The story of a little DNS easter egg
2013-08-27
About a year ago, we realized that CloudFlare's current DNS infrastructure had some challenges. We were using PowerDNS, an open source DNS server that is popular with hosting providers. ...
Heuristics and Rules: Why We Built a New Old WAF
2013-08-19
We just rolled out an update to CloudFlare's Web Application Firewall (WAF). Previously, CloudFlare's WAF has received criticism from people who have tested it and found that it didn't behave as traditional WAFs are expected to. ...
Cloudflare and Free Speech
2013-08-09
This question assumes the answer. A website is speech. It is not a bomb. There is no imminent danger it creates and no provider has an affirmative obligation to monitor and make determinations about the theoretically harmful nature of speech a site may contain....
What's the story behind the names of CloudFlare's name servers?
2013-08-06
We're going to do a series of blog posts about some of the inner workings of CloudFlare. One of the questions we get often is what the names of our name servers mean. Here's the story....
A Tour Inside CloudFlare's Latest Generation Servers
2013-07-22
CloudFlare operates at a significant scale, handling more than a trillion requests through our network every month. ...
Government Surveillance: Why Transparency Matters
2013-07-18
The web is one of the greatest inventions of human history because it has made the world more transparent. Fundamentally, that's what the web does: it takes information that was inaccessible and opaque and makes it available and lucid....
Mirage 2.0: Solving the Mobile Browsing Speed Challenge
2013-06-13
Almost exactly a year ago, CloudFlare announced a feature called Mirage. Mirage was designed to make the loading of images faster in two primary ways....
CloudFlare, PRISM, and Securing SSL Ciphers
2013-06-12
Over the last week we've closely watched the disclosures about the alleged NSA PRISM program. At CloudFlare, we have never been approached to participate in PRISM or any other similar program. ...
Happy IPv6 Day: Usage On the Rise, Attacks Too
2013-06-06
June 6th is known as World IPv6 Day so we thought it was a good time to look at the trends in IPv6 usage across CloudFlare's network. ...
Today's Network Issue
2013-05-31
Today at 16:13 UTC a large amount of traffic began hitting our Los Angeles data center. We have an in-house team that monitors our network 24x7x365 and immediately all their alarms went off....
Syrian Internet Restored
2013-05-08
Yesterday, Syria's Internet connectivity was cut off from the rest of the world. At 14:12 UTC, approximately 19 hours and 30 minutes after it had been shut down, connectivity was returned....
How Syria Turned Off the Internet (Again)
2013-05-07
Today at 18:48 UTC, Syria dropped off the Internet. Based on the data we collect from our network, as well as reports from other organizations monitoring network routes, it appears that someone systematically withdrew the BGP. ...
W3TC and WP Super Cache Vulnerability Discovered, We've Automatically Patched
2013-04-24
The team at the research firm Sucuri announced a serious vulnerability to W3TC and WP Super Cache this afternoon. (Update: it appears the vulnerability was first reported on WordPress.org about a month ago.)...
What CloudFlare Logs
2013-04-23
We've had a number of requests for information about what data CloudFlare logs when someone visits a site on our network. While we have provided a Privacy Policy that outlines how we keep information private, I wanted to take the time to clarify our customer log retention policies....
Patching the Internet in Realtime: Fixing the Current WordPress Brute Force Attack
2013-04-11
There is currently a significant attack being launched at a large number of WordPress blogs across the Internet. The attacker is brute force attacking the WordPress administrative portals, using the username "admin" and trying thousands of passwords. ...
How the CloudFlare Team Got Into Bondage (It's Not What You Think)
2013-04-08
At CloudFlare, we're always looking for ways to eliminate bottlenecks. We're only able to deal with the very large amount of traffic that we handle because we've built a network that can efficiently handle an extremely high volume of network requests. ...
The DDoS That Almost Broke the Internet
2013-03-27
The New York Times this morning published a story about the Spamhaus DDoS attack and how CloudFlare helped mitigate it and keep the site online. The Times calls the attack the largest known DDoS attack ever on the Internet....
The DDoS That Knocked Spamhaus Offline (And How We Mitigated It)
2013-03-20
At CloudFlare, we deal with large DDoS attacks every day. Usually, these attacks are directed at large companies or organizations that are reluctant to talk about their details. Sometimes a customer is willing to let us tell their story....
Load Balancing without Load Balancers
2013-03-06
CloudFlare had an hour-long outage this last weekend. Thankfully, outages like this have been a relatively rare occurrance for our service. ...
Today's Outage Post Mortem
2013-03-03
This morning at 09:47 UTC CloudFlare effectively dropped off the Internet. The outage affected all of CloudFlare's services including DNS and any services that rely on our web proxy....