June 05, 2019 1:00AM
Technology's Promise - Highlights from DEF CON China 1.0
Themed "Technology's Promise", DEF CON China 1.0 kicked off on 5/30 in Beijing. The Cloudflare team from Beijing, Singapore and San Francisco attended to connect with local security communities....
May 28, 2019 6:45PM
Stopping SharePoint’s CVE-2019-0604
On Saturday, 11th May 2019, we got the news of a critical web vulnerability being actively exploited in the wild by advanced persistent threats (APTs), affecting Microsoft’s SharePoint server (versions 2010 through 2019)....
March 20, 2019 1:00PM
Preventing Request Loops Using CDN-Loop
HTTP requests typically originate with a client, and end at a web server that processes the request and returns some response. Such requests may pass through multiple proxies before they arrive at the requested resource....
March 18, 2019 5:47PM
Monsters in the Middleboxes: Introducing Two New Tools for Detecting HTTPS Interception
The practice of HTTPS interception continues to be commonplace on the Internet. This blog post discusses types of monster-in-the-middle devices and software, and how to detect them....
March 15, 2019 5:01PM
RFC8482 - Saying goodbye to ANY
Ladies and gentlemen, I would like you to welcome the new shiny RFC8482, which effectively deprecates DNS ANY query type. DNS ANY was a "meta-query" - think about it as a similar thing to the common A, AAAA, MX or SRV query types, but unlike these it wasn't a real query type - it was special....
March 05, 2019 10:55PM
Stopping Drupal’s SA-CORE-2019-003 Vulnerability
Drupal discovered a severe vulnerability and said they would release a patch. When the patch was released we analysed and created rules to mitigate these. By analysing the patch we created WAF rules to protect Cloudflare customers running Drupal....
March 04, 2019 4:00PM
Building fast interpreters in Rust
March 04, 2019 1:00PM
How we made Firewall Rules
Recently we launched Firewall Rules, a new feature that allows you to construct expressions that perform complex matching against HTTP requests and then choose how that traffic is handled....
February 24, 2019 5:00PM
Cloudflare’s RPKI Toolkit
A few months ago, we made a first then a second announcement about Cloudflare’s involvement in Resource Public Key Infrastructure (RPKI), and our desire to make BGP Internet routing more secure....
February 22, 2019 7:42PM
Cloudflare Registrar at three months
Starting today, we’re excited to make Cloudflare Registrar available to all of our customers. As part of this announcement, we’d like to share some insights and data about domain registration that we learned during the early access period....
February 21, 2019 3:18PM
Cloudflare Access now supports RDP
Last fall, the United States FBI warned organizations of an increase in attacks that exploit vulnerabilities in the Remote Desktop Protocol (RDP). Attackers stole sensitive data and compromised networks by taking advantage of desktops left unprotected....
February 20, 2019 3:14PM
Stop the Bots: Practical Lessons in Machine Learning
Bot-powered credential stuffing is a scourge on the modern Internet. These attacks attempt to log into and take over a user’s account by assaulting password forms with a barrage of dictionary words and previously stolen account credentials....
February 18, 2019 1:13PM
SOCKMAP - TCP splicing of the future
Proper TCP socket splicing reduces the load on userspace processes and enables more efficient data forwarding. We realized that Linux Kernel's SOCKMAP infrastructure can be reused for this purpose....
February 07, 2019 5:00PM
Give your automated services credentials with Access service tokens
Cloudflare Access secures your internal sites by adding authentication. When a request is made to a site behind Access, Cloudflare asks the visitor to login with your identity provider....
February 05, 2019 4:00PM
Cloudflare Support for Azure Customers
Cloudflare seeks to help its end customers use whichever public and private clouds best suit their needs. Towards that goal, we have been working to make sure our solutions work well with various public cloud providers including Microsoft’s Azure platform....