November 2014 Summaries
4 posts from Cloudflare
Filter
Month:
Year:
Post Summaries
Back to Blog
The text provides tips for preparing ecommerce websites for increased traffic during the holiday season. It suggests ensuring that your hosting plan can handle spikes in traffic, reducing unwanted requests to infrastructure, using CloudFlare IP addresses to prevent attacks, and configuring caching settings for optimal performance. Additionally, it recommends installing mod_cloudflare for accurate back-end analytics, turning on Auto Minification and Rocket Loader for faster page rendering, utilizing Mirage for lazy loading of images, and enabling Polish for image compression. Lastly, the text mentions that purging individual files from CloudFlare's cache can help ensure last-minute changes are seen by visitors.
Nov 17, 2014
1,039 words in the original blog post.
On November 11, 2014, Andrew A. Schafer announced that CloudFlare's blog is now running on the open-source blogging platform Ghost. The collaboration began when CloudFlare reached out to Ghost to help improve the speed and security of their hosted service, Ghost(Pro). In March, Ghost integrated CloudFlare across its entire Pro network, and later, the CloudFlare blog switched to Ghost as well. This change brought improvements in RSS feeds, tag and author archives, and writing tools for the CloudFlare team. The open-source nature of Ghost aligns with CloudFlare's values, making it a platform they are proud to support.
Nov 11, 2014
248 words in the original blog post.
Google's Chrome and Mozilla's Firefox browsers will be changing their policies regarding certain web site certificates in upcoming versions. Starting with Chrome 39, certificates signed with a SHA-1 signature algorithm will be considered less trusted than those signed with a more modern SHA-2 algorithm. By Chrome 41, any website with a certificate that expires in 2016 or later will be shown as untrusted if either the certificate is signed with a SHA-1 algorithm or one of the certificates in its trust chain is signed with a SHA-1 algorithm (roots are exceptions). This change may affect many website owners, who need to re-issue their SHA-1 certificates with a shorter expiration period or upgrade to SHA-2. However, not all web browsers support SHA-2 certificates, such as Windows XP SP2. CloudFlare has reissued all certificates for paid customers, ensuring that their sites will be viewable by visitors on Windows XP SP2 and Chrome.
Nov 10, 2014
749 words in the original blog post.
This blog post discusses some complications associated with Domain Name System Security Extensions (DNSSEC), an extension to the Domain Name System (DNS) that provides a system of trust for DNS records. The main issues are zone content exposure, key management, and the impact on DNS reflection/amplification attacks. Zone content exposure occurs when enabling DNSSEC may expose otherwise obscured zone content. Key management is another concern as DNSSEC was designed to operate in various modes, each providing different security, performance, and convenience tradeoffs. Lastly, operators running an authoritative DNS server are often nervous their server will be used as a conduit for malicious distributed denial of service (DDoS) attacks due to the fact that DNS uses UDP, a stateless protocol. CloudFlare is working on solutions to address these issues and reduce any negative impact they might have.
Nov 05, 2014
2,631 words in the original blog post.