Evenly Distributed Future
08/22/2016
Traveling back and forth between the UK and US I often find myself answering the question “What does CloudFlare do?”. That question gets posed by USCIS on arrival and I’ve honed a short and accurate answer. ...
The Cuban CDN
08/18/2016
On a recent trip to Cuba I brought with me a smartphone and hoped to get Internet access either via WiFi or 3G. I managed that (at a price) but also saw for myself how Cubans get access to an alternate Internet delivered by sneakernet....
Bandwidth Costs Around the World
08/17/2016
CloudFlare protects over 4 million Internet properties using our global network which spans 86 cities across 45 countries. Running this network give us a unique vantage point to track the evolving cost of bandwidth around the world....
Accelerating Node.js applications with HTTP/2 Server Push
08/16/2016
In April, we announced support for HTTP/2 Server Push via the HTTP Link header. My coworker John has demonstrated how easy it is to add Server Push to an example PHP application. We wanted to make it easy to improve the performance of contemporary websites built with Node.js. ...
This is strictly a violation of the TCP specification
08/12/2016
I was asked to debug another weird issue on our network. Apparently every now and then a connection going through CloudFlare would time out with 522 HTTP error....
CloudFlare's JSON-powered Documentation Generator
08/03/2016
Everything that it's possible to do in the CloudFlare Dashboard is also possible through our RESTful API. We use the same API to power the dashboard itself....
Introducing the p0f BPF compiler
08/02/2016
Two years ago we blogged about our love of BPF (BSD packet filter) bytecode. Today we are very happy to open source another component of the bpftools: our p0f BPF compiler!...
Ask Some HTTP/2 Pros The Hard Questions
07/20/2016
We're big fans of HTTP/2 and our customers make up the majority of HTTP/2 enabled domains today. HTTP/2 is a key part of the modern web, and its growth and adoption is changing how websites and applications are built....
CloudFlare sites protected from httpoxy
07/18/2016
We have rolled out automatic protection for all customers for the the newly announced vulnerability called httpoxy....
More data, more data
07/12/2016
The life of a request to CloudFlare begins and ends at the edge. But the afterlife! Like Catullus to Bithynia, the log generated by an HTTP request or a DNS query has much, much further to go....
Why we use the Linux kernel's TCP stack
07/07/2016
A recent blog post posed the question Why do we use the Linux kernel's TCP stack?. It triggered a very interesting discussion on Hacker News....
HTTP/2 Server Push with multiple assets per Link header
06/30/2016
In April we announced that we had added experimental support for HTTP/2 Server Push to all CloudFlare web sites. We did this so that our customers could iterate on this new functionality. ...
The complete guide to Go net/http timeouts
06/29/2016
When writing an HTTP server or client in Go, timeouts are amongst the easiest and most subtle things to get wrong: there’s many to choose from, and a mistake can have no consequences for a long time, until the network glitches and the process hangs....
Economical With The Truth: Making DNSSEC Answers Cheap
06/24/2016
We launched DNSSEC late last year and are already signing 56.9 billion DNS record sets per day. At this scale, we care a great deal about compute cost....
A Post Mortem on this Morning's Incident
06/21/2016
We would like to share more details with our customers and readers on the internet outages that occurred this morning and earlier in the week, and what we are doing to prevent these from happening again....
Join Us And Paul Vixie On Tuesday To Discuss BIND, Root Servers, And DNS Security
06/17/2016
CloudFlare and Gandi have been hosting a speaker series on DNS, previously bringing in the founder of DNS Paul Mockapetris and Dan Kaminsky, who uncovered one of the most critical vulnerabilities in DNS....
Moscow, Russia: CloudFlare’s 83rd data center
06/16/2016
Здравствуйте! ))) CloudFlare is excited to announce the newest addition to our network in the largest country in the world (by footprint), increasing both our data center and city count to 83. ...
Hello, Colorado! CloudFlare's 82nd Data Center is Live in Denver
06/15/2016
Hello from the Mile High City! Denver is our twelfth data center in the United States, and our 82nd data center globally, improving regional web performance....
Secure and fast GitHub Pages with CloudFlare
06/14/2016
GitHub offers a web hosting service whereby you can serve a static website from a GitHub repository. This platform, GitHub Pages, can be used with CloudFlare whilst using a custom domain name. ...
Brussels, Belgium: CloudFlare's 81st Data Center is Live!
06/13/2016
Our week begins in Brussels, where we announce our newest data center. This is our 23rd data center in Europe alone, and our 81st data center globally - providing additional redundancy to nearby facilities in Amsterdam and Paris....
Optimizing TLS over TCP to reduce latency
06/10/2016
The layered nature of the Internet (HTTP on top of some reliable transport (e.g. TCP), TCP on top of some datagram layer (e.g. IP), IP on top of some link (e.g. Ethernet)) has been very important in its development. ...
Perth, Australia: 80th Data Center
06/10/2016
CloudFlare is excited to announce the launch of our newest data center in Perth, Australia. This expands the breadth of our global network to span 80 unique cities across 41 countries, and is our fourth data center in the Oceania region....
Open Sourcing CloudFlare’s UI Framework
06/08/2016
Late last year, the CloudFlare UI team made a huge decision: to change JavaScript frameworks from Backbone & Marionette to React & Redux....
Supporting the transition to IPv6-only networking services for iOS
06/07/2016
Early last month Apple announced that all apps submitted to the Apple Store June 1 forward would need to support IPv6-only networking as they transition to IPv6-only network services in iOS 9. ...
The Sleepy User Agent
05/17/2016
From time to time a customer writes in and asks about certain requests that have been blocked by the CloudFlare WAF. Recently, a customer couldn’t understand why it appeared that some simple GET requests for their homepage were listed as blocked in WAF analytics....
Using HTTP/2 Server Push with PHP
05/13/2016
Two weeks ago CloudFlare announced that it was supporting HTTP/2 Server Push for all our customers. By simply adding a Link header to an HTTP response specifying preload CloudFlare would automatically push items to web browsers that support Server Push....
Open sourcing our NGINX HTTP/2 + SPDY code
05/13/2016
In December, we released HTTP/2 support for all customers and on April 28 we released HTTP/2 Server Push support as well....
How we built Origin CA: Web Crypto
05/10/2016
At CloudFlare we strive to combine features that are simple, secure, and backed by solid technology. The Origin CA is a great example of this. You no longer need to go to a third-party certificate authority to protect the connection between CloudFlare and your origin server....
python-cloudflare
05/09/2016
Very early on in the company’s history we decided that everything that CloudFlare does on behalf of its customer-base should be controllable via an API. In fact, when you login to the CloudFlare control panel, you’re really just making API calls to our backend services....
Sunsetting API v1 In Favor Of CloudFlare’s Current Client API: API v4
05/09/2016
Today we’re announcing the sunsetting of CloudFlare’s first client API, API v1. Starting November 9th, 2016 at noon Pacific Time (20:00 UTC), CloudFlare will no longer be supporting API v1....
Inside ImageTragick: The Real Payloads Being Used to Hack Websites
05/09/2016
Last week multiple vulnerabilities were made public in the popular image manipulation software, ImageMagick. These were quickly named ImageTragick. ...
First Bay Area OpenResty Meetup
05/09/2016
On March 9, 章亦春, known to most of us as agentzh, organized the first Bay Area OpenResty Meetup at CloudFlare's San Francisco office....
Everybody gets WebSockets
05/05/2016
Two summers ago, with a seemed-big-at-the-time network of 28 datacenters, not long after introducing Medellin, CloudFlare introduced support for WebSockets, initially for our Enterprise customers....
Dan Kaminsky Will Be Taking Your Questions At Our DNS Meetup Next Week In San Francisco
05/04/2016
Our last DNS meetup was a packed house with Paul Mockapetris, the original inventor of DNS. We learned why DNS answers have a question count but always only one question, why underscores aren’t allowed in domain names, and the history of how DNS came to be....
Yet Another Padding Oracle in OpenSSL CBC Ciphersuites
05/04/2016
Yesterday a new vulnerability has been announced in OpenSSL/LibreSSL. A padding oracle in CBC mode decryption, to be precise. Just like Lucky13. Actually, it’s in the code that fixes Lucky13....
Introducing CloudFlare Origin CA
05/03/2016
In the fall of 2014 CloudFlare launched Universal SSL and doubled the number of sites on the Internet accessible via HTTPS. In just a few days we issued certificates protecting millions of our customers’ domains and became the easiest way to secure your website with SSL/TLS....
Stronger protection and more control over security settings with CloudFlare’s new cPanel plugin
05/02/2016
CloudFlare has released a new version of our plugin for cPanel with two new features and more control over the security settings of your website....
Bangkok, Thailand: CloudFlare’s 79th Data Center
05/01/2016
CloudFlare just turned up our newest data center in Bangkok, the capital of Thailand and a very popular destination with travelers in Southeast Asia. This expands our network to span 32 cities across Asia, and 79 cities globally....
Lizard Squad Ransom Threats: New Name, Same Faux Armada Collective M.O.
04/29/2016
CloudFlare recently wrote about the group of cyber criminals claiming to be be the "Armada Collective." In that article, we stressed that this group had not followed through on any of the ransom threats they had made. ...
