Home / Companies / Cloudflare / Blog / September 2016

September 2016 Summaries

17 posts from Cloudflare

Filter
Month: Year:
Post Summaries Back to Blog
Cloudflare has introduced a new feature called Rate Limiting, which allows customers to control their own traffic at the edge by rate limiting, shaping or blocking traffic based on various attributes of the request. This helps protect websites and APIs fromLayer 7 DOS attacks and brute-force attempts. The service leverages Cloudflare's massive network to process and enforce rate limiting near the client, shielding the customer's application from unnecessary load. Customers can create rules with different configurations such as setting thresholds, actions, timeouts, response body types, and more. An early access program is available for interested users.
Sep 30, 2016 694 words in the original blog post.
Cloudflare has introduced two new products, Dedicated SSL Certificates and Dedicated SSL Certificates with Custom Hostnames, to provide more control over the certificates used for domains. These non-shared, customizable certificates offer features such as on-demand issuance, private key generation, and domain name branding. The new products are designed to address customer requests for greater control over their SSL/TLS settings and encryption options. Dedicated Certificates can be ordered through the Cloudflare dashboard at a cost of $5 per month for a standard certificate or $10 per month for one with custom hostnames.
Sep 30, 2016 1,799 words in the original blog post.
Cloudflare has introduced its new product, Traffic Manager, which aims to provide monitoring and load-balancing features for users. The company built this product on its existing Anycast DNS infrastructure, benefiting from its resilient DDoS protection and fast DNS performance. Traffic Manager is designed to be flexible and can support various use cases such as load balancing, failover, and geo-steering configurations. It also offers health checking functionality that allows users to define what a healthy origin means to them. The product is currently in the Early Access program, which requires some additional technical savvy and feedback from participants. Traffic Manager will be available to all Cloudflare customers later this year with usage-based charges.
Sep 29, 2016 990 words in the original blog post.
Cloudflare introduces two new products, Rate Limiting and Traffic Manager, aimed at giving customers control over their traffic on the edge network. With more than 10 trillion requests processed every month, Cloudflare's global network provides improved performance, security, and reliability for its 4 million customers. The Rate Limiting feature allows customers to rate limit, shape or block traffic based on various parameters such as IP, cookie, or authentication token, providing pinpoint control over their websites, applications, or APIs. Traffic Manager enables load balancing across multiple servers, datacenters, and geographies, ensuring reliability and handling unexpected spikes in traffic. Both products are now available for early access to all customers.
Sep 29, 2016 1,212 words in the original blog post.
On September 27, 2016, Cloudflare celebrated its sixth anniversary and launched a new brand and marketing website. The company has grown significantly since its inception, now serving over 4 million customers and expanding its global network of data centers to 100 cities. In the coming days, they plan to release more products for easy-to-manage dedicated SSL certificates, cloud-based global load balancing, and intelligent traffic management. The redesign aims to reflect the company's evolution while maintaining its core values and commitment to making the internet safer, faster, and more reliable.
Sep 27, 2016 1,042 words in the original blog post.
On September 26, 2016, Cloudflare announced its expansion into 14 new cities across five continents, making their global network one of the largest in the world. This expansion includes data centers in Angola, North America, Europe, Oceania, and Asia. The new locations improve performance, security, and reliability for millions of websites by expanding Cloudflare's surface area to fight growing attacks and serve web requests closer to users. In addition to these new data center locations, the company has doubled its aggregate edge capacity in North America since their last birthday celebration.
Sep 26, 2016 949 words in the original blog post.
CloudFlare aims to make HTTPS accessible for all its customers, providing security for their websites, improved ranking on search engines, better performance with HTTP/2, and access to browser features such as geolocation that are being deprecated for plaintext HTTP. To ensure a page is secure and can't be controlled or eavesdropped by third-parties, browsers must ensure that not only the page itself but also all its dependencies are loaded via secure channels. Automatic HTTPS Rewrites project aims to automatically reduce the amount of mixed content on customers' web pages without breaking their websites and without any delay noticeable by end users while receiving a page that is being rewritten on the fly. The solution involves using Ragel, a state machine compiler, to build fast lexers in other pieces of code, and generating C code of a state machine capable of going through characters of URLs, matching hosts, and invoking custom handlers on each found ruleset.
Sep 24, 2016 2,620 words in the original blog post.
Dolphin Valsorda, a member of CloudFlare London office, recently hosted a Tech Talk explaining the latest version of TLS (Transport Layer Security), 1.3. The key points from his talk are as follows: - TLS 1.3 is faster and safer than its predecessors. - It takes one less round trip to establish a connection compared to TLS 1.2, which can be hundreds of milliseconds. - In the case of resumption, where the client has connected to that server before, TLS 1.3 allows for zero-round trip connections (0-RTT), making it essentially zero overhead. - However, 0-RTT comes with caveats such as lack of forward secrecy against a compromise of the session ticket key and potential replay attacks. - Many features have been removed from TLS 1.3 for better security, including static RSA handshake without Diffie Hellman, CBC MAC-then-Encrypt modes, weak primitives like RC4, SHA1, MD5, compression, renegotiation, custom FFDHE groups, RSA PKCS#1v1.5, and explicit nonces. - A clever solution has been implemented to prevent downgrading from TLS 1.3 to older versions if they are found to be weaker in the future. - The TLS 1.3 spec is on GitHub, allowing anyone to contribute to its development.
Sep 23, 2016 1,883 words in the original blog post.
CloudFlare aims to make the internet more secure by encouraging websites to adopt HTTPS, a protocol that encrypts data sent between web servers and users' browsers. However, many sites still suffer from "mixed content" issues where some elements are served over insecure HTTP connections, compromising overall security. Fixing this problem can be challenging due to the complexity of modern websites and the need for all subresources to be served over HTTPS. CloudFlare has introduced a new feature called Automatic HTTPS Rewrites that automatically upgrades http:// URIs to https:// if they are known to be capable of using HTTPS, making it easier for website owners to transition their sites to full HTTPS.
Sep 22, 2016 1,685 words in the original blog post.
Cloudflare has introduced Opportunistic Encryption, a new technology that provides an additional level of security for websites not yet using HTTPS. This encryption method allows servers to accept HTTP requests over an encrypted connection, enabling the use of HTTP/2 connections for non-HTTPS sites. Combined with TLS 1.3 and HTTP/2 Server Push, Opportunistic Encryption can result in significant performance gains while also providing security benefits. The technology is now available to all Cloudflare customers, enabled by default for Free and Pro plans.
Sep 21, 2016 1,351 words in the original blog post.
Cloudflare introduces three new encryption features to improve security and performance for its customers, making all of them available for free. The first feature is TLS 1.3, which offers more secure connections and faster page load times compared to previous versions. Secondly, Automatic HTTPS Rewrites helps site owners address mixed content issues so they can upgrade their sites to HTTPS safely. Lastly, Opportunistic Encryption allows HTTP websites to be accessed over an encrypted HTTP/2 connection, providing some benefits of HTTPS and enabling the use of HTTP/2 for improved load times. These features contribute towards Cloudflare's goal of putting an end to the unencrypted Internet.
Sep 20, 2016 1,296 words in the original blog post.
CloudFlare has introduced TLS 1.3, a new encryption protocol that improves both speed and security for Internet users. The Transport Layer Security (TLS) is an evolution of Secure Sockets Layer (SSL), which secures communication on the internet. TLS 1.3 removes support for older broken forms of cryptography, enhancing its security. It also speeds up page load times by reducing the number of round-trips needed to complete a handshake between the browser and website. The protocol is available to all CloudFlare customers and will be supported by major browsers in the coming months.
Sep 20, 2016 1,161 words in the original blog post.
On September 19, 2016, Rahul Mahajan discussed how WordPress and CloudFlare have always been a successful combination for websites. With the introduction of CloudFlare's new WordPress plugin, it is now easier than ever to make a site 60% faster. The plugin offers one-click installation of recommended settings specifically designed for WordPress, along with features such as web application firewall rulesets, automatic cache purge, and adjustable security levels. Users can also view analytics within the plugin itself without needing to navigate to the cloudflare.com dashboard. To use the plugin, a CloudFlare account is required, which can be easily set up during installation from the WordPress admin dashboard.
Sep 19, 2016 355 words in the original blog post.
On September 21, 2016 at 10am PT/1pm ET, David Holzer and Matthew Silverlock will discuss best practices for adopting and deploying microservices securely. They will cover the differences between microservices, SOA, and monolithic architectures, as well as strategies to avoid continuous delivery of new vulnerabilities, limit attack vectors on a growing number of API endpoints, and protect internet-facing services from resource exhaustion. This session offers valuable insights for developers looking to improve their application design, development, and security practices.
Sep 16, 2016 132 words in the original blog post.
On September 15th, a second Internet Summit will be held at Cloudflare's offices in San Francisco featuring discussions on policy, technology, privacy, and business. Sir Tim Berners-Lee, the founder of the World Wide Web, is set to participate in a fireside chat session. The summit aims to cover topics such as the web's history, global expansion, and online privacy and freedom of expression. Interested attendees can sign up through the provided link.
Sep 13, 2016 164 words in the original blog post.
On September 1, 2016, CloudFlare reported a complete shutdown of internet access to its sites from Gabon. As of September 5, internet connectivity in Gabon was partially restored with some news reports suggesting that access to social media sites remained restricted. The situation is being monitored for any changes and updates will be provided accordingly. On September 6, an overnight "curfew" was observed where the internet was disabled and re-enabled the following morning. This pattern repeated on September 7 as well.
Sep 05, 2016 141 words in the original blog post.
On September 1st, 2016, a second day of rioting in Gabon coincided with an internet blackout. Residents reported that internet access had been cut off and Cloudflare confirmed the sudden shutdown of internet access from Gabon to its sites. The three graphs show major networks within Gabon shutting down suddenly with only a small amount of traffic getting through. Internet access was shut down at different times for different networks, and as of writing, the internet appears almost completely cut off in Gabon. An update on September 2nd, 1130 UTC reported that the internet remains disconnected in Gabon with only a tiny trickle of traffic from one network.
Sep 01, 2016 243 words in the original blog post.