\n \n
Good security depends on having a lot of information and being able to react to it quickly. One of the problems with traditional web security has been that it relies on installing an appliance or software.
Once buried deep in a network, it is difficult for these security layers to receive updates on new threats, and even more difficult for them to relay information about the emerging threats they may have seen. As such, even security systems with a large installed base had a hard time getting smarter and responding to emerging threats.
CloudFlare's approach to security from the beginning has been different. Instead of hiding our appliance deep in the network, we built a performance and security network in the cloud. Our goal was to get as many sites as possible behind our network and form a sort of "neighborhood watch" for the Internet. The founding idea was that whenever any site on CloudFlare was attacked, information about the attack would immediately be shared with the rest of the network so we could all be better protected together.
To make this happen, today CloudFlare analyzes hundreds of megabytes of log data every minute looking for anomalies that indicate a potential attack. For example, we watch for visitors that generate a large number of Page Not Found (404) errors across multiple sites since this is a tell-tale sign of an attacker scanning for a vulnerability. We measure the rate at which crawlers move from page to page in order to sort human from non-human traffic. We look for signatures of known attacks as they are POSTed to forms. We record all the connections from zombie botnets during denial of service attacks. And, even once when we have stopped a potential threat, we continue to monitor the attacker for new, previously unknown behaviors that are then incorporated back into CloudFlare's security layer.
Spotting new security threats, however, is only half the battle. Of equal importance is ensuring that legitimate users are allowed to get through unhindered. To ensure this, CloudFlare's systems not only watch for evidence of bad behavior, but also evidence of good behavior. A web surfer who crawls in a way that statistically resembles a human visitor -- downloading images and CSS, following logical paths through a website, executing javascript and storing cookies -- gets a positive score making their behavior less likely to be challenged. If someone is challenged and they successfully pass the CAPTCHA that helps their score as well. Adding to these automated systems, information from the thousands of CloudFlare users TRUSTing and BLOCKing visitors on their own sites gets fed back into our security engine helping us get smarter over time.
We watch our false negative (when an attacker gets through) and false positive (when a legitimate visitor is stopped) metrics carefully and are proud that both metrics already rival enterprise-class security systems. That is in no small part because of all the existing members of the CloudFlare community. Every site that joins CloudFlare, whether a small personal blog or a major enterprise site, feeds data back to the community. And, together, with each new site that joins CloudFlare, we will continue to get smarter and smarter together toward our goal of securing and accelerating the entire Internet.
"],"published_at":[0,"2011-04-05T16:41:00.000+01:00"],"updated_at":[0,"2024-10-10T00:37:39.353Z"],"feature_image":[0,"https://cf-assets.www.cloudflare.com/zkvhlag99gkb/vzmAZK7Fmb7tGJdLmxhvO/09f29d1f8e4f6b548b3d1069f8c328b6/smarter-web-security-with-your-help.jpg"],"tags":[1,[[0,{"id":[0,"1AyqklWs7kExQEHm1fe6po"],"name":[0,"Community"],"slug":[0,"community"]}]]],"relatedTags":[0],"authors":[1,[[0,{"name":[0,"Matthew Prince"],"slug":[0,"matthew-prince"],"bio":[0,"A little bit geek, wonk, and nerd. Repeat entrepreneur, recovering lawyer, and former ski instructor. Co-founder & CEO of Cloudflare (NYSE: NET)."],"profile_image":[0,"https://cf-assets.www.cloudflare.com/zkvhlag99gkb/1VD9WePJ1jvjFwuSRF0IfQ/5e4f7d5fd4825358b33b2ead623140d8/matthew-prince.jpeg"],"location":[0,"San Francisco, CA"],"website":[0,null],"twitter":[0,"@eastdakota"],"facebook":[0,null]}]]],"meta_description":[0,null],"primary_author":[0,{}],"localeList":[0,{"name":[0,"Smarter Web Security, With Your Help Config"],"enUS":[0,"English for Locale"],"zhCN":[0,"No Page for Locale"],"zhHansCN":[0,"No Page for Locale"],"zhTW":[0,"No Page for Locale"],"frFR":[0,"No Page for Locale"],"deDE":[0,"No Page for Locale"],"itIT":[0,"No Page for Locale"],"jaJP":[0,"No Page for Locale"],"koKR":[0,"No Page for Locale"],"ptBR":[0,"No Page for Locale"],"esLA":[0,"No Page for Locale"],"esES":[0,"No Page for Locale"],"enAU":[0,"No Page for Locale"],"enCA":[0,"No Page for Locale"],"enIN":[0,"No Page for Locale"],"enGB":[0,"No Page for Locale"],"idID":[0,"No Page for Locale"],"ruRU":[0,"No Page for Locale"],"svSE":[0,"No Page for Locale"],"viVN":[0,"No Page for Locale"],"plPL":[0,"No Page for Locale"],"arAR":[0,"No Page for Locale"],"nlNL":[0,"No Page for Locale"],"thTH":[0,"No Page for Locale"],"trTR":[0,"No Page for Locale"],"heIL":[0,"No Page for Locale"],"lvLV":[0,"No Page for Locale"],"etEE":[0,"No Page for Locale"],"ltLT":[0,"No Page for Locale"]}],"url":[0,"https://blog.cloudflare.com/smarter-web-security-with-your-help"],"metadata":[0,{"title":[0],"description":[0],"imgPreview":[0,""]}]}],"translations":[0,{"posts.by":[0,"By"],"footer.gdpr":[0,"GDPR"],"lang_blurb1":[0,"This post is also available in {lang1}."],"lang_blurb2":[0,"This post is also available in {lang1} and {lang2}."],"lang_blurb3":[0,"This post is also available in {lang1}, {lang2} and {lang3}."],"footer.press":[0,"Press"],"header.title":[0,"The Cloudflare Blog"],"search.clear":[0,"Clear"],"search.filter":[0,"Filter"],"search.source":[0,"Source"],"footer.careers":[0,"Careers"],"footer.company":[0,"Company"],"footer.support":[0,"Support"],"footer.the_net":[0,"theNet"],"search.filters":[0,"Filters"],"footer.our_team":[0,"Our team"],"footer.webinars":[0,"Webinars"],"page.more_posts":[0,"More posts"],"posts.time_read":[0,"{time} min read"],"search.language":[0,"Language"],"footer.community":[0,"Community"],"footer.resources":[0,"Resources"],"footer.solutions":[0,"Solutions"],"footer.trademark":[0,"Trademark"],"header.subscribe":[0,"Subscribe"],"footer.compliance":[0,"Compliance"],"footer.free_plans":[0,"Free plans"],"footer.impact_ESG":[0,"Impact/ESG"],"posts.follow_on_X":[0,"Follow on X"],"footer.help_center":[0,"Help center"],"footer.network_map":[0,"Network Map"],"header.please_wait":[0,"Please Wait"],"page.related_posts":[0,"Related posts"],"search.result_stat":[0,"Results {search_range} of {search_total} for {search_keyword}"],"footer.case_studies":[0,"Case Studies"],"footer.connect_2024":[0,"Connect 2024"],"footer.terms_of_use":[0,"Terms of Use"],"footer.white_papers":[0,"White Papers"],"footer.cloudflare_tv":[0,"Cloudflare TV"],"footer.community_hub":[0,"Community Hub"],"footer.compare_plans":[0,"Compare plans"],"footer.contact_sales":[0,"Contact Sales"],"header.contact_sales":[0,"Contact Sales"],"header.email_address":[0,"Email Address"],"page.error.not_found":[0,"Page not found"],"footer.developer_docs":[0,"Developer docs"],"footer.privacy_policy":[0,"Privacy Policy"],"footer.request_a_demo":[0,"Request a demo"],"page.continue_reading":[0,"Continue reading"],"footer.analysts_report":[0,"Analyst reports"],"footer.for_enterprises":[0,"For enterprises"],"footer.getting_started":[0,"Getting Started"],"footer.learning_center":[0,"Learning Center"],"footer.project_galileo":[0,"Project Galileo"],"pagination.newer_posts":[0,"Newer Posts"],"pagination.older_posts":[0,"Older Posts"],"posts.social_buttons.x":[0,"Discuss on X"],"search.icon_aria_label":[0,"Search"],"search.source_location":[0,"Source/Location"],"footer.about_cloudflare":[0,"About Cloudflare"],"footer.athenian_project":[0,"Athenian Project"],"footer.become_a_partner":[0,"Become a partner"],"footer.cloudflare_radar":[0,"Cloudflare Radar"],"footer.network_services":[0,"Network services"],"footer.trust_and_safety":[0,"Trust & Safety"],"header.get_started_free":[0,"Get Started Free"],"page.search.placeholder":[0,"Search Cloudflare"],"footer.cloudflare_status":[0,"Cloudflare Status"],"footer.cookie_preference":[0,"Cookie Preferences"],"header.valid_email_error":[0,"Must be valid email."],"search.result_stat_empty":[0,"Results {search_range} of {search_total}"],"footer.connectivity_cloud":[0,"Connectivity cloud"],"footer.developer_services":[0,"Developer services"],"footer.investor_relations":[0,"Investor relations"],"page.not_found.error_code":[0,"Error Code: 404"],"search.autocomplete_title":[0,"Insert a query. Press enter to send"],"footer.logos_and_press_kit":[0,"Logos & press kit"],"footer.application_services":[0,"Application services"],"footer.get_a_recommendation":[0,"Get a recommendation"],"posts.social_buttons.reddit":[0,"Discuss on Reddit"],"footer.sse_and_sase_services":[0,"SSE and SASE services"],"page.not_found.outdated_link":[0,"You may have used an outdated link, or you may have typed the address incorrectly."],"footer.report_security_issues":[0,"Report Security Issues"],"page.error.error_message_page":[0,"Sorry, we can't find the page you are looking for."],"header.subscribe_notifications":[0,"Subscribe to receive notifications of new posts:"],"footer.cloudflare_for_campaigns":[0,"Cloudflare for Campaigns"],"header.subscription_confimation":[0,"Subscription confirmed. Thank you for subscribing!"],"posts.social_buttons.hackernews":[0,"Discuss on Hacker News"],"footer.diversity_equity_inclusion":[0,"Diversity, equity & inclusion"],"footer.critical_infrastructure_defense_project":[0,"Critical Infrastructure Defense Project"]}]}" client="load" opts="{"name":"PostCard","value":true}" await-children="">Smarter Web Security, With Your Help
April 05, 2011 3:41 PM
Good security depends on having a lot of information and being able to react to it quickly. One of the problems with traditional web security has been that it relies on installing an appliance or software.
...
Meet-up With CloudFlare
April 04, 2011 10:08 PM
CloudFlare has such a vibrant community, so we thought, why not bring them all together? Over the next several weeks, we are bringing together fantastic groups for a series of meetups. We will host many here in the CloudFlare office, as well as one in Boston....
Introducing the CloudFlare Joomla Extension
March 16, 2011 1:31 AM
The CloudFlare team takes a great deal of pride in listening to the feedback of our users. We're pleased to announce that we recently released a beta version of our CloudFlare Joomla extension that will help you get the most out of using Joomla and CloudFlare together.
...
CloudFlare Adds Multiple Language Support
March 02, 2011 12:02 AM
CloudFlare, with the help of many of our community members, has recently added support for 8 additional
languages on the CloudFlare challenge page....
Welcome to the Team!
September 20, 2010 11:25 PM
We have a new face around Cloudflare. Damon Billian came on-board in early September and is here to focus on the Cloudflare community. We believe in building a strong community since one of the powerful things about Cloudflare is that with every new site on the system, the system gets smarter....