SSL Week Means Less Weak SSL

Published on by Matthew Prince.

{<1>} I'm excited to announce that today kicks off SSL Week at CloudFlare. Over the course of this week, we'll make a series of announcements on what we're doing to improve encryption on the Internet. Inherently, for encryption to be the most effective, it has to meet three criteria: 1) it needs to be easy and inexpensive to use; 2) it needs to be fast so…

Get Started with CloudFlare ServerShield for Plesk

Published on by Ashley Gorringe.

ServerShield makes it easy to activate CloudFlare and StopTheHacker. CloudFlare has partnered with Parallels, the leading hosting solutions provider, to make server protection, content acceleration and malware removal easier than ever. We recently launched CloudFlare ServerShield® to all Plesk 12 users as an extension. ServerShield combines the performance and security features of CloudFlare with the malware scanning and removal solution of StopTheHacker. Whether you are a hosting provider…

Updating the DNS Registration Model to Keep Pace with Today’s Internet.

Published on by Olafur Gudmundsson.

CloudFlare is, arguably, the largest third-party DNS Authoritative operator in the world. We manage well over 1 million domains and have registrations in almost every TLD open for registrations. Our role as a DNS operator is to maintain customer information and publish their records in the global DNS. In this blog, we’ll introduce a significant problem that DNS operators like CloudFlare face when trying to provide the…

Path MTU discovery in practice

Published on by Marek Majkowski.

Last week, a very small number of our users who are using IP tunnels (primarily tunneling IPv6 over IPv4) were unable to access our services because a networking change broke "path MTU discovery" on our servers. In this article, I'll explain what path MTU discovery is, how we broke it, how we fixed it, and the open source code we used. source First There Was the…

DNSSEC Done Right

Published on by Olafur Gudmundsson.

This blog post is probably more personal than the usual posts here. It’s about why I joined CloudFlare. I’ve been working on DNSSEC evolution for a long time as implementor, IETF working group chair, protocol experimenter, DNS operator, consultant, and evangelist. These different perspectives allow me to look at the protocol in a holistic way. First and foremost, it’s important to realize the exact role…