SHA-1 Deprecation: No Browser Left Behind
December 09, 2015 1:53 PM
After December 31, 2015, SSL certificates that use the SHA-1 hash algorithm for their signature will be declared technology non grata on the modern Internet. ...
HTTP/2 is here! Goodbye SPDY? Not quite yet
December 03, 2015 1:59 PM
Today CloudFlare is introducing HTTP/2 support for all customers using SSL/TLS connections, while still supporting SPDY. There is no need to make a decision between SPDY or HTTP/2. ...
Cloudflare + WHMCS: faster websites for your customers
September 16, 2015 5:47 PM
We’re at the cPanel Conference in Denver this week, so feel free to drop by our booth and say hello. It’s a great opportunity to connect with our partners and better understand their needs....
How to build your own public key infrastructure
June 24, 2015 1:57 PM
A major part of securing a network as geographically diverse as CloudFlare’s is protecting data as it travels between datacenters. Customer data and logs are important to protect but so is all the control data that our applications use to communicate with each other. ...
iOS Developers — Migrate to iOS 9 with CloudFlare
June 11, 2015 10:31 AM
Thousands of developers use CloudFlare to accelerate and secure the backend of their mobile applications and websites. This week is WWDC, where thousands of Apple developers come to San Francisco to talk, learn and share best practices for developing software for Apple platforms. ...
MORE POSTS
May 20, 2015 11:52 PM
Logjam: the latest TLS vulnerability explained
Yesterday, a group from INRIA, Microsoft Research, Johns Hopkins, the University of Michigan, and the University of Pennsylvania published a deep analysis of the Diffie-Hellman algorithm as used in TLS and other protocols. ...
- By
May 07, 2015 10:06 AM
Go crypto: bridging the performance gap
It is no secret that we at CloudFlare love Go. We use it, and we use it a LOT. There are many things to love about Go, but what I personally find appealing is the ability to write assembly code!...
- By
April 30, 2015 12:02 PM
An introduction to JavaScript-based DDoS
CloudFlare protects millions of websites from online threats. One of the oldest and most pervasive attacks launched against websites is the Distributed Denial of Service (DDoS) attack....
- By
April 29, 2015 2:30 PM
Introducing Multi-User Organizations: Share An Account Without Sharing A Login
An enterprise needs security and controls around access. Your web developer needs to update your website’s logo and make sure it’s live immediately, but doesn’t need access to your SSL keys. ...
- By
April 21, 2015 10:14 PM
Contributing back to the security community
This Friday at the RSA Conference in San Francisco, along with Marc Rogers, Principal Security Researcher at CloudFlare, I'm speaking about a version of The Grugq's PORTAL, an open source network security device designed to make life easier and safer....
- By
February 27, 2015 11:50 PM
Protecting web origins with Authenticated Origin Pulls
As we have been discussing this week, securing the connection between CloudFlare and the origin server is arguably just as important as securing the connection between end users and CloudFlare. ...
- By
February 26, 2015 1:25 AM
Enforce Web Policy with HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security (HSTS, RFC 6797) is a web security policy technology designed to help secure HTTPS web servers against downgrade attacks....
- By
February 24, 2015 8:15 PM
Universal SSL: Encryption all the way to the origin, for free
Last September, CloudFlare unveiled Universal SSL, enabling HTTPS support for all sites by default. All sites using CloudFlare now support strong cryptography from the browser to CloudFlare’s servers....
- By
February 24, 2015 2:20 PM
TLS Session Resumption: Full-speed and Secure
At CloudFlare, making web sites faster and safer at scale is always a driving force for innovation. We introduced “Universal SSL” to dramatically increase the size of the encrypted web....
- By
February 23, 2015 8:22 PM
Do the ChaCha: better mobile performance with cryptography
CloudFlare is always trying to improve customer experience by adopting the latest and best web technologies so that our customers (and their visitors) have a fast and a secure web browsing experience....
- By
February 23, 2015 6:51 PM
End of the road for RC4
Today, we completely disabled the RC4 encryption algorithm for all SSL/TLS connections to CloudFlare sites. It's no longer possible to connect to any site that uses CloudFlare using RC4....
- By
February 23, 2015 12:35 PM
SSL Week Means Less Weak SSL
I'm excited to announce that today kicks off SSL Week at CloudFlare. Over the course of this week, we'll make a series of announcements on what we're doing to improve encryption on the Internet....
- By
January 21, 2015 9:47 PM
Flexible SSL & Wordpress: Fixing “Mixed Content” Errors
As many are aware, CloudFlare launched Universal SSL several months ago. We saw lots of customers sign up and start using these new, free SSL certificates. For many customers that didn’t already have an SSL certificate, they were able to use “Flexible SSL”....
- By
December 22, 2014 9:08 PM
Kyoto Tycoon Secure Replication
Kyoto Tycoon is a distributed key-value store written by FAL Labs, and it is used extensively at CloudFlare. Like many popular key-value stores, Kyoto Tycoon uses timestamp-based replication to ensure eventual consistency and guarantee ordering....
- By
November 10, 2014 11:28 PM
CloudFlare and SHA-1 Certificates
At CloudFlare, we’re dedicated to ensuring sites are not only secure, but also available to the widest audience. In the coming months, both Google’s Chrome browser and Mozilla’s Firefox browser are changing their policy with respect to certain web site certificates....
- By