April 2024 Summaries
34 posts from Cloudflare
Filter
Month:
Year:
Post Summaries
Back to Blog
In the first quarter of 2024, numerous Internet disruptions occurred due to various reasons such as cable cuts, military action, cyberattacks, government-directed shutdowns, power outages, and technical problems. Damage to both terrestrial and submarine cables caused issues in several locations, while ongoing geopolitical conflicts impacted connectivity in other areas. Governments in some African countries ordered Internet shutdowns, focusing heavily on mobile connectivity. Cyberattacks by malicious actors also disrupted Internet connectivity in multiple regions. Power outages and technical problems further contributed to the observed disruptions during this period.
Apr 29, 2024
4,423 words in the original blog post.
Cloudflare has released software development kits (SDKs) for Typescript, Go and Python, allowing developers to create new zones in their account using these languages. The SDKs were previously maintained manually by one or more individuals, but have now been transitioned to OpenAPI for generating the SDKs. This change ensures that all languages are covered and reduces the likelihood of human error. Cloudflare's goal is to use OpenAPI for more than just documentation, with plans to generate SDKs in other languages as well.
Apr 23, 2024
2,911 words in the original blog post.
Cloudflare has been recognized in the Gartner® Magic Quadrant™ for Security Service Edge (SSE) report for the second consecutive year. The company is one of only ten vendors acknowledged in this report, and it was named a Customers’ Choice for 2024 by Gartner. Cloudflare's SSE platform includes capabilities such as Zero Trust access control, DNS filtering, Secure Web Gateway, CASB, Digital Experience Monitoring, and data security. The company plans to continue investing in these areas and expanding its offerings to help customers secure their teams and applications.
Apr 18, 2024
3,091 words in the original blog post.
Dolphin introduces Meta Llama 3, a new AI model developed by Meta, which is now available for developers worldwide through Workers AI platform. This partnership aims to bring open-source models to the inference platform and simplify the process of building AI applications. Llama 3 offers leading performance on various industry benchmarks and supports an increased number of training tokens, allowing a better understanding of language intricacies. The new model also introduces efficient tokenizers and improved attention mechanisms for enhanced efficiency. Meta has released additional tools such as Llama Guard 2, Code Shield, and CyberSec Eval 2, which are expected to be available on the Workers AI platform soon.
Apr 18, 2024
672 words in the original blog post.
Quishing, or QR phishing, is an emerging form of cyber threat that leverages QR codes to obfuscate malicious content and bypass detection engines optimized for catching phish. QR codes are popular in phishing attacks due to their strong error correction capabilities, versatility, and the fact that they can be seamlessly layered with other obfuscation techniques. Cloudflare has been at the forefront of defending against quishing attacks by employing a multi-faceted approach that includes machine learning detection models, proactive computer vision models, and continuous updates to their tools for trending obfuscation techniques. Users are encouraged to be vigilant and submit instances of quish to help improve defense strategies against this evolving threat.
Apr 17, 2024
1,982 words in the original blog post.
The 17th edition of Cloudflare's DDoS threat report reveals a significant increase in Distributed Denial of Service (DDoS) attacks during the first quarter of 2024, with 4.5 million mitigated by their systems - a 50% year-over-year increase. DNS-based DDoS attacks have become the most prominent attack vector, increasing by 80% year-over-year. The Information Technology and Internet industry was the most targeted by network-layer DDoS attacks, while the Gaming and Gambling industry was the number one most attacked globally by HTTP DDoS attacks.
Apr 16, 2024
2,577 words in the original blog post.
The author has joined Cloudflare as Chief Partner Officer to drive innovation and impact through channel partnerships. They believe in fostering collaborative, value-driven partnerships that involve building ecosystems where partners jointly navigate challenges, innovate together, and thrive in a rapidly evolving global marketplace. The author is excited about joining Cloudflare due to its innovative technology, impactful mission of helping build a better Internet, culture of collaboration, global reach and impact, and endless opportunities for growth. They look forward to working with partners worldwide to contribute to this mission.
Apr 15, 2024
804 words in the original blog post.
On April 13, 2024, Iran launched a coordinated retaliatory attack on Israel, resulting in shifts in Internet traffic for both countries. Following the attack, Israeli internet traffic surged by 75% as people sought news updates, predominantly through mobile devices. In contrast, Palestinian territories experienced a noticeable drop in traffic during the same period. Traffic patterns in Iran also showed a decline, which was attributed to the conclusion of Ramadan. Despite these shifts, no significant changes have been observed in application layer attacks targeting Israel. Cloudflare continues to monitor the situation and encourages users to follow their updates on various platforms.
Apr 14, 2024
604 words in the original blog post.
Let's Encrypt, a certificate authority used by Cloudflare, will be relying on its own root CA, ISRG Root X1, instead of two distinct chains after September 30, 2024. This change will impact legacy devices and systems that rely exclusively on the cross-signed chain and lack the ISRG X1 root in their trust store. Cloudflare is committed to ensuring compatibility with older devices affected by this change without requiring any manual modifications from its customers. The company has built a robust TLS certificate pipeline, which ensures high availability, adherence to best security practices, and support for all clients, both legacy and modern.
Apr 12, 2024
2,795 words in the original blog post.
Cloudflare has released Foundation DNS, a new advanced authoritative DNS service designed for enterprise customers. The service offers enhanced reliability, security, flexibility, and analytics. Key features include advanced nameservers, zone-level DNS settings, unique DNSSEC keys per account and zone, GraphQL-based DNS analytics, a new release process, and simpler DNS pricing. Foundation DNS is now available to all new enterprise contracts that include authoritative DNS, while existing customers will have access to the features throughout 2024.
Apr 12, 2024
3,509 words in the original blog post.
The Great North American Eclipse of April 8, 2024, had a significant impact on Internet traffic across Mexico, the United States, and Canada. As millions gathered outdoors to witness the Moon passing between Earth and the Sun, data from Cloudflare revealed that bytes delivered traffic dropped by 8% and request traffic by 12% compared to the previous week at 19:00 UTC (14:00 Eastern, 12:00 Pacific). States in the path of totality experienced the most significant drops in traffic, with Vermont, Arkansas, Indiana, Maine, New Hampshire, and Ohio seeing declines of 40% or more. The event demonstrates how human and nature-related events can significantly impact Internet traffic.
Apr 09, 2024
619 words in the original blog post.
In November 2023, a major data center at Cloudflare experienced a power outage due to maintenance by the electrical grid provider, affecting its control plane and causing significant downtime for several services. The company declared Code Orange, shifting all non-critical engineering functions to focus on ensuring high reliability of their control plane. Over the next five months, teams across various departments worked to improve resilience in case of a similar failure in the future. On March 26, 2024, the same data center faced another power outage, but this time, most services were up and running within minutes due to the implemented improvements. The company continues to work on completing the resilience program for its Analytics platform and will stay focused on enhancing overall reliability.
Apr 08, 2024
2,243 words in the original blog post.
Developer Week 2024 has concluded with numerous announcements aimed at enhancing the developer experience on Cloudflare's platform. Key highlights include the general availability of D1, a SQL database, and Hyperdrive, a database accelerating service. Additionally, Python support for Cloudflare Workers is now in open beta. The event also featured testimonials from companies such as FAN Communications and Milkshake, which have successfully utilized Cloudflare's services to power their applications.
Apr 08, 2024
1,094 words in the original blog post.
Cloudflare Workers has introduced a built-in Remote Procedure Call (RPC) system that enables seamless communication between Worker-to-Worker and Worker-to-Durable Object without requiring any boilerplate code. This feature is designed to be expressive, making calling remote services feel like using a library. It supports passing structured clonable types as parameters or return values of an RPC, allowing functions and objects with methods to be passed as well. The performance is optimized for zero network latency when the other Worker runs in the same thread as the caller. This feature is secure based on the object-capability model and its protocol and implementation are open source.
Apr 05, 2024
3,348 words in the original blog post.
Cloudflare has announced updates on its Workers Launchpad program, latest Developer Challenge, and efforts to ensure safe and inclusive community spaces for developers. The company launched the $2 billion Workers Launchpad Funding Program in late 2022 aimed at helping more than one million developers who use its platform. Cohort #3 of the Workers Launchpad program has selected 29 startups to participate, leveraging Cloudflare's Developer Suite to scale their businesses. Additionally, a new AI Developer Challenge has been launched in collaboration with DEV, running until April 14, 2024. To ensure inclusivity and respect within the community, Cloudflare has created a new Code of Conduct for its programs.
Apr 05, 2024
1,060 words in the original blog post.
Cloudflare has acquired Baselime, an observability platform for serverless applications. The acquisition aims to simplify and enhance observability for developers building on the Cloudflare platform. Baselime's technology will be integrated into Cloudflare's ecosystem, starting with OpenTelemetry, real-time error tracking, and developer experience capabilities. The integration will enable developers to quickly build, ship, and troubleshoot applications while leveraging built-in observability by default for various services like Workers, Queues, KV, Durable Objects, AI calls, etc. Baselime's paid features are now available for free, and the company plans to sunset its products towards the end of 2024 when users can observe all their applications within the Cloudflare dashboard.
Apr 05, 2024
1,321 words in the original blog post.
Cloudflare has acquired PartyKit, an open-source platform for deploying real-time, collaborative, multiplayer applications. This acquisition marks a significant milestone in redefining the boundaries of serverless computing by making it more dynamic, interactive, and stateful. The integration of PartyKit into Cloudflare's ecosystem will enable developers to build applications that maintain state across requests, simplifying development and opening up a broader range of use cases, including real-time computing, collaborative editing, and multiplayer gaming.
Apr 05, 2024
971 words in the original blog post.
Cloudflare has announced major improvements to its integration with web frameworks, making it easier for developers to use their D1 SQL database, R2 object store, AI models, and other features. The enhancements allow developers to maintain their preferred local development workflow while still benefiting from Cloudflare-specific APIs and features. This is achieved through the getPlatformProxy() API, which bridges the gap between Node.js and workerd runtimes. Additionally, Cloudflare is working with the Vite team on a proposal that could enable developers to use Vite environments for full-stack applications, further streamlining development processes.
Apr 05, 2024
1,692 words in the original blog post.
Browser Rendering API is now available to all paid Workers customers with improved session management. The API allows developers to control and interact with a headless browser instance for automation flows in their applications and products. With the new feature of session management, developers can reuse previously opened browsers across Worker's scripts, increasing performance and lowering costs. Browser Rendering is now available to all customers with a paid Workers plan, and each account is limited to running two new browsers per minute and two concurrent browsers at no cost during this period. Additionally, Cloudflare Snippets are being rolled out for testing, allowing developers to perform complex HTTP request and response modifications on the platform. Asynchronous revalidation with stale-while-revalidate (SWR) cache directive is also in development, expected to be released in the second half of 2024. Workers for Platforms will be available under a new $25 pay-as-you-go plan on April 16, 2024, allowing developers to embed personalization and customization directly into their products.
Apr 05, 2024
1,538 words in the original blog post.
Developer Week 2024 focuses on production readiness with new updates to enhance control and tailor Cloudflare behavior for applications' needs. These updates include Gradual Deployments, source mapped stack traces in Tail Workers, a new Rate Limiting API, auto-generated SDKs for the Cloudflare API, and Durable Object namespace analytics and WebSocket Hibernation GA. The aim is to provide more power to developers while ensuring production readiness with these features designed for mission-critical services.
Apr 04, 2024
2,707 words in the original blog post.
Cloudflare introduces four new improvements to enhance media applications. Firstly, Cloudflare Calls is now in open beta with transparent pricing. Secondly, Cloudflare Stream has a Live Clipping API for instant clips from ongoing streams. Thirdly, Cloudflare Images offers a pre-built upload widget and automatic face cropping. Lastly, the company encourages users to join their Discord server to discuss media tools and learn more through developer documentation.
Apr 04, 2024
988 words in the original blog post.
Pages, launched in 2021 with the goal of streamlining developers' journey from idea to production, has introduced new improvements that bring functionality previously exclusive to Workers. These enhancements include support for monorepos, wrangler.toml configuration file format, additional Next.js support features, and database integrations with Neon, PlanetScale, Supabase, Turso, Upstash, and Xata. Furthermore, the convergence of Pages and Workers is planned to continue throughout 2024, with upcoming features such as Workers CI/CD, serving static assets from Workers, preview URLs for Workers, Tail Workers support in Pages, log pushing capabilities, and gradual deployments.
Apr 04, 2024
1,745 words in the original blog post.
Cloudflare has launched its open beta version of Cloudflare Calls, a platform that enables developers to build real-time audio/video applications using WebRTC. The platform abstracts away the complexity by turning the Cloudflare network into a singular SFU (Selective Forwarding Unit). This allows for more efficient data transmission and improved scalability as the number of participants increases. Cloudflare Calls is currently available at no cost, with plans to charge $0.05 per real-time gigabyte starting from May 15, 2024. The platform supports standard WebRTC APIs and acts like just another WebRTC peer, making it ideal for building new WebRTC apps or supplementing existing infrastructure.
Apr 04, 2024
3,024 words in the original blog post.
Picsart, a global digital creation platform, improved the performance of its remote configuration service by moving from a centralized architecture to a globally distributed service built on Cloudflare's Workers and Workers KV storage. This allowed them to significantly improve their performance and drive real business impact. The solution involved data segmentation, immutable updates, optimizing JSON serialization, and client-side connection improvements. As a result, the share of successfully delivered experiments increased from 50% to 85%, with median response times dropping from 1500ms to 280ms globally. Picsart plans to continue leveraging Cloudflare's developer platform for future enhancements and integrations.
Apr 03, 2024
3,050 words in the original blog post.
Cloudflare is launching new services aimed at making it easier for developers to ingest, store, and query data needed to build scalable applications. These include Event Notifications, a sneak peek into their durable execution service Workflows, and an upcoming streaming ingestion product called Pipelines. The company's goal is to simplify the process of building stateful, distributed-by-default applications. They are also working on making data ingestion more efficient and cost-effective by allowing developers to batch clickstream data from their web services directly to R2 without having to manage infrastructure or partitions.
Apr 03, 2024
2,250 words in the original blog post.
Cloudflare has introduced three new features for its zero egress fee object storage platform, R2. Event Notifications allow users to trigger Workers and take action when data in their R2 bucket changes. Super Slurper for Google Cloud Storage enables easy migration of data from GCS to Cloudflare R2. Infrequent Access Private Beta offers reduced fees for storing less frequently accessed data, with automatic optimization planned for the future.
Apr 03, 2024
825 words in the original blog post.
Cloudflare Workers and D1 have partnered with Prisma to simplify database management and improve developer experience. With version 5.12.0 of Prisma ORM, developers can now interact with data stored in D1 from their Cloudflare Workers using the convenient Prisma Client API. This collaboration aims to reduce time spent managing infrastructure and deploying applications while making it easier for developers to focus on developing globally available apps. The integration also includes support for Accelerate and Pulse, products built on Cloudflare that cover connection pooling, query caching, and real-time type-safe database subscriptions.
Apr 03, 2024
1,268 words in the original blog post.
Cloudflare has announced the General Availability (GA) of its Workers AI inference platform, which is now more reliable and performant with improved pricing. The company also revealed updates on GPU hardware momentum, an expansion of its Hugging Face partnership, Bring Your Own LoRA fine-tuned inference, Python support in Workers, more providers in AI Gateway, and Vectorize metadata filtering. Additionally, Cloudflare plans to deploy GPUs to over 150 cities worldwide by the end of 2024, making it the most widely distributed cloud-AI inference platform.
Apr 02, 2024
2,011 words in the original blog post.
Inference from fine-tuned LLMs with LoRAs is now in open beta on Workers AI platform. Low-Rank Adaptation (LoRA) is a specific fine-tuning method that can be applied to various model architectures, not just LLMs. It allows for the fine-tune weights and pre-trained model to remain separate, and for the pre-trained model to remain unchanged. The approach of maintaining the original base model weights means that you can create new fine-tune weights with relatively little compute. LoRA is an efficient method of fine-tuning which takes a lot less time and compute to train these additional parameters, which are referred to as a LoRA adapter. This makes it a lot easier to distribute, and serving fine-tuned inference with LoRA only adds ms of latency to total inference time.
Apr 02, 2024
2,415 words in the original blog post.
Starting today, Cloudflare is launching an open beta for writing Cloudflare Workers in Python. This new feature integrates a Python implementation directly into workerd, the open-source Workers runtime. Bindings to various resources such as Vectorize, Workers AI, R2, Durable Objects, and more are supported from day one. The Python execution environment is provided for users, mirroring how Workers written in JavaScript already work. This feature is made possible by Pyodide, a port of CPython to WebAssembly that interprets Python code without any need to precompile the Python code itself to any other format.
Apr 02, 2024
4,030 words in the original blog post.
Internet security has become a personal issue for many people, especially those working with vulnerable communities such as political dissidents and journalists in authoritarian nations. To address this, Cloudflare's mission is to help build a better internet by protecting various groups through its Impact projects. Collaboration and sharing of best practices are essential in democratizing access to powerful security tools. Civil society organizations face a wide range of threats from governments, non-state actors, and external influences. Through partnerships and collaborations with civil society organizations, tech companies, and CISA, Cloudflare aims to enhance the baseline of cyber hygiene for these groups and improve their resilience and response capabilities in the face of a cyberattack.
Apr 02, 2024
1,574 words in the original blog post.
Cloudflare has announced that it is making its platform easier for developers by launching three products into general availability (GA): D1, a serverless SQL database; Hyperdrive, which makes existing databases feel distributed and faster; and Workers Analytics Engine, a time-series database. These products aim to allow developers to bring their entire stack to Cloudflare's platform. The company has also announced new features for these products, including global read replication for D1, support for MySQL in Hyperdrive, and increased per-queue throughput for Queues. Additionally, Workers Analytics Engine now has a simple pricing model based on data points written and read queries.
Apr 01, 2024
2,065 words in the original blog post.
Cloudflare Workers utilize a unique feature called "bindings" that simplifies setup, enhances security, and improves developer experience. Bindings eliminate boilerplate code by allowing environment variables to contain full-fledged objects rather than just strings. This approach also helps prevent common security vulnerabilities such as Server-Side Request Forgery (SSRF) attacks and leaking of API keys or certificate management issues. Furthermore, bindings enable dependency injection for easier setup, observability, testability, and adaptability.
Apr 01, 2024
4,097 words in the original blog post.
Cloudflare's Workers applications now benefit from global reach and various database options tailored to developer needs, including key-value and object storage. The company has made its relational database, D1, generally available for production workloads with the familiarity of SQL. D1 is a built-in serverless relational database that offers SQL's expressiveness and integrates with developer tooling like ORMs. It also includes a generous free tier for developers to experiment with before moving to production.
D1's global read replication design aims to support data placement for globally distributed applications, using asynchronous read replication. This approach helps increase throughput by distributing load across multiple replicas and lowers query latency when the replicas are close to users making queries. D1 provides snapshot isolation consistency model, which is familiar to most developers, ensuring at most one active copy of the database.
To bring read replication to D1, Cloudflare will introduce a new concept called Sessions, allowing applications to encapsulate all queries representing one logical session for their application. This feature ensures sequential consistency for all queries in the Session and is built-in, with no extra usage or storage costs. Developers can start using D1 now, and more features are expected as the company continues to address SQL database needs for developer applications.
Apr 01, 2024
2,594 words in the original blog post.