The end of the road for Server: cloudflare-nginx

Published on by John Graham-Cumming.

Six years ago when I joined Cloudflare the company had a capital F, about 20 employees, and a software stack that was mostly NGINX, PHP and PowerDNS (there was even a little Apache). Today, things are quite different. CC BY-SA 2.0 image by Randy Merrill The F got lowercased, there are now more than 500 people and the software stack has changed radically. PowerDNS is gone and…

Building a new IMDB: Internet Mince Pie Database

Published on by Tom Arnfeld.

CC-BY-SA 2.0 image by Phil! Gold Since joining Cloudflare I’ve always known that as we grew, incredible things would be possible. It’s been a long held ambition to work in an organisation with the scale to answer a very controversial and difficult question. To do so would require a collection of individuals with a depth of experience, passion, dedication & above all collaborative spirit. As…

On the Leading Edge - Cloudflare named a leader in The Forrester Wave: DDoS Mitigation Solutions

Published on by Jen Taylor.

Cloudflare has been recognized as a leader in the “Forrester WaveTM: DDoS Mitigation Solutions, Q4 2017.” The DDoS landscape continues to evolve. The increase in sophistication, frequency, and range of targets of DDoS attacks has placed greater demands on DDoS providers, many of which were evaluated in the report. This year, Cloudflare received the highest scores possible in 15 criteria, including: Length of Implementation Layers 3 and 4…

CAA of the Wild: Supporting a New Standard

Published on by Max Nystrom.

One thing we take pride in at Cloudflare is embracing new protocols and standards that help make the Internet faster and safer. Sometimes this means that we’ll launch support for experimental features or standards still under active development, as we did with TLS 1.3. Due to the not-quite-final nature of some of these features, we limit the availability at the onset to only the most ardent…

Make SSL boring again

Published on by Alessandro Ghedini.

It may (or may not!) come as surprise, but a few months ago we migrated Cloudflare’s edge SSL connection termination stack to use BoringSSL: Google's crypto and SSL implementation that started as a fork of OpenSSL. We dedicated several months of work to make this happen without negative impact on customer traffic. We had a few bumps along the way, and had to overcome some challenges, but…