July 2025 Summaries
19 posts from Cloudflare
Filter
Month:
Year:
Post Summaries
Back to Blog
Social media users' frustration with losing their identity and data when platforms change is addressed by the ATProto ecosystem, where users maintain control over their data and identities. This decentralized system, exemplified by Bluesky, allows users to publish content as part of a global, cryptographically signed social web. The post provides a guide on building a serverless ATProto application using Cloudflare's Developer Platform, emphasizing the benefits of serverless architecture such as reduced management overhead and enhanced scalability. The application, Statusphere, serves as a basic demo for understanding decentralized ATProto apps. It utilizes Cloudflare's infrastructure, including Workers, KV, and Durable Objects, for efficient data processing and real-time updates. The text also highlights the interoperability of ATProto components, the role of TypeScript and Rust in development, and the potential future improvements in handling real-time data streams without compromising the serverless model's benefits.
Jul 24, 2025
2,148 words in the original blog post.
On July 23, 2025, the White House introduced its AI Action Plan, detailing the administration's strategy for advancing Artificial Intelligence across three major pillars: accelerating AI innovation, building American AI infrastructure, and leading international AI diplomacy and security. The plan emphasizes removing regulatory barriers, supporting open-source AI models, constructing high-security data centers, and strengthening export controls to manage AI technology dissemination. Cloudflare, among others, supports the plan's focus on fostering U.S. leadership in AI by promoting open-source models and a distributed network infrastructure. The document underscores the significance of collaboration between the government and private sector to ensure that policy actions are technically feasible and globally effective, highlighting the dual strategy of promoting AI export to allies while imposing export controls to safeguard national security. As Cloudflare aligns with the plan's goals, it emphasizes the need for a balanced approach to avoid stifling innovation while enhancing cybersecurity and maintaining a globally connected AI ecosystem.
Jul 24, 2025
1,634 words in the original blog post.
The Cloudflare Business Intelligence team developed Jetflow, a custom Extract Load Transform (ELT) framework, to manage their growing and complex data ingestion needs, which include processing about 141 billion rows daily from various sources like Postgres, ClickHouse, and SaaS applications such as Salesforce. The existing ELT solutions were insufficient for their requirements, prompting the creation of Jetflow, which significantly improved efficiency and performance, enabling ingestion of millions of rows per second while reducing resource usage. Jetflow's modular and extensible design allows seamless integration with internal systems and supports multiple data interfaces, such as Google BigQuery and Kafka, ensuring backward compatibility and easy configuration. It optimizes data processing by using the Arrow data format and direct database connections, achieving notable performance improvements, as seen in case studies with ClickHouse and Postgres. By early July 2025, Jetflow facilitated the ingestion of 77 billion records daily, with plans to migrate the remaining jobs and potentially open-source the project in the future.
Jul 23, 2025
2,210 words in the original blog post.
On July 19, 2025, Microsoft announced the discovery of CVE-2025-53770, a critical zero-day Remote Code Execution vulnerability affecting various versions of SharePoint Server, with a CVSS score of 9.8. This vulnerability, caused by improper deserialization of untrusted data, allows remote attackers to execute arbitrary code and access cryptographic machine keys, enabling persistent unauthorized access. The exploit chain, known as "ToolShell," involves stages of authentication bypass, remote code execution, and long-term access retention, making it particularly threatening. Following its demonstration at the Pwn2Own competition, threat actors have been observed exploiting this vulnerability, prompting Cloudflare to develop and deploy emergency Web Application Firewall (WAF) Managed Rules to mitigate the threat. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-53770 to its Known Exploited Vulnerabilities catalog with an urgent remediation deadline, emphasizing the need for organizations with on-premise SharePoint servers to assume possible compromise and take immediate action.
Jul 22, 2025
760 words in the original blog post.
Cloudflare's network spans over 330 cities in 125 countries and interconnects with more than 13,000 network providers, which grants it a unique vantage point on Internet resilience and disruptions. Throughout the second quarter of 2025, despite a previous quarter without government-directed shutdowns, such actions were observed in Libya, Iran, Iraq, Syria, and Panama due to a variety of reasons including protests and exams. Additionally, power outages affected Internet connectivity in countries like Spain, Portugal, Morocco, Puerto Rico, Saint Kitts and Nevis, North Macedonia, and the Maldives, showcasing the Internet's dependency on stable electrical grids. Technical issues and cyberattacks also contributed to disruptions in places like Canada, the United States, Russia, and with companies like Bell Canada and ASVT being notably affected. Moreover, unexplained disruptions occurred in Finland and the Philippines. The Cloudflare Radar team continually monitors and reports such Internet disruptions.
Jul 22, 2025
3,854 words in the original blog post.
Quicksilver is a key-value database used by Cloudflare's vast network of servers to manage configuration information, ensuring rapid responses to network requests. Initially, all servers stored the entire dataset, leading to disk space challenges as the dataset expanded to over five billion key-value pairs and 1.6 TB in size. To address scalability issues, Quicksilver introduced a caching system with a proxy mode that reduced the storage burden on individual servers by keeping only a cache, while a few special servers retained the full dataset. This evolved into a tiered architecture, with local caches on each server, a data center-wide sharded cache, and replicas on storage nodes for rarely accessed data. This new structure improved cache hit rates to above 99.99% for most instances, efficiently handling the growing number of keys and requests without compromising performance. The transition to this tiered system involved complex migrations and was executed transparently to customers, reflecting strategic improvements in system architecture and scalability.
Jul 17, 2025
3,051 words in the original blog post.
Python notebooks have been the standard for data science due to their ease of use in coding, data exploration, and result sharing, but they face challenges in collaboration, reproducibility, and deployment at scale. Cloudflare has partnered with marimo, an open-source reactive Python notebook, to address these limitations, offering features like Git tracking, standalone script execution, and deployment as data applications. Marimo's reactive execution model enhances consistency and speed, allowing notebooks to run in various environments, including the browser via WebAssembly, reducing sharing costs. Additionally, Cloudflare has integrated authentication and examples to streamline data exploration, while marimo supports multiple data sources and offers seamless OAuth authentication. The collaboration aims to empower developers and data scientists to conduct large-scale analyses and batch jobs, leveraging Cloudflare's infrastructure and marimo's capabilities.
Jul 16, 2025
1,200 words in the original blog post.
On July 14, 2025, Cloudflare experienced a significant outage affecting its 1.1.1.1 public DNS Resolver, causing a global service disruption for 62 minutes. This incident was triggered by a misconfiguration during a service topology update, inadvertently linking the 1.1.1.1 Resolver's IP addresses to a non-production service, leading to their withdrawal from Cloudflare's data centers globally. The error originated from a June 6 configuration change meant for a new Data Localization Suite service, which remained dormant until the July update prompted a global configuration refresh. The outage significantly impacted Internet services for users relying on 1.1.1.1, although DNS-over-HTTPS traffic remained largely unaffected due to its reliance on different IP addresses. Cloudflare rapidly deployed a fix to restore service, while also committing to phasing out legacy systems and improving deployment methodologies to prevent future occurrences. This incident underscored the need for robust configuration management and highlighted Cloudflare's efforts to enhance the resilience of its infrastructure.
Jul 15, 2025
2,045 words in the original blog post.
Cloudflare has been recognized as a Visionary in the 2025 Gartner Magic Quadrant for Secure Access Service Edge (SASE) Platforms, reflecting its innovative approach to connecting and securing networks through its expansive global platform, Cloudflare One. This recognition highlights Cloudflare's strategy of integrating networking and security services into a unified, cloud-based platform that provides end-to-end visibility and control, supported by one of the world's most extensive and well-connected networks. Cloudflare's SASE platform aims to simplify infrastructure, enhance security, and improve connectivity through services like Magic WAN, Cloudflare Access, and Cloudflare Gateway, addressing modern enterprise needs such as Zero Trust and secure cloud access. The platform's design prioritizes low latency and efficient service delivery by providing full compute capabilities in every data center and optimizing connection routes. As Cloudflare continues to develop its capabilities, including the integration of AI technologies, it seeks to offer comprehensive solutions that extend beyond traditional SASE definitions, addressing broader security concerns like phishing and DDoS attacks while supporting multi-cloud connectivity and AI-powered applications.
Jul 15, 2025
2,150 words in the original blog post.
The 22nd edition of the Cloudflare DDoS Threat Report highlights the evolving landscape of Distributed Denial of Service (DDoS) attacks in the second quarter of 2025, noting a significant increase in hyper-volumetric attacks. June was particularly active, with a peak attack reaching 7.3 terabits per second. Despite a decrease in the overall number of attacks compared to the previous quarter, the volume remained 44% higher than the same period in 2024. Telecommunications and Internet service providers were the most targeted industries, while China and Brazil emerged as the most attacked locations based on customer billing data. The report emphasizes the prevalence of botnet-driven attacks, including a rise in ransom DDoS attacks and the use of legacy protocols for evasion. It also underscores the need for proactive, always-on security measures, supported by Cloudflare's extensive network and real-time threat intelligence, to effectively mitigate these threats and contribute to community-based botnet takedowns.
Jul 15, 2025
3,717 words in the original blog post.
Quicksilver is a key-value store developed by Cloudflare to provide fast global replication and low-latency access, initially designed for global configuration distribution but later becoming a foundational storage system for various products. The original Quicksilver v1 had every server maintaining a full data copy, leading to inefficiencies as the business expanded. To address this, Cloudflare introduced Quicksilver v1.5, which employs a proxy-replica design allowing some servers to act as proxies with persistent caches, significantly reducing disk usage. This new setup uses multiversion concurrency control and sliding window approaches to handle asynchronous replication and consistency challenges, ensuring sequential consistency while addressing potential negative lookups with efficient solutions like Bloom filters. The system also incorporates a Network Oracle for efficient replica discovery and connection management across data centers, maintaining low request latencies despite the architectural changes.
Jul 10, 2025
3,529 words in the original blog post.
At Cloudflare, PostgreSQL and ClickHouse are used for transactional and analytical workloads, but the company chose TimescaleDB as the analytics plane for its Zero Trust product suite due to its simplicity, performance, and ease of use. The team prioritized launching a minimal and focused architecture, which allowed them to ship the initial version of the product quickly and gather early feedback from customers. They discovered that PostgreSQL's limitations in handling high-throughput batch inserts made ClickHouse less suitable for their needs. TimescaleDB was chosen because it offers columnstore and sparse indexes, automatic partition management, and continuous aggregates, which improved query performance and reduced storage costs. The company deployed a self-hosted TimescaleDB instance on its canary PostgreSQL cluster to compare its performance against vanilla Postgres. After a two-week backfill period, they saw 5x to 35x performance improvements, depending on the query type and time range. The team made adjustments to optimize TimescaleDB for their specific use case, including switching from bulk INSERTS to COPY, disabling synchronous replication, and relying on aggressive compression and sparse indexes. They found that TimescaleDB strikes a balance between simplicity and impressive performance, making it an ideal choice for their analytics needs.
Jul 08, 2025
4,190 words in the original blog post.
Cloudflare's Secure Access Service Edge (SASE) platform is enhancing its support for hostname- and domain-based policies, driven by customer demand. The first milestone in this mission is the release of egress policies by hostname, domain, content category, and application in open beta. This feature allows customers to control traffic flow based on hostname, domain, content categories, or applications, simplifying their security policies. Egress policies are part of Cloudflare Gateway, which operates as both a layer 4 and layer 7 proxy. To support egress policies by hostname, Cloudflare uses a "synthetic IP" mechanism that associates the DNS query for a hostname with its destination IP address. This feature is currently only supported on specific on-ramps, such as WARP client, PAC files, and Browser Isolation, but plans to expand support in the future. The new feature aims to simplify customers' egress policies, reduce the need for manual management of individual hostnames, and enhance security in Cloudflare's SASE deployments.
Jul 07, 2025
2,218 words in the original blog post.
The rise of AI crawlers has transformed the web crawling landscape, with some AI bots experiencing significant growth and others declining sharply. Googlebot emerged as the dominant force, growing 96% in one year, while GPTBot from OpenAI rose to 7.7% share, a 305% increase in requests. The data also shows that traditional search crawlers have struggled, with Bingbot's share declining slightly. AI crawlers are increasingly being used for training large language models, and their growth is expected to continue, driven by the merging roles of search engines and AI. Websites face new challenges in managing their online presence as a result, but also opportunities to adapt and thrive in this evolving space. The trend towards stronger, enforceable blocking methods signals a key shift in how websites interact with AI systems, and Cloudflare is investing in tools to support this effort. As the Internet continues to evolve, web crawlers will play an increasingly important role in shaping its future.
Jul 01, 2025
2,739 words in the original blog post.
Google's business model, which relied on copying content from creators in exchange for sending them traffic, is changing as AI takes over the web. The number of searches on Google is declining, and users are turning to AI systems like ChatGPT to answer questions. Google has added features like answer boxes and AI Overviews that provide answers without leaving the site, making it harder for content creators to get traffic and value from their work. In contrast, AI tools like OpenAI and Anthropic make it even more difficult for creators to generate value from their content. To address this, Cloudflare is launching a new initiative on "Content Independence Day" to block AI crawlers unless they pay creators for their content and create a marketplace where creators can come together with AI companies to value content based on its knowledge-furthering potential rather than traffic generation. This change aims to facilitate a new golden age of high-value content creation and learn from the web's past successes while improving its future. Cloudflare is playing a key role in helping build a better Internet by supporting content creators' demand for value for their work.
Jul 01, 2025
868 words in the original blog post.
Cloudflare is integrating HTTP Message Signatures into its Verified Bots Program to simplify bot enrollment and improve authentication accuracy for site owners. This integration allows bots to be identified as such by Cloudflare's automated verification process, enabling site owners to create Bot Management and WAF rules based on verified bot traffic. The use of Message Signatures simplifies the verification process for both bots and site owners, reducing manual processes and improving overall security. Cloudflare is also providing open-source libraries to help developers generate Message Signatures, making it easier for them to integrate this authentication method into their applications. As part of its commitment to a safer and more efficient Internet, Cloudflare aims to make Message Signatures available to all sites, fostering a trusted environment for both human and automated traffic. The integration of HTTP Message Signatures marks an important step towards transforming how bot authentication is managed across the web.
Jul 01, 2025
1,527 words in the original blog post.
Cloudflare has introduced a new metric on its Radar platform to help content publishers understand how AI-powered crawlers and bots impact internet traffic. The metric, called the "AI Insights" page, displays ratios of aggregate HTML page requests from crawlers associated with a given platform to the number of HTML page requests from clients referred by a hostname associated with that same platform. This allows site owners to see how often an AI model sends traffic to a site compared to how often it crawls that site, providing insights into the viability of content publication on the Internet. The metric is calculated by dividing the total number of requests from relevant user agents associated with a given search or AI platform where the response was of Content-type: text/html by the total number of requests for HTML content where the Referer header contained a hostname associated with that same search or AI platform. The data shows that AI applications often make more requests to crawl content than they send in traffic, which can impact the viability of content publication. Cloudflare has also launched expanded Verified Bots content on its Radar platform, providing a directory of verified bots and tools for site owners to block unwanted crawlers. This new metric and expanded bot verification capabilities aim to provide better information to help site owners make decisions about which AI bots to allow or block and how to ensure fair exchange of value between content creators and AI developers.
Jul 01, 2025
1,563 words in the original blog post.
Cloudflare is introducing a new feature called pay per crawl, which allows content creators to monetize their content at internet scale by charging AI crawlers for access. This feature enables content owners to have control over who accesses their work and when, while also providing an alternative to either blocking all AI crawlers or allowing them free access. Pay per crawl integrates with existing web infrastructure and uses HTTP response code 402 to create a framework for paid content access. Content creators can define a flat price across their entire site and choose to 'charge' specific crawlers, even if they don't have a billing relationship with Cloudflare. The system also includes features such as payment headers, access, and financial settlement, which enable secure and reliable transactions between crawlers and content owners. Pay per crawl is currently in private beta and aims to empower content creators to continue creating rich and diverse content while providing a new revenue stream for publishers. The feature has the potential to evolve significantly and introduce new types of interactions and marketplaces, such as dynamic pricing and granular licenses at internet scale.
Jul 01, 2025
1,307 words in the original blog post.
Cloudflare is introducing two new tools to help website owners control whether AI bots are allowed to access their content for model training. The first tool allows customers to create and manage a robots.txt file, which can be used to block or allow specific crawlers. The second tool blocks AI bots only on portions of the site that are monetized through ads, providing more granular control over AI bot activity. These new tools aim to protect content creators from having their content scraped for AI model training without their consent. Cloudflare's managed robots.txt offering will automatically update directives to block popular AI crawlers and prevent them from crawling sites that contain ads. The company also introduced a feature to detect when ads are shown on a hostname, allowing customers to block AI bots only on specific pages with ads. With these new tools, website owners can take control over how their content is used by AI models, ensuring they receive fair compensation for their work. Cloudflare's efforts aim to build a better Internet by protecting independent publishers and promoting transparency in the use of AI-powered crawlers. The company will continue to monitor the IETF's pending proposal on this topic and provide more granular control around AI bot management as needed.
Jul 01, 2025
3,383 words in the original blog post.