Staying up to date with the latest protocols: SPDY/3.1

Published on by John Graham-Cumming.

Back in June 2012 CloudFlare started a beta rollout of Google's then new SPDY protocol and we took a detailed look at how SPDY makes web sites faster. Since then we've watched carefully as SPDY has evolved through different versions and have been keeping an eye on a new Google-driven protocol called QUIC. In August 2012 we rolled out SPDY for all our customers…

Introducing Strict SSL: Protecting Against a Man-in-the-Middle Attack on Origin Traffic

Published on by Nick Sullivan.

Update: Cloudflare now issues free certificates for the origin, see: https://blog.cloudflare.com/cloudflare-ca-encryption-origin/ for more details At CloudFlare, we are always looking for ways to improve the security of our customers’ websites. One of the features we provide is the ability to serve their website encrypted over SSL/TLS. Today we are announcing a new feature to help make encryption on the web safer and…

Technical Details Behind a 400Gbps NTP Amplification DDoS Attack

Published on by Matthew Prince.

On Monday we mitigated a large DDoS that targeted one of our customers. The attack peaked just shy of 400Gbps. We've seen a handful of other attacks at this scale, but this is the largest attack we've seen that uses NTP amplification. This style of attacks has grown dramatically over the last six months and poses a significant new threat to the web. Monday&…

Stories from our recent global data center upgrade

Published on by Nitin Rao.

Each day at CloudFlare is full of surprises. As it turns out, it takes a lot of work to stop massive attacks and to help make the web faster. Over the past six months, our entire team has contributed in every way imaginable to more than double the capacity of our global network. Below is a behind-the-scenes look into how we keep our global network running. Along the…

CloudFlare DNS is simple, fast and flexible

Published on by Sam Howson.

Over the past few years, the CloudFlare blog has covered a great range of different topics, drilling down into the technology we use to both protect websites from attack, and optimise them so that they load faster for visitors. One thing we haven't spent enough time talking about so far though also happens to be at the core of the way our service, as well as…