In April, we wrote about Web Cache Deception attacks, and how our customers can avoid them using origin configuration. Since our previous blog post, we have looked for but have not seen any large scale attacks like this in the wild.
The Curious Case of Caching CSRF Tokens
It is now commonly accepted as fact that web performance is critical for business. Slower sites can affect conversion rates on e-commerce stores, they can affect your sign-up rate on your SaaS service and lower the readership of your content. In the run-up to Thanksgiving and Black Friday, e-commerce sites
Ecommerce websites on Cloudflare: best practices
Cloudflare provides numerous benefits to ecommerce sites, including advanced DDOS protection and an industry-leading Web Application Firewall (WAF) that helps secure your transactions and protect customers’ private data. A key Cloudflare feature is caching, which allows content to be served closer to the end user from our global network of
Understanding Our Cache and the Web Cache Deception Attack
About a month ago, security researcher Omer Gil published the details of an attack that he calls the Web Cache Deception attack. It works against sites that sit behind a reverse proxy (like Cloudflare) and are misconfigured in a particular way.
Caching Anonymous Page Views
M42 Smart Motorway in the West Midlands, UK; courtesy of Highways England. The load time of your website not only affects your search engine rankings, but is also correlated to the conversion rate on your site: Walmart.com found that for every 1 second of page speed improvement, they experienced