Subscribe to receive notifications of new posts:

Subscription confirmed. Thank you for subscribing!

August 23, 2013 6:31AM

CloudFlare's new WAF: compiling to Lua

NGINX WAF Reliability

We use nginx throughout our network for front-line web serving, proxying and traffic filtering. In some cases, we've augmented the core C code of nginx with our own modules, but recently we've made a major move to using Lua in conjunction with nginx. One project that's now almost entirely written in Lua is the new CloudFlare WAF that we blogged about the other day. The Lua WAF uses the nginx Lua module to embed Lua code and execute that code as part of the normal nginx handling of phases....

August 20, 2013 6:00PM

Updating Our Privacy Policy

Legal Privacy

Hi I’m Ken Carter, CloudFlare’s newly minted in-house counsel. Now that I have introduced myself, feel free to introduce yourself. Or, don’t. You may want to remain anonymous because you value your privacy. We do, too....

July 30, 2013 9:20AM

DDoS Prevention: Protecting The Origin

DDoS Reliability

One of the many great features that CloudFlare provides is protection from Distributed Denial of Service (DDoS) attacks. A malicious party who wants to make your website or web service unavailable could try to overwhelm it with requests from compromised machines (or bots) all around the world....

July 12, 2013 12:02AM

Staying on top of TLS attacks

TLS RC4 Attacks Security

CloudFlare makes extensive use of TLS connections throughout our service which makes staying on top of the latest news about security problems with TLS a priority. We use TLS both externally and internally and different uses of TLS have different constraints....