Home / Companies / Cloudflare / Blog / September 2024

September 2024 Summaries

39 posts from Cloudflare

Filter
Month: Year:
Post Summaries Back to Blog
Cloudflare's 14th birthday in 2024 was marked by major announcements during Birthday Week, focusing on innovative offerings for customers and the broader internet community. The week-long event is a tradition at Cloudflare, emphasizing their commitment to staying close to their customers. This year, they announced new payment methods such as Stripe Link, aimed at supporting global payment options used by customers worldwide.
Sep 30, 2024 434 words in the original blog post.
Cloudflare has launched Radar Data Explorer and an AI Assistant to provide users with a simple web-based interface to build complex API queries, including comparisons and filters, and visualize the results. The AI Assistant uses Cloudflare Workers AI to translate natural language statements or questions into appropriate Radar API calls, while the Data Explorer enables users to explore various datasets such as traffic metrics, attacks, internet quality, email security, and more. Users can also compare data across different locations or autonomous systems (ASs) and visualize results in time series graphs, bar charts, treemaps, or global choropleth maps. The AI Assistant is built using prompt engineering and multiple inference calls to an LLM, while the Data Explorer's API section provides copyable API calls as direct request URLs and cURL commands.
Sep 27, 2024 2,429 words in the original blog post.
Cloudflare has been offering a free tier since its launch in 2010, which now serves millions of internet properties. The company's commitment to providing a free service is not only mission-aligned but also helps keep costs lower. By offering a generous free version for public-facing applications, internal private networks, and developer tools, Cloudflare has managed to build strong partnerships with Internet Service Providers (ISPs) and grow its business. The Free plan provides unique threat intelligence, assists in quality assurance, and encourages the development of more intuitive products. This week, 15 updates were announced that make Cloudflare's Free plans even better, further solidifying their commitment to a free service.
Sep 27, 2024 1,570 words in the original blog post.
Cloudflare has developed a platform for running containers across its network, which is already being used in production for Workers AI, Workers Builds, Remote Browsing Isolation, and the Browser Rendering API. The company built this platform from scratch to handle global scheduling, GPU support, and other features that are essential for efficient container management. By leveraging Cloudflare's network of over 330 locations worldwide, developers can run their applications closer to users, reducing latency and improving performance. The platform also allows teams to use otherwise idle "off-peak" compute resources for tasks such as Workers CI/CD builds. As more engineering teams rely on the containers platform in production, Cloudflare plans to integrate it more deeply with its Workers service, allowing developers to leverage both technologies together seamlessly.
Sep 27, 2024 4,082 words in the original blog post.
Cloudflare has extended its AI Assistant capabilities to help users build new Web Application Firewall (WAF) rules, added AI bot traffic insights on Cloudflare Radar, and provided customers with new AI bot blocking capabilities. The AI Assistant for WAF Rule Builder simplifies the process of creating custom and rate-limiting rules by allowing users to generate rules through natural language prompts. Additionally, the platform offers insight into request activity from AI bots and associated traffic trends over time. Cloudflare has also expanded its protection against AI bots with new detections and managed rule updates, which have resulted in a noticeable increase in detection rates for various AI bots. The company plans to continue exploring the AI landscape and providing users with tools and insights needed to manage their traffic effectively.
Sep 27, 2024 1,706 words in the original blog post.
Today, we are announcing the Dev Starter Pack, an alliance of innovative tools for developers to get started with discounts and free services. The aim is to help developers focus on building their products and growing their businesses by providing them with essential development tools at a lower cost or even for free. This initiative includes all the necessary tools to build a startup as well as AI-powered features, reflecting our belief that the next wave of startups will be AI-native. We are also excited to share an update on our Workers Launchpad Program, which supports developers turned founders building startups on Cloudflare's platform.
Sep 27, 2024 1,180 words in the original blog post.
Cloudflare has announced its commitment to the Cybersecurity and Infrastructure Security Agency (CISA) 'Secure by Design' pledge, aimed at enhancing the safety of their products and delivering secure solutions to customers. The company is launching a bug bounty VIP program in conjunction with its public bug bounty program, offering higher bounty payouts and exclusive access to beta testing environments for select security researchers. This commitment underscores Cloudflare's belief that a safer internet is achievable through shared responsibility and proactive engagement.
Sep 27, 2024 998 words in the original blog post.
Cloudflare introduces Project Alexandria, a streamlined and expanded open source program offering recurring annual credits to more open source projects for free access to its products. The program aims to ensure every OSS project not only survives but thrives with enhanced security, performance optimization, and developer tools at no cost. Open source projects can apply for the program if they operate on a non-profit basis or align with the project mission and have a recognized OSS license.
Sep 27, 2024 1,355 words in the original blog post.
Cloudflare is celebrating its first anniversary of AI developer products by introducing powerful new features for Workers AI, AI Gateway, and Vectorize. These updates aim to enhance the way developers build applications using AI on Cloudflare's platform. Workers AI will benefit from more powerful GPUs, an expanded model catalog, and a simpler pricing model. Meanwhile, AI Gateway is moving forward with its vision of becoming an ML Ops platform by introducing more powerful logs and human evaluations. Lastly, Vectorize is going GA, offering expanded index sizes and faster queries. These updates are designed to help developers harness the full potential of AI and build applications on Cloudflare's platform.
Sep 26, 2024 2,388 words in the original blog post.
Cloudflare has announced up to 3x faster key-value (KV) hot reads for its Workers KV service, reducing all KV operations' latency by up to 20ms. The improvements were achieved through optimizing the architecture of Workers KV and implementing tiered cache to minimize requests to storage backends. These changes have led to significant speed gains across various Cloudflare services, including Pages, Queues, and Access. Additionally, an in-memory cache is being tested for the hottest keys, which could resolve reads within a millisecond.
Sep 26, 2024 1,622 words in the original blog post.
To celebrate Builder Day 2024, Cloudflare is introducing 18 updates inspired by developer feedback. These updates include persistent logs for every Worker, connection to private databases from Workers using Hyperdrive, improved Node.js compatibility, static asset hosting for Workers, and more. Additionally, Gradual Deployments is now generally available, making it easier and safer to deploy changes to applications. Queues has also been upgraded with higher throughput and concurrency limits, allowing developers to build event-driven applications and workflows that react to changes in their data. Event notifications for R2 is now generally available as well, enabling developers to set up multiple notification rules for a single queue on a bucket. Furthermore, image optimization is available to everyone for free with up to 5,000 transformations per month. These updates aim to enhance the developer experience and make it easier for developers to build applications using Cloudflare's platform.
Sep 26, 2024 3,169 words in the original blog post.
Cloudflare is offering startups up to $250,000 in credits for its Developer Platform, which includes products like Argo and Cache Reserve. Eligibility criteria include being a software-based product or service founded within the last five years with funding between $50,000 - $5,000,000. The program also offers access to speed and performance tools, as well as security features such as Web Application Firewall (WAF), DDoS Alerts, and Zero Trust solutions. Cloudflare's Startup Program aims to support founders by removing limitations on building technology without incurring high costs.
Sep 26, 2024 697 words in the original blog post.
Durable Objects (DO) is a novel approach to cloud computing that allows application code to run directly on the machine where data is stored, eliminating network latency and synchronization issues. SQLite-in-DO takes this concept further by supporting full SQL query interface with tables and indexes through SQLite integration. This results in faster reads and writes, as well as improved reliability and consistency. SQLite-backed DOs are currently available in beta for developers to experiment with and provide feedback.
Sep 26, 2024 4,621 words in the original blog post.
During Birthday Week 2023, Workers AI was launched, and since then, improvements have been made based on customer feedback. The focus has been on making large language model (LLM) generation faster. Upgrades include upgraded hardware, KV cache compression, and speculative decoding. These enhancements aim to provide faster and more efficient inference for customers. Newer generation GPUs support larger models and faster inference, while novel methods of boosting efficiency have been developed. Memory management has also been optimized to reduce the bottleneck caused by limited vRAM availability. Speculative decoding is another technique that allows for faster throughput by predicting multiple tokens at once. These improvements aim to enhance user experience and provide better performance on Workers AI platform.
Sep 26, 2024 1,877 words in the original blog post.
Cloudflare has introduced Speed Brain, a new feature designed to reduce page load latency by predicting how visitors will interact with a given web page. The technology relies on the Speculation Rules API to prefetch content of likely next navigations and aims to download a web page to the browser cache before a user navigates to it, allowing pages to load almost instantly when actual navigation takes place. Speed Brain is currently available for all plan types at no cost and can be toggled on from the dashboard or API.
Sep 25, 2024 4,755 words in the original blog post.
Cloudflare is enabling Encrypted Client Hello (ECH) by default for all Free plans. ECH encrypts the entire TLS handshake, ensuring user privacy and enabling TLS to evolve without exposing sensitive connection data. By securing the full handshake, ECH allows for flexible, future-proof encryption designs that safeguard privacy as the Internet continues to grow.
Sep 25, 2024 5,922 words in the original blog post.
Cloudflare has made its TURN server generally available to all users, offering an intermediary solution for maintaining connections during video calls when local networking conditions prevent direct communication between participants. The service works on Cloudflare's anycast network, ensuring global coverage and near-zero latency required by real-time applications. TURN solves connectivity and privacy problems for real-time apps like video or audio calls by predictably relaying traffic between devices while minimizing delay. It also helps determine if a relay server is needed through the ICE protocol. Cloudflare's TURN service offers unparalleled speed, near-zero latency, and scalability due to its presence in over 330 cities worldwide.
Sep 25, 2024 1,826 words in the original blog post.
Cloudflare has deployed its next-generation servers, Gen 12, powered by AMD EPYC 9684X processors. These servers deliver exceptional performance across all Cloudflare services, enhanced support for AI/ML workloads, significant strides in power efficiency, and improved security features. The Gen 12 server is equipped with a 4th generation AMD EPYC Processor, 384 GB of DDR5 RAM, 16 TB of NVMe storage, a dual-port 25 GbE NIC, and two 800 watt power supply units. The Gen 12 server offers a 63% power efficiency improvement compared to the previous generation, reducing operational expenditure and carbon footprint.
Sep 25, 2024 3,143 words in the original blog post.
End-to-end encrypted messaging apps such as WhatsApp, Signal, and iMessage rely on public-private key exchange for secure conversations. However, an implicit trust in the correct distribution of public keys by the app infrastructure is often overlooked. To protect the integrity of end-to-end encrypted conversations, several methods have been deployed, including in-person verification of QR code fingerprints. WhatsApp has paved the way with their Key Transparency announcement, and Cloudflare now verifies WhatsApp's Key Transparency audit proofs. The Auditable Key Directory (AKD) is a tree-shaped data structure that forms the architectural foundation of Key Transparency. Cloudflare's role in Key Transparency involves checking that the AKD tree has been constructed correctly and consistently over time.
Sep 24, 2024 1,803 words in the original blog post.
Cloudflare has announced the provision of threat intelligence and over ten new security features for free to all its customers. These features are aimed at addressing growing cybersecurity concerns such as account takeover attacks, supply chain attacks, API endpoint attacks, network visibility, and data leaks from networks. The company is also offering a bundle of Cloudflare One products for free, making it the only vendor to provide free versions of these types of products. Additionally, new users can now use Google Authentication to sign up and log into Cloudflare, reducing dependence on remembering passwords and enhancing account security.
Sep 24, 2024 2,658 words in the original blog post.
In 2018, Cloudflare launched 1.1.1.1, a privacy-focused consumer DNS service. In 2020, they introduced 1.1.1.1 for Families to provide security and adult content filtering. Today, any ISP or equipment manufacturer can use Cloudflare's DNS resolvers for free. They offer three types of resolvers: privacy-focused (1.1.1.1), security-focused (1.1.1.2), and family-focused (1.1.1.3). Additionally, they have a premium Gateway product with advanced filtering, reporting, logging, analytics, and scheduling options. Cloudflare's commitment to privacy, security, and safety has led them to partner with leading companies to help protect customers and their families. They are inviting more ISPs and equipment manufacturers to join this program by signing up through a form on their website.
Sep 24, 2024 1,143 words in the original blog post.
Cloudflare has announced that its SDK libraries, Terraform provider, and API reference documentation will now be automatically generated from OpenAPI schemas. This means that any new features or attributes added to their products will immediately be reflected across the entire ecosystem, ensuring users have access to up-to-date information without delays. The company has also improved its API documentation site by making it SDK aware and providing examples in multiple languages. Additionally, endpoint permissions are now back, with all endpoints automatically getting this information through new tooling integrated into their code generation pipeline.
Sep 24, 2024 2,915 words in the original blog post.
Cloudflare has developed the fastest cache purge in the industry with a global purge latency of less than 150ms on average for purge by tags, hostnames, and prefixes. This represents a 90% improvement since May 2022. The company is also opening up more purge options to Free, Pro, and Business plans, which were previously only available to Enterprise customers. CacheDB, an indexing service built on RocksDB, has been introduced to manage the indexing and purging of cached files, improving cache retention times across their service.
Sep 24, 2024 3,509 words in the original blog post.
Cloudflare has introduced support for batched API calls to its DNS records API, allowing customers to make large changes to their zones more efficiently than before. This feature enables users to execute POST, PUT, PATCH, and DELETE methods in a single batch request, reducing the need for custom scripts or programs. The new endpoint is fully atomic, using a single database transaction, and can handle up to 100,000 changes in one call. This improvement not only reduces API latency but also lowers the overall database query load.
Sep 23, 2024 2,502 words in the original blog post.
Cloudflare has released a set of tools that allow site owners, creators, and publishers to control how their content is accessed by AI-related bots and crawlers. The new features include an analytics view of the AI services that crawl a site and the specific content they access, as well as options for blocking or allowing certain types of AI providers and bots. This aims to give site owners more control over their content usage and potentially pave the way for monetization opportunities in the future.
Sep 23, 2024 2,256 words in the original blog post.
Cloudflare has been measuring its network performance against top global networks since June 2021 to improve its speed and share the results of these initiatives. As of September 2024, Cloudflare is ranked as the fastest provider in 44% of the top 1,000 ISPs. The company uses Real User Measurements (RUM) data to track key performance metrics such as TCP Connection Time, Time to First Byte (TTFB), and Time to Last Byte (TTLB). This data helps Cloudflare identify lagging regions and improve its network performance in those areas. The company is constantly working on improving its infrastructure and services to become the fastest network worldwide.
Sep 23, 2024 1,581 words in the original blog post.
Cloudflare has introduced Ephemeral IDs as a new feature for its CAPTCHA alternative, Turnstile. This feature generates unique short-lived IDs without relying on network-level information, allowing the identification of malicious actions even when attackers rotate through large pools of IP addresses. By analyzing browser attributes and signals, Ephemeral IDs can detect abuse patterns more accurately beyond just determining whether a visitor is a human or a bot. This enhances security for websites protected by Turnstile without impacting user privacy.
Sep 23, 2024 1,198 words in the original blog post.
This week marks the fourteenth anniversary of Cloudflare's launch, which they celebrate as their birthday. During this time, they traditionally release new products that they consider gifts back to the Internet. Despite fewer public innovation weeks over the last year due to focusing on improving internal systems, Cloudflare plans to resume its usual cadence of new product launches during this Birthday Week. They will roll out performance improvements, launch new features for their developer platform, and provide support for startups and open-source communities. However, they acknowledge that the Internet has become more fragile over the past year, with incidents such as increased internet shutdowns and restrictions on access in various countries. Additionally, the business model of the web is eroding due to the rise of AI, which threatens original content creation. Cloudflare believes in the importance of preserving the integrity of the Internet's underlying protocols while addressing these challenges. They invest in public policy efforts and strive to improve their platform and services. The company remains committed to its mission of helping build a better Internet and encourages others who share this vision to join them. Cloudflare is focused on improving the Internet experience for users, developers, and businesses alike.
Sep 22, 2024 1,079 words in the original blog post.
Infrastructure planning at Cloudflare involves capacity planning to ensure enough resources are available worldwide, considering various scenarios such as data center failures or increased customer demand. The company uses a unit called CPU Time to measure capacity and performance. To manage these complexities, Cloudflare developed "Scenario Planner," which enables users to simulate hypothetical changes in demand and supply across time and locations. This tool outputs heatmaps and expected failovers views to help visualize the impact of different scenarios on network capacity and customer experience. The Capacity Planning team is hiring, with open roles available on their careers page.
Sep 20, 2024 2,236 words in the original blog post.
On September 17, 2024, Cloudflare experienced an outage affecting some Business plan websites for approximately one hour due to an internal software error. The issue occurred during routine maintenance when IPv4 prefixes were inadvertently stopped from being announced, causing traffic not to reach the affected websites. This was a result of a batch of websites that remained linked to old addresses after renumbering work in July 2024. Cloudflare has since fixed the specific bug and is implementing measures to prevent similar issues in the future, including adding tests for outstanding website assignments, improving processes associated with prefix withdrawal, and reviewing every use of stored procedures and functions related to legacy systems.
Sep 20, 2024 1,447 words in the original blog post.
Chrome and Mozilla have decided to stop trusting Entrust's public TLS certificates issued after November 12, 2024 and December 1, 2024 respectively due to concerns about the company's ability to meet CA/Browser Forum requirements. To prevent service disruption for their customers, Entrust has partnered with SSL.com, a publicly trusted CA, and will issue certificates from SSL.com’s roots. Cloudflare is also adding SSL.com as a certificate authority that its customers can use, allowing automatic issuance and renewal of SSL.com certificates for those who are currently relying on Entrust as a CA.
Sep 19, 2024 1,425 words in the original blog post.
The text discusses how to protect APIs against sequential abuse using statistical machine learning techniques. It introduces the concept of API sessions and how they can be used to identify malicious activities by analyzing the order in which requests are made. The blog post then explains how Markov chains, specifically variable order Markov chains (VOMCs), can be applied to summarize sequential behavior from past session data and determine important sequences. Finally, it describes an efficient algorithm that updates the model continuously as data arrive, allowing for real-time analysis of API requests and protection against malicious activities.
Sep 12, 2024 2,769 words in the original blog post.
The September 10 Harris-Trump debate caused a bigger drop in Internet traffic across the US than the Biden-Trump debate on June 27, with some states experiencing up to a 25% decline. There was also an increase in DNS traffic to both Kamala Harris-related and Donald Trump-related domains during and after the debate. Additionally, there was a rise in aggregated DNS traffic to general US news sites and election-related websites. From a cybersecurity perspective, Donald Trump remained the candidate with the most mentions in email subjects and the highest percentages of emails classified as spam and malicious.
Sep 11, 2024 2,422 words in the original blog post.
Cloudflare has announced new integrations with CrowdStrike, enhancing their Unified Risk Posture offering. The integration allows for deeper analysis and investigation by unifying first- and third-party data, native threat intelligence, AI, and workflow automation. By combining Cloudflare's email security and zero trust logging capabilities with CrowdStrike's dashboards and custom workflows, organizations can gain better visibility into their environments and remediate potential threats more effectively. The integration also enables proactive alerting of suspicious activity, such as phishing emails or risky website engagement, allowing for early detection of account compromises or insider threats.
Sep 11, 2024 647 words in the original blog post.
Cloudflare has developed an open-source Rust crate to reduce CPU utilization and enable its Content Delivery Network (CDN) to handle more of the world's increasing web traffic. The company optimized a function called clear_internal_headers, which was consuming over 1.7% of pingora-origin's total CPU time. By implementing a new data structure called trie-hard, they reduced the compute utilization of pingora-origin by 1.28%. The optimized function has been running in production since July 2024 and its performance closely matches the predictions from benchmarking tests.
Sep 10, 2024 1,801 words in the original blog post.
Cloudflare has announced a preview of improved Node.js compatibility for its Workers and Pages, allowing users to utilize more NPM packages and benefit from the JavaScript ecosystem when writing their Workers. The latest version combines the best features of previous efforts, enabling users to import far more NPM packages on Workers and use more Node.js APIs. This improved compatibility will soon become the default for all Workers with the existing nodejs_compat flag enabled, and a compatibility date of 2024-09-23 or later.
Sep 09, 2024 1,983 words in the original blog post.
Cloudflare handles over 60 million HTTP requests per second globally, with approximately 70% received over TCP connections (the remaining are QUIC/UDP). Anomalous TCP connections occur when a connection is unexpectedly halted before any useful data exchange occurs. These connections can be closed due to various reasons such as scanners, sudden application shutdowns, network errors, attacks, and tampering. Cloudflare has launched a new dashboard and API endpoint on Cloudflare Radar that shows near real-time view of TCP connections to its network that terminate within the first 10 ingress packets due to resets or timeouts. Analyzing this anomalous behavior provides insights into scanning, connection tampering, DoS attacks, connectivity issues, and other behaviors.
Sep 05, 2024 4,739 words in the original blog post.
Cloudflare has found that 20% of all internet connections are abruptly closed before any useful data can be exchanged, suggesting intentional tampering by third parties. The company's global network allows it to identify patterns that suggest external tampering with a connection to prevent content from being accessed. Connection tampering is often hard to decipher but the ways connections are abruptly closed give clues to what might have happened. Cloudflare has shared a view of global connection tampering practices and launched a new dashboard and API on Cloudflare Radar that shows a near real-time view of specific connection timeout and reset events experienced by users connecting to its network globally.
Sep 05, 2024 4,847 words in the original blog post.
The White House has issued a roadmap to enhance internet routing security, highlighting the importance of securing Border Gateway Protocol (BGP) and addressing concerns related to its vulnerabilities. The report recommends that all networks create and publish Route Origin Authorization (ROA) records, while encouraging network service providers to fully deploy ROV and implement other best practices. It also proposes using federal government's purchasing power to encourage routing security measures among contracted service providers and broadband grant recipients. The roadmap acknowledges the need for ongoing work in securing relationships between individual networks through BGPsec and ASPA, as well as the formalization of customer roles through RFC9234.
Sep 02, 2024 2,955 words in the original blog post.