HTTP requests typically originate with a client, and end at a web server that processes the request and returns some response. Such requests may pass through multiple proxies before they arrive at the requested resource.
Monsters in the Middleboxes: Introducing Two New Tools for Detecting HTTPS Interception
The practice of HTTPS interception continues to be commonplace on the Internet. This blog post discusses types of monster-in-the-middle devices and software, and how to detect them.
RFC8482 - Saying goodbye to ANY
Ladies and gentlemen, I would like you to welcome the new shiny RFC8482, which effectively deprecates DNS ANY query type. DNS ANY was a "meta-query" - think about it as a similar thing to the common A, AAAA, MX or SRV query types, but unlike these it wasn't a real query type - it was special.
Stopping Drupal’s SA-CORE-2019-003 Vulnerability
Drupal discovered a severe vulnerability and said they would release a patch. When the patch was released we analysed and created rules to mitigate these. By analysing the patch we created WAF rules to protect Cloudflare customers running Drupal.
Building fast interpreters in Rust
In the previous post we described the Firewall Rules architecture and how the different components are integrated together. We created a configurable Rust library for writing and executing Wireshark®-like filters in different parts of our stack written in Go, Lua, C, C++ and JavaScript Workers.