Introducing Cloudflare for Teams01/07/2020Product NewsCloudflare AccessSecurityVPNCloudflare Zero TrustCloudflare GatewayTen years ago, when Cloudflare was created, the Internet was a place that people visited. People still talked about ‘surfing the web’ and the iPhone was less than two years old, but on July 4, 2009 large scale DDoS attacks were launched against websites in the US and South Korea....Matthew Prince
Security on the Internet with Cloudflare for Teams01/07/2020Product NewsCloudflare AccessCloudflare Zero TrustSecurityTen years ago, when Cloudflare launched, businesses and organizations purchased expensive on-premise hardware to keep their sites online first and foremost. If they wanted those sites to be faster, or safer, they needed to buy more boxes. ...Sam Rhea
Cloudflare + Remote Browser Isolation01/07/2020Product NewsCloudflare AccessCloudflare Zero TrustSecurityVPNAcquisitionsCloudflare announced today that it has purchased S2 Systems Corporation, a Seattle-area startup that has built an innovative remote browser isolation solution unlike any other currently in the market....Darren Remington
Cloudflare Expanded to 200 Cities in 201901/04/2020Cloudflare NetworkData CenterUSAMiddle EastAustraliaAPJCWe have some exciting news to ring in the new decade: Cloudflare’s global network has expanded to 200 cities across 90+ countries....Jon Rolfe
Adopting a new approach to HTTP prioritization12/31/2019Speed & ReliabilityProduct NewsIETFHTTP prioritization is important for web performance. This is the story behind a new approach recently adopted for further work in the IETF....Lucas Pardue
Happy Holidays!12/27/2019Life at CloudflareHolidaysThere are over 50 languages spoken at Cloudflare, as we have natives from many countries on our team, with different backgrounds, religions, gender and cultures. And it is this diversity that makes us a great team....Val Vesa
The Serverlist: Deploying Wordpress to Cloudflare, Atlassian Cloud Serverless, and more12/27/2019ServerlessThe Serverlist NewsletterCloudflare WorkersDevelopersDeveloper PlatformCheck out our eleventh edition of The Serverlist below. Get the latest scoop on the serverless space, get your hands dirty with new developer tutorials, engage in conversations with other serverless developers, and find upcoming meetups and conferences to attend....Connor Peshek
This holiday's biggest online shopping day was... Black Friday12/24/2019eCommerceSpeed & ReliabilityWhat’s the biggest day of the holiday season for holiday shopping? Black Friday, the day after US Thanksgiving, has been embraced globally as the day retail stores announce their sales....John Graham-Cumming
First Half 2019 Transparency Report and an Update on a Warrant Canary12/20/2019LegalTrust & SafetyTransparencyToday, we are releasing Cloudflare’s transparency report for the first half of 2019. We recognize the importance of keeping the reports current, but It’s taken us a little longer than usual to put it together. We have a few notable updates. ...Alissa StarzakJustin Paine
An Update on CDNJS12/19/2019CDNJSJavaScriptOpen SourceDevelopersCDNJS powers over 10% of the web. A month ago it needed our help, now it needs yours....Zack Bloom
Announcing the CSAM Scanning Tool, Free for All Cloudflare Customers12/18/2019LegalAbuseTwo weeks ago we wrote about Cloudflare's approach to dealing with child sexual abuse material (CSAM). We first began working with the National Center for Missing and Exploited Children (NCMEC), the US-based organization that acts as a clearinghouse for removing this abhorrent content...Justin PaineJohn Graham-Cumming
How we used our new GraphQL Analytics API to build Firewall Analytics12/12/2019Product NewsAnalyticsAPIGraphQLFirewall Analytics is the first product in the Cloudflare dashboard to utilize the new GraphQL API. All Cloudflare dashboard products are built using the same public APIs that we provide to our customers, allowing us to understand the challenges they face when interfacing with our APIs....Nick Downie
Introducing the GraphQL Analytics API: exactly the data you need, all in one place12/12/2019AnalyticsProduct NewsAPIGraphQLDevelopersWith our new GraphQL Analytics API, all of your performance, security, and reliability data is available from one endpoint, and you can select exactly what you need....Filipp Nisenzoun
New tools to monitor your server and avoid downtime12/11/2019InsightsAnalyticsProduct NewsWhen your server goes down, it’s a big problem. Today, Cloudflare is introducing two new tools to help you understand and respond faster to origin downtime — plus, a new service to automatically avoid downtime....Brian BatraskiJon LevineSteven Pack
The Two-Year Anniversary of The Athenian Project: Preparing for the 2020 Elections12/10/2019Athenian ProjectLegalTwo years ago, Cloudflare launched its Athenian Project, an effort to protect state and local government election websites from cyber attacks. With the two-year anniversary and many 2020 elections approaching, we are renewing our commitment to provide Cloudflare’s highest level of services for free...Jocelyn Woolbright
Introducing Load Balancing Analytics12/10/2019InsightsAnalyticsLoad BalancingProduct NewsCloudflare aspires to make Internet properties everywhere faster, more secure, and more reliable. Load Balancing helps with speed and reliability and has been evolving over the past three years....Brian BatraskiRohin Lohe
Firewall Analytics: Now available to all paid plans12/09/2019InsightsFirewallAnalyticsProduct NewsOur Firewall Analytics tool enables customers to quickly identify and investigate security threats using an intuitive interface. Until now, this tool had only been available to our Enterprise customers....Alex Cruz Farmer
Announcing deeper insights and new monitoring capabilities from Cloudflare Analytics12/09/2019InsightsAnalyticsProduct NewsLoad BalancingThis week we’re excited to announce a number of new products and features that provide deeper security and reliability insights, “proactive” analytics when there’s a problem, and more powerful ways to explore your data....Filipp Nisenzoun
Cloudflare’s Response to CSAM Online12/06/2019LegalCommunityTrust & SafetyResponding to incidents of child sexual abuse material (CSAM) online has been a priority at Cloudflare from the beginning. The stories of CSAM victims are tragic, and bring to light an appalling corner of the Internet. ...Doug KramerJustin Paine
Thinking about color12/05/2019Deep DiveDesignDashboardAn exploration of building accessible color systems for flexible UI theming. ...Sam Mason de CairesAdam Morse
The Serverlist: Full Stack Serverless, Serverless Architecture Reference Guides, and more12/02/2019The Serverlist NewsletterServerlessCloudflare WorkersCloudflare Workers KVDevelopersDeveloper PlatformCheck out our tenth edition of The Serverlist below. Get the latest scoop on the serverless space, get your hands dirty with new developer tutorials, engage in conversations with other serverless developers, and find upcoming meetups and conferences to attend....Connor Peshek
A History of HTML Parsing at Cloudflare: Part 211/29/2019RustCloudflare WorkersServerlessWorkers SitesJavaScriptProduct NewsDeep DiveDevelopersDeveloper PlatformThe second blog post in the series on HTML rewriters picks up the story in 2017 after the launch of the Cloudflare edge compute platform Cloudflare Workers. It became clear that the developers using workers wanted the same HTML rewriting capabilities that we used internally, ...Andrew GalloniIvan Nikulin
A History of HTML Parsing at Cloudflare: Part 111/28/2019RustProduct NewsServerlessCloudflare WorkersWorkers SitesJavaScriptTo coincide with the launch of streaming HTML rewriting functionality for Cloudflare Workers we are open sourcing the Rust HTML rewriter (LOL HTML) used to back the Workers HTMLRewriter API. We also thought it was about time to review the history of HTML rewriting at Cloudflare....Andrew GalloniIngvar Stepanyan
Introducing the HTMLRewriter API to Cloudflare Workers11/28/2019Cloudflare WorkersWorkers SitesServerlessJAMstackJavaScriptProduct NewsDevelopersDeveloper PlatformThe HTMLRewriter can help solve two big problems web developers face today: making changes to the HTML, when they are hard to make at the server level, and making it possible for HTML to live on the edge, closer to the user — without sacrificing dynamic functionality....Rita Kozlov
Harnessing the Power of the People: Cloudflare’s First Security Awareness Month Design Challenge Winners11/27/2019SecurityCommunityGrabbing the attention of employees at a security and privacy-focused company on security awareness presents a unique challenge; how do you get people who are already thinking about security all day to think about it some more?...Jacqueline Keith
Introducing Flan Scan: Cloudflare’s Lightweight Network Vulnerability Scanner11/21/2019SecurityProduct NewsPythonDevelopersToday, we’re excited to open source Flan Scan, Cloudflare’s in-house lightweight network vulnerability scanner. Flan Scan is a thin wrapper around Nmap that converts this popular open source tool into a vulnerability scanner with the added benefit of easy deployment....Nadin El-Yabroudi
Even faster connection establishment with QUIC 0-RTT resumption11/20/2019QUICTLSSecuritySpeed & ReliabilityOne of the more interesting features introduced by TLS 1.3, the latest revision of the TLS protocol, was the so called “zero roundtrip time connection resumption”, a mode of operation that allows a client to start sending application data, such as HTTP requests...Alessandro Ghedini
Log every request to corporate apps, no code changes required11/17/2019Cloudflare AccessProduct NewsSecurityVPNLogsCloudflare Access can give your team the ability to introduce logging in a single gateway that applies to all resources protected behind it....Sam Rhea
What’s new with Workers KV?11/06/2019Cloudflare Workers KVCloudflare WorkersServerlessProduct NewsAPIDevelopersDeveloper PlatformThe Storage team has shipped some new features for Workers KV that folks have been asking for. In this post, we'll talk about some of these new features and how to use them....Steve Klabnik
The Serverlist: GitHub Actions, Deployment Best Practices, and more11/05/2019ServerlessThe Serverlist NewsletterCloudflare WorkersDevelopersDeveloper PlatformCheck out our ninth edition of The Serverlist below. Get the latest scoop on the serverless space, get your hands dirty with new developer tutorials, engage in conversations with other serverless developers, and find upcoming meetups and conferences to attend....Connor Peshek
The Project Jengo Saga: How Cloudflare Stood up to a Patent Troll – and Won!11/04/2019LegalJengoCommunityRemember 2016? Pokemon Go was all the rage, we lost Prince, and there were surprising election results in both the UK and US. Back in 2016, Blackbird Technologies was notorious in the world of patent litigation....Alex Krivit
Going Keyless Everywhere11/01/2019Crypto WeekSecurityKeyless SSLCryptographyTime flies. The Heartbleed vulnerability was discovered just over five and a half years ago. Heartbleed became a household name not only because it was one of the first bugs with its own web page and logo, but because of what it revealed about the fragility of the Internet as a whole....Nick SullivanChris Broglie
Delegated Credentials for TLS11/01/2019Crypto WeekSecurityKeyless SSLProduct NewsResearchCryptographyToday we’re happy to announce support for a new cryptographic protocol that helps make it possible to deploy encrypted services in a global network while still maintaining fast performance and tight control of private keys: Delegated Credentials for TLS. ...Nick SullivanWatson Ladd
Announcing cfnts: Cloudflare's implementation of NTS in Rust10/31/2019Crypto WeekSecurityProduct NewsResearchCryptographySeveral months ago we announced that we were providing a new public time service. Part of what we were providing was the first major deployment of the new Network Time Security protocol, with a newly written implementation of NTS in Rust. ...Watson LaddPop Chunhapanya
The TLS Post-Quantum Experiment10/30/2019Crypto WeekTLSSecurityResearchPost-QuantumCryptographyIn June, we announced a wide-scale post-quantum experiment with Google. We implemented two post-quantum (i.e., not yet known to be broken by quantum computers) key exchanges, integrated them into our TLS stack and deployed the implementation on our edge servers and in Chrome Canary clients....Kris KwiatkowskiLuke Valenta