Introducing the BPF Tools
2014-07-03
In a recent article I described the basic concepts behind the use of Berkeley Packet Filter (aka BSD Packet filter or BPF) bytecode for high performance packet filtering, and the xt_bpf iptables module....
Making code better with reviews
2014-07-02
In the past we've written about how CloudFlare isn't afraid to rip out and replace chunks of code that have proved to be hard to maintain or have simply reach end of life. ...
Q&A with Ryan Lackey
2014-06-18
I started using the Internet when I was young—in the early 1990s, before I was a teenager. I was drawn to security for two main reasons....
CloudFlare Acquires CryptoSeal
2014-06-18
We're excited to announce that CloudFlare has acquired the Trusted Computing and virtual private network (VPN) as a service company CryptoSeal. ...
Buongiorno, Milano! CloudFlare’s 26th Data Center Now Live
2014-06-16
Italy is known for many great things. First and foremost, the Azzurri—2006 World Cup champions and (as of yesterday) dashers of England's world cup hopes—but also the Colosseum, the fountains of Florence, the canals of Venice, the Alps, and more....
CloudFlare's 25th data center turns up to ease collective disappointment of Spanish fútbol fans
2014-06-13
After a drubbing earlier today of La Roja by The Flying Dutchmen, we felt obliged to deliver at least one piece of good news to the 34 million fútbol loving Internet users in Spain: CloudFlare's 25th data center in Madrid, Spain....
New .uk domains now supported
2014-06-13
On the 10th of June, the UK domain registry Nominet made available second-level domain namespace to the public, allowing anyone to register a domain ending with simply .uk...
Naming Project Galileo
2014-06-12
Earlier today, CloudFlare announced Project Galileo to protect free speech on the Web by using its sophisticated anti-DDoS resources. ...
Protecting Free Expression Online
2014-06-12
Over the last few years, we’ve witnessed a troubling trend: an increasing number of politically or artistically important sites targeted by very large denial of service attacks. ...
Eliminating the last reasons to not enable IPv6
2014-06-05
Today is June 6. For the last two years, the date has been celebrated as World IPv6 Day. CloudFlare has offered full IPv6 support as well as our IPv6-to-IPv4 gateway since 2012....
Three years after World IPv6 Day
2014-06-05
It’s been over 1,000 days since the Internet Society’s World IPv6 Day and a lot of positive things have happened in that world of IPv6 content delivery. At CloudFlare we have not been sitting still either. ...
New OpenSSL vulnerabilities: CloudFlare systems patched
2014-06-05
The OpenSSL team announced seven vulnerabilities covering OpenSSL 0.9.8, 1.0.0, 1.0.1 and 1.0.2 (i.e. all versions) earlier today....
CloudFlare is PCI Certified
2014-06-04
Great news for everyone using CloudFlare on an e-commerce site, or a site accepting or processing credit card transactions. After undergoing a Payment Card Industry (PCI) Data Security Standard (DSS) 2.0 security control assessment, we’ve been certified as a Level 1 service provider....
Welcome to Miami: HostingCon 2014
2014-05-28
This year’s HostingCon will be held in Miami Beach, and the CloudFlare team is busy prepping. This is our fourth year at the show and our team is excited to see partners, customers and friends....
CloudFlare Meetups: Set your mind on fire.
2014-05-27
Education, expertise, and community: these themes define Meetups at CloudFlare. Meetups in our office bring together industry leaders, academics, and field experts to examine topics ranging from the Go programming language, to databases, to cryptography, and more....
BPF - the forgotten bytecode
2014-05-21
Every once in a while I run into an obscure computer technology that is a hidden gem, which over the years has become mostly forgotten. This is exactly how I feel about the tcpdump tool and its kernel counterpart the packet filter interface....
The Web is World-Wide, or who still needs RC4?
2014-05-19
Two weeks ago we changed our TLS configuration to deprioritize the RC4 encryption method because it is widely thought to be vulnerable to attack. At the time we had an internal debate about turning off RC4 altogether, but statistics showed that we couldn't....
Killing RC4: The Long Goodbye
2014-05-07
At CloudFlare we spend a lot of time thinking about the best way to keep our customers’ data safe. Despite recent troubles, HTTPS is still the best way to deliver encrypted content for the web. ...
Tracking our SSL configuration
2014-05-03
Over time we've updated the SSL configuration we use for serving HTTPS as the security landscape has changed. In the past we've documented those changes in blog posts....
Searching for The Prime Suspect: How Heartbleed Leaked Private Keys
2014-04-27
Within a few hours of CloudFlare launching its Heartbleed Challenge the truth was out. Not only did Heartbleed leak private session information (such as cookies and other data that SSL should have been protecting), but the crown jewels of an HTTPS web server were also vulnerable....