A (Relatively Easy To Understand) Primer on Elliptic Curve Cryptography

Published on by Nick Sullivan.

Elliptic Curve Cryptography (ECC) is one of the most powerful but least understood types of cryptography in wide use today. At CloudFlare, we make extensive use of ECC to secure everything from our customers' HTTPS connections to how we pass data between our data centers. Fundamentally, we believe it's important to be able to understand the technology behind any security system in order to trust…

CloudFlare And Open Source Software: A Two-Way Street

Published on by John Graham-Cumming.

CloudFlare uses a great deal of open source and free software. Our core server platform is nginx (which is released using a two-clause BSD license) and our primary database of choice is postgresql (which is released using their own BSD-like license). We've talked in the past about our use of Kyoto Tycoon (which is released under the GNU General Public License) and we've built…

How I created the viral sensation: isthegovernmentopen.com

Published on by Kristin Tarr.

The following is a guest blog post by Michael Tomko, Production Director at The Able Few. Michael has been using CloudFlare for a number of his projects for the last few years. A few years ago, amidst the final crunch of a project deadline, a friend and former colleague looked me directly in the eye and said, "It's like I don't…

Patching a WHMCS zero day on day zero

Published on by Dane Knecht.

A critical zero-day vulnerability was published today affecting any hosting provider using WHMCS. As part of building a safer web, CloudFlare has added a ruleset to our Web Application Firewall (WAF) to block the published attack vector. Hosting partners running their WHMCS behind CloudFlare's WAF can enable the WHMCS Ruleset and implement best practices to be fully protected from the attack.  Our friends at…

Ensuring Randomness with Linux's Random Number Generator

Published on by Nick Sullivan.

attribution: Flickr/mark van de wouw license: CC Attribution-NonCommercial-ShareAlike 2.0 Generic When building secure systems, having a source of random numbers is essential. Without them, most cryptographic systems break down and the privacy and authenticity of communications between two parties can be subverted. For example, if you’re reading this using a link to https://blog.cloudflare.com then the SSL connection you are…