June 28, 2018 5:40 PM
In preparation for Chrome’s Not Secure flag, which will update the indicator to show Not Secure when a site is not accessed over https, we wanted people to be able to test whether their site would pass. ...
May 16, 2018 5:28 PM
It's no secret that Cloudflare has been a big proponent of TLS 1.3, the newest edition of the TLS protocol that improves both speed and security, since we have made it available to our customers starting in 2016. ...
May 02, 2018 3:00 PM
One of the most common feature requests we get is to allow customers to share access to their account. This has been supported at our Enterprise level of service, but is now expanding to all customers. ...
April 24, 2018 10:31 PM
Over the few last hours, a dozen news stories have broken about how an attacker attempted (and perhaps managed) to steal cryptocurrencies using a BGP leak....
April 23, 2018 7:08 PM
Today we would like to announce support for two more Identity Providers with Cloudflare Access: Centrify and OneLogin. If you are using Centrify or OneLogin as your identity provider you can now easily integrate them with Cloudflare Access....
April 12, 2018 1:01 PM
We are introducing Spectrum, which brings Cloudflare’s security and acceleration to the whole spectrum of TCP ports and protocols for our Enterprise customers. It’s DDoS protection for any box, container or VM that connects to the internet....
April 12, 2018 1:00 PM
Introducing Spectrum: a new Cloudflare feature that brings DDoS protection, load balancing, and content acceleration to any TCP-based protocol.Today we are releasing Spectrum. ...
April 09, 2018 7:20 PM
This blog post explains how you can configure an OpenWRT router to encrypt DNS traffic to Cloudflare Resolver using DNS-over-TLS....
April 06, 2018 2:00 PM
Serving content from a Rust web server running on a Raspberry Pi from your home to the world, with a Cloudflare Argo Tunnels....
April 05, 2018 1:00 PM
Argo Tunnel lets you deploy services that are hidden on the internet. In other words, Argo Tunnel is like a P.O. box: someone can send you packets without knowing your real address. Only Cloudflare can see the server and communicate with it....
April 03, 2018 4:00 PM
How great would it be to have a dashboard with a holistic view of threats, malicious server activity, vulnerabilities, sensitive data access levels and a daily scan of resources across all of your applications and services? Now you can. ...
March 27, 2018 12:00 PM
Compression is often considered an essential tool when reducing the bandwidth usage of internet services. The impact that the use of such compression schemes can have on security, however, has often been overlooked. ...
March 24, 2018 2:59 AM
The success of Certificate Transparency rests on the existence of a robust ecosystem of logs and log operators. Without logs that CAs can depend on, it’s not practical for browsers to require that SSL certificates have been logged to be trusted—as Chrome plans to do on April 30....
March 23, 2018 2:45 PM
Certificate Transparency (CT) is an ambitious project to help improve security online by bringing accountability to the system that protects HTTPS. Cloudflare is announcing support for this project by introducing two new public-good services....
March 12, 2018 4:00 PM
On June 4, Cloudflare will be dropping support for TLS 1.0 and 1.1 on api.cloudflare.com. Additionally, the dashboard will be moved from www.cloudflare.com/a to dash.cloudflare.com and will require a browser that supports TLS 1.2 or higher....
March 06, 2018 3:46 PM
A week ago we published a story about new amplification attacks using memcached protocol on UDP port 11211. A few things happened since then: Github announced it was a target of 1.3Tbps memcached attack. OVH and Arbor reported similar large attacks with the peak reported at 1.7Tb...
February 26, 2018 12:04 PM
Last week Troy Hunt launched his Pwned Password v2 service which has an API handled and cached by Cloudflare using a clever anonymity scheme. The following simple code can check if a password exists in Troy's database without sending the password to Troy....
February 21, 2018 7:00 PM
Today, v2 of Pwned Passwords was released as part of the Have I Been Pwned service offered by Troy Hunt. Containing over half a billion real world leaked passwords, this database provides a vital tool for correcting the course of how the industry combats modern threats against pa...
February 21, 2018 7:00 PM
Both in our real lives, and online, there are times where we need to authenticate ourselves - where we need to confirm we are who we say we are. This can be done using three things....
