Understanding Our Cache and the Web Cache Deception Attack

Published on by Joshua Liebow-Feeser.

About a month ago, security researcher Omer Gil published the details of an attack that he calls the Web Cache Deception attack. It works against sites that sit behind a reverse proxy (like Cloudflare) and are misconfigured in a particular way. Unfortunately, the definition of "misconfigured" for the purposes of

Cloudflare Rate Limiting - Insight, Control, and Mitigation against Layer 7 DDoS Attacks

Published on by Timothy Fong.

Today, Cloudflare is extending its Rate Limiting service by allowing any of our customers to sign up. Our Enterprise customers have enjoyed the benefits of Cloudflare’s Rate Limiting offering for the past several months. As part of our mission to build a better internet, we believe that everyone should

DDoS Ransom: An Offer You Can Refuse

Published on by Justin Paine.

Cloudflare has covered DDoS ransom groups several times in the past. First, we reported on the copycat group claiming to be the Armada Collective and then not too long afterwards, we covered the "new" Lizard Squad. While in both cases the groups made threats that were ultimately empty, these types

The Internet is Hostile: Building a More Resilient Network

Published on by Jérôme Fleury.

In a recent post we discussed how we have been adding resilience to our network. The strength of the Internet is its ability to interconnect all sorts of networks — big data centers, e-commerce websites at small hosting companies, Internet Service Providers (ISP), and Content Delivery Networks (CDN) — just to name