The Results of the CloudFlare Challenge
2014-04-11
Earlier today we announced the Heartbleed Challenge. We set up a nginx server with a vulnerable version of OpenSSL and challenged the community to steal its private key....
2014-04-11
Earlier today we announced the Heartbleed Challenge. We set up a nginx server with a vulnerable version of OpenSSL and challenged the community to steal its private key....
2014-04-11
Below is what we thought as of 12:27pm UTC. To verify our belief we crowd sourced the investigation. It turns out we were wrong. While it takes effort, it is possible to extract private SSL keys....
2014-04-10
As we've said before, lots of our users run WordPress on their websites and its popularity makes it a big target. So when a new vulnerability is discovered, acting quickly is prudent....
2014-04-07
Today a new vulnerability was announced in OpenSSL 1.0.1 that allows an attacker to reveal up to 64kB of memory to a connected client or server (CVE-2014-0160). We fixed this vulnerability last week before it was made public. ...
2014-04-03
This post is about a new feature we've been quietly rolling out over the last few months. Last week we began enabling it for everyone by default. ...
2014-04-01
A cornerstone of CloudFlare's infrastructure is our ability to serve DNS requests quickly and handle DNS attacks. To do both those things we wrote our own authoritative DNS server called RRDNS in Go. ...
2014-03-17
At CloudFlare, security is on the top of our minds. We are always looking for ways to better secure the data we are entrusted with and improve the security of our customers' websites. ...
2014-03-13
There are days when you feel quite ecstatic and know you have succeeded in completing each and every task set before you. Monday was one of those days - well nearly....
2014-03-12
This is a guest post from Rodney Gibbs. Rodney is the CIO of The Texas Tribune, a nonprofit media organization that covers public policy, politics, and government. ...
2014-03-11
At CloudFlare a lot of our customers use WordPress, that's why we have our own plugin, we hang out at WordCamp and we wrote a WordPress specific ruleset for our Web Application Firewall....
2014-03-10
This blog post is dedicated to the memory of Dr. Scott Vanstone, popularizer of elliptic curve cryptography and inventor of the ECDSA algorithm. He passed away on March 2, 2014....
2014-03-05
Some interesting changes related to timekeeping in the upcoming Go 1.3 release inspired us to take a closer look at how Go programs keep time with the help of the Linux kernel. Timekeeping is a complex topic and determining the current time isn’t as simple as it might seem at first glance....
2014-02-28
When we need to transfer data from one program to another program, either within a machine or from one data center to another some form of serialization is needed....
2014-02-27
On January 27, the Department of Justice and the Director of National Intelligence announced a change in rules governing the disclosure of National Security Orders....
2014-02-24
We're excited to announce that Cloudflare has acquired the anti-malware firm StopTheHacker. I wanted to share a little bit about the rationale behind the acquisition and what to expect from the two teamed up companies going forward....
2014-02-23
On Monday, February 10th, CloudFlare experienced a large DDoS attack, with nearly 400Gbps of NTP attack traffic hitting our network. ...
2014-02-17
Back in June 2012 CloudFlare started a beta rollout of Google's then new SPDY protocol and we took a detailed look at how SPDY makes web sites faster....
2014-02-14
At CloudFlare, we are always looking for ways to improve the security of our customers’ websites. One of the features we provide is the ability to serve their website encrypted over SSL/TLS. ...
2014-02-13
On Monday we mitigated a large DDoS that targeted one of our customers. The attack peaked just shy of 400Gbps. We've seen a handful of other attacks at this scale, but this is the largest attack we've seen that uses NTP amplification....