Great news for everyone using CloudFlare on an e-commerce site, or a site accepting or processing credit card transactions. After undergoing a Payment Card Industry (PCI) Data Security Standard (DSS) 2.0 security control assessment, we’ve been certified as a Level 1 service provider.
A quick followup to our last blog post on our decision to reissue and revoke all of CloudFlare's customers' SSL certificates. One question we've received is why we didn't just reissue and revoke all SSL certificates as soon as we got word about the Heartbleed vulnerability?
This post is about a new feature we've been quietly rolling out over the last few months. Last week we began enabling it for everyone by default.
We're excited to announce that Cloudflare has acquired the anti-malware firm StopTheHacker. I wanted to share a little bit about the rationale behind the acquisition and what to expect from the two teamed up companies going forward.
On Monday we mitigated a large DDoS that targeted one of our customers. The attack peaked just shy of 400Gbps. We've seen a handful of other attacks at this scale, but this is the largest attack we've seen that uses NTP amplification.