Three new ways teams are using Cloudflare Access
August 15, 2018
Since leaving beta three weeks ago, Cloudflare Access has become our fastest-growing subscription service. Every day, more teams are using Access to leave their VPN behind and connect to applications quickly and securely from anywhere in the world....
A Detailed Look at RFC 8446 (a.k.a. TLS 1.3)
August 10, 2018
TLS 1.3 (RFC 8446) was published today. This article provides a deep dive into the changes introduced in TLS 1.3 and its impact on the future of internet security....
The Road to QUIC
July 26, 2018
QUIC (Quick UDP Internet Connections) is a new encrypted-by-default Internet transport protocol, that provides a number of improvements designed to accelerate HTTP traffic as well as make it more secure, with the intended goal of eventually replacing TCP and TLS on the web....
Going Proactive on Security: Driving Encryption Adoption Intelligently
July 24, 2018
It's no secret that Cloudflare operates at a huge scale. Cloudflare provides security and performance to over 9 million websites all around the world, from small businesses and WordPress blogs to Fortune 500 companies. That means one in every 10 web requests goes through our network....
MORE POSTS
July 24, 2018
Today, Chrome Takes Another Step Forward in Addressing the Design Flaw That is an Unencrypted Web
I still remember my first foray onto the internet as a university student back in the mid 90's. It was a simpler time back then, of course; we weren't doing our personal banking or our tax returns or handling our medical records so encrypting the transport layer wasn't exactly a ...
- By
July 14, 2018
DNS-Over-TLS Built-In & Enforced - 1.1.1.1 and the GL.iNet GL-AR750S
Back in April, I wrote about how it was possible to modify a router to encrypt DNS queries over TLS using Cloudflare's 1.1.1.1 DNS Resolver and a GL.iNet router; the folks at GL.iNet read that blog post and decided to bake DNS-Over-TLS support into their new router using the 1.1....
- By
July 06, 2018
How to drop 10 million packets per second
Internally our DDoS mitigation team is sometimes called "the packet droppers". When other teams build exciting products to do smart things with the traffic that passed through our network, we take joy in discovering novel ways of discarding it....
- By
June 28, 2018
Delivering a Serverless API in 10 minutes using Workers
In preparation for Chrome’s Not Secure flag, which will update the indicator to show Not Secure when a site is not accessed over https, we wanted people to be able to test whether their site would pass. ...
- By
May 16, 2018
You get TLS 1.3! You get TLS 1.3! Everyone gets TLS 1.3!
It's no secret that Cloudflare has been a big proponent of TLS 1.3, the newest edition of the TLS protocol that improves both speed and security, since we have made it available to our customers starting in 2016. ...
- By
May 02, 2018
Expanding Multi-User Access on dash.cloudflare.com
One of the most common feature requests we get is to allow customers to share access to their account. This has been supported at our Enterprise level of service, but is now expanding to all customers. ...
- By
April 24, 2018
BGP leaks and cryptocurrencies
Over the few last hours, a dozen news stories have broken about how an attacker attempted (and perhaps managed) to steal cryptocurrencies using a BGP leak....
- By
April 23, 2018
Now You Can Setup Centrify, OneLogin, Ping and Other Identity Providers with Cloudflare Access
Today we would like to announce support for two more Identity Providers with Cloudflare Access: Centrify and OneLogin. If you are using Centrify or OneLogin as your identity provider you can now easily integrate them with Cloudflare Access....
- By
April 17, 2018
mmproxy - Creative Linux routing to preserve client IP addresses in L7 proxies
In previous blog post we discussed how we use the TPROXY iptables module to power Cloudflare Spectrum. With TPROXY we solved a major technical issue on the server side, and we thought we might find another use for it on the client side of our product....
- By
April 12, 2018
Introducing Spectrum: Extending Cloudflare To 65,533 More Ports
We are introducing Spectrum, which brings Cloudflare’s security and acceleration to the whole spectrum of TCP ports and protocols for our Enterprise customers. It’s DDoS protection for any box, container or VM that connects to the internet....
- By
April 12, 2018
Abusing Linux's firewall: the hack that allowed us to build Spectrum
Introducing Spectrum: a new Cloudflare feature that brings DDoS protection, load balancing, and content acceleration to any TCP-based protocol.Today we are releasing Spectrum. ...
- By
April 09, 2018
Privacy-Protecting Portable Router: Adding DNS-Over-TLS support to OpenWRT (LEDE) with Unbound
This blog post explains how you can configure an OpenWRT router to encrypt DNS traffic to Cloudflare Resolver using DNS-over-TLS....
- By
April 06, 2018
Cloudflare Argo Tunnel with Rust+Raspberry Pi
Serving content from a Rust web server running on a Raspberry Pi from your home to the world, with a Cloudflare Argo Tunnels....
- By
April 05, 2018
Argo Tunnel: A Private Link to the Public Internet
Argo Tunnel lets you deploy services that are hidden on the internet. In other words, Argo Tunnel is like a P.O. box: someone can send you packets without knowing your real address. Only Cloudflare can see the server and communicate with it....
- By





