Mirage 2.0: Solving the Mobile Browsing Speed Challenge
06/13/2013
Almost exactly a year ago, CloudFlare announced a feature called Mirage. Mirage was designed to make the loading of images faster in two primary ways....
CloudFlare, PRISM, and Securing SSL Ciphers
06/12/2013
Over the last week we've closely watched the disclosures about the alleged NSA PRISM program. At CloudFlare, we have never been approached to participate in PRISM or any other similar program. ...
Happy IPv6 Day: Usage On the Rise, Attacks Too
06/06/2013
June 6th is known as World IPv6 Day so we thought it was a good time to look at the trends in IPv6 usage across CloudFlare's network. ...
Today's Network Issue
05/31/2013
Today at 16:13 UTC a large amount of traffic began hitting our Los Angeles data center. We have an in-house team that monitors our network 24x7x365 and immediately all their alarms went off....
Syrian Internet Restored
05/08/2013
Yesterday, Syria's Internet connectivity was cut off from the rest of the world. At 14:12 UTC, approximately 19 hours and 30 minutes after it had been shut down, connectivity was returned....
How Syria Turned Off the Internet (Again)
05/07/2013
Today at 18:48 UTC, Syria dropped off the Internet. Based on the data we collect from our network, as well as reports from other organizations monitoring network routes, it appears that someone systematically withdrew the BGP. ...
W3TC and WP Super Cache Vulnerability Discovered, We've Automatically Patched
04/24/2013
The team at the research firm Sucuri announced a serious vulnerability to W3TC and WP Super Cache this afternoon. (Update: it appears the vulnerability was first reported on WordPress.org about a month ago.)...
What CloudFlare Logs
04/23/2013
We've had a number of requests for information about what data CloudFlare logs when someone visits a site on our network. While we have provided a Privacy Policy that outlines how we keep information private, I wanted to take the time to clarify our customer log retention policies....
Patching the Internet in Realtime: Fixing the Current WordPress Brute Force Attack
04/11/2013
There is currently a significant attack being launched at a large number of WordPress blogs across the Internet. The attacker is brute force attacking the WordPress administrative portals, using the username "admin" and trying thousands of passwords. ...
How the CloudFlare Team Got Into Bondage (It's Not What You Think)
04/08/2013
At CloudFlare, we're always looking for ways to eliminate bottlenecks. We're only able to deal with the very large amount of traffic that we handle because we've built a network that can efficiently handle an extremely high volume of network requests. ...
The DDoS That Almost Broke the Internet
03/27/2013
The New York Times this morning published a story about the Spamhaus DDoS attack and how CloudFlare helped mitigate it and keep the site online. The Times calls the attack the largest known DDoS attack ever on the Internet....
The DDoS That Knocked Spamhaus Offline (And How We Mitigated It)
03/20/2013
At CloudFlare, we deal with large DDoS attacks every day. Usually, these attacks are directed at large companies or organizations that are reluctant to talk about their details. Sometimes a customer is willing to let us tell their story....
Load Balancing without Load Balancers
03/06/2013
CloudFlare had an hour-long outage this last weekend. Thankfully, outages like this have been a relatively rare occurrance for our service. ...
Today's Outage Post Mortem
03/03/2013
This morning at 09:47 UTC CloudFlare effectively dropped off the Internet. The outage affected all of CloudFlare's services including DNS and any services that rely on our web proxy....
How to Tell How Well Railgun Is Working for Your Site
02/27/2013
Yesterday, we announced that 30 of the world's largest hosting providers are now supporting CloudFlare's Railgun WAN optimization technology. ...
CloudFlare's Railgun: Easier Than Ever
02/26/2013
Over the next few days we have a number of announcements regarding CloudFlare's Railgun technology. We wanted to begin, however, with what is in some ways the end: the ways in which you can take advantage of Railgun yourself....
Good Web Security News: Open DNS Resolvers Are Getting Closed
02/22/2013
This has been a rough week in the security industry with big attacks and compromises reported at companies from Facebook to Apple. ...
When the Attackers Name Malware After You, You Know You're Doing Something Right
02/14/2013
CloudFlare's I'm Under Attack Mode (IUAM) is elegantly simple. When a site is under an application layer (Layer 7) distributed denial of service (DDoS) attack, the mode will return a challenge page to a visitor. ...
Facebook Bug Redirects the Web Through Javascript Widget Error
02/08/2013
You may have heard that Facebook took down a significant portion of the Internet today. A bug in their Facebook Connect script caused users to be redirected to a Facebook error page....
New "Lucky Thirteen" SSL Vulnerabilities: CloudFlare Users Protected
02/04/2013
CloudFlare often gets early word of new vulnerabilities before they are released. Last week we got word that today (Monday, February 4, 2013) there would be a new SSL vulnerability announced. ...