Subscription confirmed. Thank you for subscribing!
June 04, 2014 9:00AM
Great news for everyone using CloudFlare on an e-commerce site, or a site accepting or processing credit card transactions. After undergoing a Payment Card Industry (PCI) Data Security Standard (DSS) 2.0 security control assessment, we’ve been certified as a Level 1 service provider....
March 11, 2014 4:00PM
At CloudFlare a lot of our customers use WordPress, that's why we have our own plugin, we hang out at WordCamp and we wrote a WordPress specific ruleset for our Web Application Firewall....
January 21, 2014 4:00PM
An attack on your site could be catastrophic. Even a small attack can have major implications. Responding quickly to an attack is imperative....
October 03, 2013 12:00PM
A critical zero-day vulnerability was published today affecting any hosting provider using WHMCS. As part of building a safer web, CloudFlare has added a ruleset to our Web Application Firewall (WAF) to block the published attack vector....
August 23, 2013 6:31AM
We use nginx throughout our network for front-line web serving, proxying and traffic filtering. In some cases, we've augmented the core C code of nginx with our own modules, but recently we've made a major move to using Lua in conjunction with nginx. One project that's now almost entirely written in Lua is the new CloudFlare WAF that we blogged about the other day. The Lua WAF uses the nginx Lua module to embed Lua code and execute that code as part of the normal nginx handling of phases. The entire execution of the WAF is actually handled by the following nginx configuration: location / { set $backend_waf "WAF_CORE"; default_type 'text/plain'; access_by_lua ' local waf = require "waf" waf.execute() '; } The access_by_lua directive tells nginx to...
More Posts
