How Cloudflare's Architecture Allows Us to Scale to Stop the Largest Attacks

Published on by Matthew Prince.

The last few weeks have seen several high-profile outages in legacy DNS and DDoS-mitigation services due to large scale attacks. Cloudflare's customers have, understandably, asked how we are positioned to handle similar attacks. While there are limits to any service, including Cloudflare, we are well architected to withstand these recent

Dyn issues affecting joint customers

Published on by Filippo Valsorda.

Today there is an ongoing, large scale Denial-of-Service attack directed against Dyn DNS. While Cloudflare services are operating normally, if you are using both Cloudflare and Dyn services, your website may be affected. Specifically, if you are using CNAME records which point to a zone hosted on Dyn, our DNS

Say Cheese: a snapshot of the massive DDoS attacks coming from IoT cameras

Published on by Marek Majkowski.

Over the last few weeks we've seen DDoS attacks hitting our systems that show that attackers have switched to new, large methods of bringing down web applications. They appear to come from an IoT botnet (like Mirai and relations) which were responsible for the large attacks against Brian Krebs. Our

How the Consumer Product Safety Commission is (Inadvertently) Behind the Internet’s Largest DDoS Attacks

Published on by Matthew Prince.

The mission of the United State's Government's Consumer Product Safety Commission (CPSC) is to protect consumers from injury by products. It's ironic then that the CPSC is playing an unwitting role in most of the largest DDoS attacks seen on the Internet. To understand how, you need to understand a