Stories from our recent global data center upgrade

Published on by Nitin Rao.

Each day at CloudFlare is full of surprises. As it turns out, it takes a lot of work to stop massive attacks and to help make the web faster. Over the past six months, our entire team has contributed in every way imaginable to more than double the capacity of our global network. Below is a behind-the-scenes look into how we keep our global network running. Along the…

CloudFlare DNS is simple, fast and flexible

Published on by Sam Howson.

Over the past few years, the CloudFlare blog has covered a great range of different topics, drilling down into the technology we use to both protect websites from attack, and optimise them so that they load faster for visitors. One thing we haven't spent enough time talking about so far though also happens to be at the core of the way our service, as well as…

Killing RC4 (softly)

Published on by Piotr Sikora.

Back in 2011, the BEAST attack on the cipher block chaining (CBC) encryption mode used in TLS v1.0 was demonstrated. At the time the advice of experts (including our own) was to prioritize the use of RC4-based cipher suites. The BEAST vulnerability itself had already been fixed in TLS v1.1 a few years before, but in 2011 the adoption of TLS v1.1 was virtually non-existent…

CloudFlare Transparency Report on National Security Orders

Published on by Kenneth R. Carter.

Earlier today, the Department of Justice and the Director of National Intelligence announced a change in rules governing the disclosure of National Security Orders, including National Security Letters (NSLs) received by a company. The DoJ and DNI now allow companies to disclose the number of NSLs and FISA orders as a single number in bands of 250, starting with 0-249. For us at CloudFlare, we have long felt…

Protect Your Sites With Rapidly Deployed WAF Rules

Published on by John Graham-Cumming.

This blog post originally appeared as a guest post on the Rackspace blog An attack on your site could be catastrophic. Even a small attack can have major implications. Responding quickly to an attack is imperative. In August 2013, we at CloudFlare rolled out a new global Web Application Firewall (WAF) that runs common sets of firewall rules such as the open source OWASP rules that protect against…