Introducing Cloudflare Stream: Fixing the Streaming Video Market

Published on by Matthew Prince.

Cloudflare turns seven years old today. We launched on September 27, 2010. It was only a few days after our launch that we got our first request to support video streaming. Yet, until today, we'd avoided it. Why? Simply put: the video streaming market is screwed up. While there's a lot of money spent on video, there are only really about 1,000 customers that do any meaningful…

Introducing the Cloudflare Geo Key Manager

Published on by Patrick R. Donahue.

Cloudflare’s customers recognize that they need to protect the confidentiality and integrity of communications with their web visitors. The widely accepted solution to this problem is to use the SSL/TLS protocol to establish an encrypted HTTPS session, over which secure requests can then be sent. Eavesdropping is protected against as only those who have access to the “private key” can legitimately identify themselves to browsers and…

No Scrubs: The Architecture That Made Unmetered Mitigation Possible

Published on by John Graham-Cumming.

When building a DDoS mitigation service it’s incredibly tempting to think that the solution is scrubbing centers or scrubbing servers. I, too, thought that was a good idea in the beginning, but experience has shown that there are serious pitfalls to this approach. A scrubbing server is a dedicated machine that receives all network traffic destined for an IP address and attempts to filter good traffic from…

Meet Gatebot - a bot that allows us to sleep

Published on by Marek Majkowski.

In the past, we’ve spoken about how Cloudflare is architected to sustain the largest DDoS attacks. During traffic surges we spread the traffic across a very large number of edge servers. This architecture allows us to avoid having a single choke point because the traffic gets distributed externally across multiple datacenters and internally across multiple servers. We do that by employing Anycast and ECMP. We don't use…