August 2015 Summaries
12 posts from Cloudflare
Filter
Month:
Year:
Post Summaries
Back to Blog
On August 31, 2015, John Graham-Cumming announced the availability of Railgun v5, an improved version of CloudFlare's origin network optimizer. Key enhancements include reduced memory utilization and CPU requirements, a new wire protocol for faster data transfer, additional compression, streaming mode for large downloads, better management of connections to origin servers, and improved cryptographic infrastructure. These improvements benefit CloudFlare Optimized Partners, ecommerce sites, news sites, and popular blogs. Railgun v5 is available on Red Hat Enterprise Linux (RHEL) and CentOS 7, with installation instructions provided by CloudFlare.
Aug 31, 2015
653 words in the original blog post.
The text discusses the upcoming planning for South by Southwest (SXSW) in 2016. It encourages readers to vote for CloudFlare's panel submissions, which include topics such as internet censorship, innovation, PR strategies for startups, and encryption battles. Voting is open until September 4th, with each vote counting towards a panel or presentation's acceptance at SXSW. The text also provides details on how to create an account and vote through the PanelPicker system.
Aug 27, 2015
553 words in the original blog post.
On August 27, 2015, Cloudflare announced its 43rd point of presence (PoP) and second in Africa, located in Mombasa, Kenya. This marks the company's first PoP situated within a real-life castle-turned-data center. The new location serves networks across East Africa, reaching millions of Internet users in the region. In recent years, Africa has experienced significant growth in its underlying internet infrastructure, with international bandwidth multiplying twentyfold and internet penetration reaching 20%. Cloudflare's expansion into East Africa aims to foster the development of the African internet ecosystem by reducing latency for users in Kenya, Tanzania, Rwanda, Uganda, Ethiopia, and Mauritius.
Aug 27, 2015
625 words in the original blog post.
CloudFlare introduces Cache-Tags, a new method for purging cached content. Cache-Tags are assigned to cached content via a Cache-Tag response header and stored as metadata with cached objects. This allows global purges to take only seconds, targeting a granular, finite set of cached objects. Examples include e-commerce websites using Cache-Tags to purge all catalog images at once without affecting other assets, blogs updating JavaScript files in cache without forcing a cache miss on their CSS, and businesses purging cache of hundreds of blog pages without affecting the core platform. CloudFlare's cache is powerful but can be frustrating when content updates are delayed. Cache-Tags provide three different ways to purge the cache: individual files, all files, or by specific tags. To use Cache-Tags, developers simply add a Cache-Tag response header to objects and can purge content using CloudFlare's dashboard or API. Purges take effect globally in just a few seconds, even if the tag purged is associated with hundreds or thousands of cached files. Cache-Tag functionality is automatically enabled for all Enterprise plan websites.
Aug 19, 2015
477 words in the original blog post.
In an internal email at CloudFlare, John Graham-Cumming emphasizes the importance of supporting both new and old protocols to cater to a global audience with varying internet connections and devices. The company has been pushing for advancements like IPv6, SPDY, DNSSEC, HTTP/2, and SSL improvements while also maintaining support for older technologies. This ensures that all CloudFlare sites remain accessible to everyone using the web, regardless of their location or device. By considering who might be excluded by certain technical decisions, the company aims to create solutions that maintain speed and security without compromising accessibility.
Aug 17, 2015
394 words in the original blog post.
CloudFlare, a web performance and security company, is celebrating its 5th anniversary this September. Founded in 2010, the company has grown exponentially since its launch at TechCrunch Disrupt, signing up over two million customers today compared to just 1,000 during its beta phase. The initial beta customers played a crucial role in shaping CloudFlare's growth by providing valuable feedback and bug reports. As part of the anniversary celebration, the company is inviting current users to share their experiences with CloudFlare through short videos for a chance to attend the birthday event in San Francisco.
Aug 14, 2015
370 words in the original blog post.
CloudFlare has expanded its global network with four new points of presence (PoPs) in Doha, Qatar; Dubai, United Arab Emirates; Kuwait City, Kuwait; and Muscat, Oman. These data centers are the first wave in the company's Middle East/North Africa (MENA) expansion, making them the 39th, 40th, 41st, and 42nd data centers to join CloudFlare's network. The new PoPs will help improve internet performance for users in the region by reducing latency and improving connectivity.
Aug 10, 2015
745 words in the original blog post.
CloudFlare has been using the github.com/miekg/dns Go DNS library heavily and contributing to its development as much as possible. When Dmitry Vyukov published go-fuzz, a tool that applies fuzzing technique to Go programs, they decided to use it on their DNS library. Fuzzing is the process of testing software by continuously feeding it inputs that are automatically mutated. The go-fuzz tool uses source coverage to judge which mutations pushed the program into new paths and eventually hit many rarely-tested branches.
By using go-fuzz, CloudFlare was able to find and fix several bugs in their DNS library, including a potential Denial of Service vulnerability related to handling empty names. They also used go-fuzz for other applications such as checking output validation by adding crashing assertions to the Fuzz() function and comparing the behavior of two different versions or implementations of the same functionality.
The use of go-fuzz allowed CloudFlare to improve the robustness and security of their DNS library, which serves 43 billion queries per day. They are currently hiring in London, San Francisco, and Singapore for positions related to this work.
Aug 06, 2015
2,034 words in the original blog post.
Forrester Research, Inc. has released The Forrester Wave™: DDoS Services Providers, Q3 2015 report which ranks CloudFlare as a leader in the industry. Criteria for inclusion and ranking included attack types defended, data/scrubbing center geographic presence, detection tactics, SSL traffic inspection, current offering, strategy, market presence, customer portal features, customer references, hybrid implementation availability, system integration partners, technical development, professional services, sales staff, client base, revenue, revenue growth, and years of DDoS service offerings. The report highlights CloudFlare's fast mitigation times, high marks for service delivery, and excellent capabilities to deliver hybrid DDoS solutions.
Aug 05, 2015
407 words in the original blog post.
On August 5th, 2015, Cloudflare announced the launch of its Point-of-Presence (PoP) in Dublin, Ireland, marking their 38th global and 14th European deployment. This new PoP serves as a point of redundancy for traffic from Ireland's 3.6 million internet users, previously routed through London. The decision to establish the PoP in Dublin was influenced by its growing tech scene, known as Silicon Docks, which houses headquarters of major tech companies like Google, Facebook, Twitter, and Dropbox. Additionally, Dublin is home to Cloudflare customers Web Summit and F.ounders, two premier tech conferences. The company also hinted at a big announcement coming soon and a future PoP in a castle-turned-data center.
Aug 05, 2015
293 words in the original blog post.
A critical remotely exploitable vulnerability was discovered in BIND9 DNS server that could cause a crash with a single packet. The mistake in handling of queries for the TKEY type causes an assertion to fail, leading to a server crash. Since the exploit packet is now public, it's crucial to investigate and understand the vulnerable code. The patch for this vulnerability involves adding name = NULL before the second call to dns_message_findname in dns_tkey_processquery function. Virtual DNS customers have always been protected from this attack even if they run BIND as RRDNS, CloudFlare's custom Go DNS server, validates incoming packets and strips them down to the most simple form possible before relaying them.
Aug 04, 2015
1,357 words in the original blog post.
CloudFlare's DNS server, RRDNS, is written in Go and uses thousands of goroutines. Debugging stack traces with numerous goroutines can be challenging due to the presence of memory addresses instead of meaningful information. To address this issue, Filippo Valsorda developed a method that converts IPv4 addresses into their uint32 representation and passes them as parameters in listening goroutines. This allows for easier identification of the IP addresses on which goroutines are listening when examining stack traces. The technique can be applied to any piece of information that can be represented as an integer.
Aug 03, 2015
464 words in the original blog post.