MORE POSTS
April 01, 2014 1:19 AM
The weird and wonderful world of DNS LOC records
A cornerstone of CloudFlare's infrastructure is our ability to serve DNS requests quickly and handle DNS attacks. To do both those things we wrote our own authoritative DNS server called RRDNS in Go. ...
March 11, 2014 4:00 PM
WordPress Pingback Attacks and our WAF
At CloudFlare a lot of our customers use WordPress, that's why we have our own plugin, we hang out at WordCamp and we wrote a WordPress specific ruleset for our Web Application Firewall....
March 05, 2014 12:00 AM
It's Go Time on Linux
Some interesting changes related to timekeeping in the upcoming Go 1.3 release inspired us to take a closer look at how Go programs keep time with the help of the Linux kernel. Timekeeping is a complex topic and determining the current time isn’t as simple as it might seem at fir...
February 23, 2014 11:00 AM
Good News: Vulnerable NTP Servers Closing Down
On Monday, February 10th, CloudFlare experienced a large DDoS attack, with nearly 400Gbps of NTP attack traffic hitting our network. ...
February 13, 2014 1:00 AM
Technical Details Behind a 400Gbps NTP Amplification DDoS Attack
On Monday we mitigated a large DDoS that targeted one of our customers. The attack peaked just shy of 400Gbps. We've seen a handful of other attacks at this scale, but this is the largest attack we've seen that uses NTP amplification....
January 09, 2014 4:00 PM
Understanding and mitigating NTP-based DDoS attacks
Over the last couple of weeks you may have been hearing about a new tool in the DDoS arsenal: NTP-based attacks. These have become popular recently and caused trouble for some gaming web sites and service providers....
December 31, 2013 6:30 PM
2013: Rebuild the Engine; 2014: Step on the Gas
It's been a busy 2013 here at CloudFlare. By all external measures it was a terrific year. We grew page views, revenue and traffic across our network – all by more than 400%. We added terrific partners and high profile customers. ...
September 13, 2013 6:00 AM
Why secure systems require random numbers
If you've been following recent news about technical spying by the US National Security Agency and the UK's Government Communications Headquarters you may have come across a claim that the NSA was involved in weakening a random number generator. ...
August 27, 2013 6:15 PM
Details Behind Today's Internet Hacks
At 1:19pm (PDT) today, a researcher noticed that the New York Times' website wasn't loading. We know the New York Times tech team, so we sent an email to check in. A few minutes later, the CTO of the NYT called us back. ...
August 27, 2013 12:10 AM
The story of a little DNS easter egg
About a year ago, we realized that CloudFlare's current DNS infrastructure had some challenges. We were using PowerDNS, an open source DNS server that is popular with hosting providers. ...
July 11, 2013 11:02 PM
Staying on top of TLS attacks
CloudFlare makes extensive use of TLS connections throughout our
service which makes staying on top of the latest news about security problems with TLS a priority. We use TLS both externally and internally and different uses of TLS have different constraints....
June 06, 2013 6:00 AM
Happy IPv6 Day: Usage On the Rise, Attacks Too
June 6th is known as World IPv6 Day so we thought it was a good time to look at the trends in IPv6 usage across CloudFlare's network. ...
April 11, 2013 9:23 PM
Patching the Internet in Realtime: Fixing the Current WordPress Brute Force Attack
There is currently a significant attack being launched at a large number of WordPress blogs across the Internet. The attacker is brute force attacking the WordPress administrative portals, using the username "admin" and trying thousands of passwords. ...
April 08, 2013 7:18 AM
How the CloudFlare Team Got Into Bondage (It's Not What You Think)
At CloudFlare, we're always looking for ways to eliminate bottlenecks. We're only able to deal with the very large amount of traffic that we handle because we've built a network that can efficiently handle an extremely high volume of network requests. ...