PM
Validating Leaked Passwords with k-Anonymity
Passwords Best Practices SecurityToday, v2 of Pwned Passwords was released as part of the Have I Been Pwned service offered by Troy Hunt. Containing over half a billion real world leaked passwords, this database provides a vital tool for correcting the course of how the industry combats modern threats against password security....
February 21, 2018 7:00PM
How Developers got Password Security so Wrong
Passwords Best Practices Security DevelopersBoth in our real lives, and online, there are times where we need to authenticate ourselves - where we need to confirm we are who we say we are. This can be done using three things....
December 26, 2017 4:53PM
Concise (Post-Christmas) Cryptography Challenges
Crypto Community SecurityIt's the day after Christmas; or, depending on your geography, Boxing Day. With the festivities over, you may still find yourself stuck at home and somewhat bored....
December 25, 2017 3:32PM
Simple Cyber Security Tips (for your Parents)
Security Tips Best Practices 2FA HTTPSToday, December 25th, Cloudflare offices around the world are taking a break. From San Francisco to London and Singapore; engineers have retreated home for the holidays (albeit with those engineers on-call closely monitoring their mobile phones)....
December 13, 2017 2:00PM
The Curious Case of Caching CSRF Tokens
Caching Cache Everything Page Rules SaaS Speed & Reliability HTTPS DebuggingIt is now commonly accepted as fact that web performance is critical for business. Slower sites can affect conversion rates on e-commerce stores, they can affect your sign-up rate on your SaaS service and lower the readership of your content....
November 23, 2017 3:28AM
The New DDoS Landscape
DDoS Attacks Security Reliability Mitigation DNSNews outlets and blogs will frequently compare DDoS attacks by the volume of traffic that a victim receives. Surely this makes some sense, right? The greater the volume of traffic a victim receives, the harder to mitigate an attack - right?...
October 20, 2017 4:23PM
Performing & Preventing SSL Stripping: A Plain-English Primer
SSL Crypto HTTPS Security Attacks TLSOver the past few days we learnt about a new attack that posed a serious weakness in the encryption protocol used to secure all modern Wi-Fi networks....
October 12, 2017 2:17PM
Cloudflare London Meetup Recap
MeetUp Cloudflare Meetups Events Developers Cloudflare AppsCloudflare helps make over 6 million websites faster and more secure. In doing so, Cloudflare has a vast and diverse community of users throughout the world....