Cloudflare Blog: Security

April 29, 2015 3:30PM

Introducing Multi-User Organizations: Share An Account Without Sharing A Login

Multi-User Dashboard 2FA Product News Security

An enterprise needs security and controls around access. Your web developer needs to update your website’s logo and make sure it’s live immediately, but doesn’t need access to your SSL keys....

Dani Grant

April 21, 2015 11:14PM

Contributing back to the security community

CFSSL RSA Events Security

This Friday at the RSA Conference in San Francisco, along with Marc Rogers, Principal Security Researcher at CloudFlare, I'm speaking about a version of The Grugq's PORTAL, an open source network security device designed to make life easier and safer....

Ryan Lackey

February 27, 2015 11:50PM

Protecting web origins with Authenticated Origin Pulls

TLS Partners Security

As we have been discussing this week, securing the connection between CloudFlare and the origin server is arguably just as important as securing the connection between end users and CloudFlare....

Rajeev Sharma

February 26, 2015 1:25AM

Enforce Web Policy with HTTP Strict Transport Security (HSTS)

SSL HTTPS Dashboard Security Crypto Week

HTTP Strict Transport Security (HSTS, RFC 6797) is a web security policy technology designed to help secure HTTPS web servers against downgrade attacks....

Ryan Lackey

February 24, 2015 8:15PM

Universal SSL: Encryption all the way to the origin, for free

HTTPS CFSSL Universal SSL Encryption Certificate Authority Security

Last September, CloudFlare unveiled Universal SSL, enabling HTTPS support for all sites by default. All sites using CloudFlare now support strong cryptography from the browser to CloudFlare’s servers....

Nick Sullivan

February 24, 2015 2:20PM

TLS Session Resumption: Full-speed and Secure

At CloudFlare, making web sites faster and safer at scale is always a driving force for innovation. We introduced “Universal SSL” to dramatically increase the size of the encrypted web....

By

Zi Lin

TLS , Speed & Reliability , Universal SSL , Encryption , Speed

February 23, 2015 8:22PM

Do the ChaCha: better mobile performance with cryptography

CloudFlare is always trying to improve customer experience by adopting the latest and best web technologies so that our customers (and their visitors) have a fast and a secure web browsing experience....

By

Nick Sullivan

TLS , Speed & Reliability , HTTPS , SSL , Security

February 23, 2015 6:51PM

End of the road for RC4

Today, we completely disabled the RC4 encryption algorithm for all SSL/TLS connections to CloudFlare sites. It's no longer possible to connect to any site that uses CloudFlare using RC4....

By

John Graham-Cumming

RC4 , Encryption , TLS , SSL , Security

February 23, 2015 12:35PM

SSL Week Means Less Weak SSL

I'm excited to announce that today kicks off SSL Week at CloudFlare. Over the course of this week, we'll make a series of announcements on what we're doing to improve encryption on the Internet....

By

Matthew Prince

Speed & Reliability , Universal SSL , SSL , Security , Crypto Week

January 21, 2015 9:47PM

Flexible SSL & Wordpress: Fixing “Mixed Content” Errors

As many are aware, CloudFlare launched Universal SSL several months ago. We saw lots of customers sign up and start using these new, free SSL certificates. For many customers that didn’t already have an SSL certificate, they were able to use “Flexible SSL”....

By

David Fritsch

WordPress , HTTPS , Mixed Content Errors , SSL , Security

December 22, 2014 9:08PM

Kyoto Tycoon Secure Replication

Kyoto Tycoon is a distributed key-value store written by FAL Labs, and it is used extensively at CloudFlare. Like many popular key-value stores, Kyoto Tycoon uses timestamp-based replication to ensure eventual consistency and guarantee ordering....

By

Nick Sullivan

TLS , HTTPS , Security

November 10, 2014 11:28PM

CloudFlare and SHA-1 Certificates

At CloudFlare, we’re dedicated to ensuring sites are not only secure, but also available to the widest audience. In the coming months, both Google’s Chrome browser and Mozilla’s Firefox browser are changing their policy with respect to certain web site certificates....

By

Nick Sullivan

Chrome , Firefox , HTTPS , Security

October 14, 2014 10:37PM

SSLv3 Support Disabled By Default Due to POODLE Vulnerability

For the last week we've been tracking rumors about a new vulnerability in SSL. This specific vulnerability, which was just announced, targets SSLv3....

By

Matthew Prince

Vulnerabilities , SSL , HTTPS , TLS , Security

October 07, 2014 11:39AM

DNSSEC: An Introduction

At CloudFlare our mission is to help build a better Internet. Part of this effort includes making web sites faster, more reliable, and more trustworthy....

By

Nick Sullivan

DNSSEC , Universal SSL , SSL , DNS , Security