September 2025 Summaries
50 posts from Cloudflare
Filter
Month:
Year:
Post Summaries
Back to Blog
Content Management Systems (CMS) are fundamental tools for managing digital content across various platforms, with one notable example being the open-source project Payload, recently acquired by Figma. Payload has introduced a new template that allows users to deploy a fully-configured instance on Cloudflare's platform with just a single click, showcasing the capabilities of running a CMS in a serverless environment using Cloudflare Workers. This approach offers significant advantages by eliminating the need for constant server management and reducing costs, as applications only run when needed, leveraging Cloudflare's global network for enhanced performance. The integration with Cloudflare's D1 and R2 services further supports seamless database and media storage functionalities, demonstrating Payload's adaptability and robustness in managing large content libraries, exemplified by its use in Cloudflare TV. This development underscores the versatility and potential of CMSs, with Payload standing out due to its comprehensive features, community support, and compatibility with other frameworks like Next.js, while also highlighting other promising projects like SonicJs and microfeed.
Sep 30, 2025
1,880 words in the original blog post.
On September 29, 2025, Afghanistan experienced a significant internet shutdown that began as a brief service interruption and escalated into a complete nationwide disconnect, affecting both fixed and mobile services. While traffic data showed Afghan Wireless and Etisalat initially maintained some connectivity, by just after midday, the entire country went offline, causing disruptions to critical services such as banking and emergency communications. This shutdown followed earlier regional outages ordered by the Taliban to curb "immoral activities," significantly impacting commerce, education, and access to government services across multiple provinces. The event deepened Afghanistan's digital isolation, threatening its economy and exacerbating existing humanitarian challenges. Despite the widespread outage, a small amount of traffic continued through alternative routing, highlighting the complexity and varying impact across regions. The shutdown has drawn attention to the country's precarious situation, with analysts warning of further economic and social consequences.
Sep 30, 2025
1,434 words in the original blog post.
Cloudflare celebrated its 15th anniversary by reflecting on its contributions to the Internet's evolution, such as increasing encryption usage from 10% to 95% of Internet traffic, and addressing current challenges in content consumption. During Birthday Week 2025, Cloudflare announced several initiatives, including plans to hire 1,111 interns in 2026 to foster future tech leaders, the opening of physical hubs for startups in major cities, and the extension of free access to developer tools for students, non-profits, and public-interest organizations. The company also launched various new products and partnerships aimed at improving Internet security, enhancing AI capabilities, and supporting open-source projects, while emphasizing its commitment to community-building and continuous innovation.
Sep 29, 2025
1,746 words in the original blog post.
Five years ago, Cloudflare introduced a method to reduce cold starts in their Workers by pre-warming them during the TLS handshake, leveraging the TLS Server Name Indication (SNI) to preemptively prepare the Workers for incoming requests. Although the initial approach significantly reduced cold starts, the increasing complexity and size of applications deployed on Workers necessitated further innovations. Cloudflare's recent deployment of "Worker sharding" utilizes a consistent hash ring to efficiently manage Worker instances across their global network, routing requests to already active Workers to minimize cold starts. This approach addresses inefficiencies in the previous system, where requests often led to unnecessary cold starts due to suboptimal routing. By coalescing requests on single servers and using techniques like Cap'n Proto RPC for efficient load management and sharding, Cloudflare has managed to reduce the global Worker eviction rate by tenfold, improving memory efficiency and reducing latency. As a result, the warm request rate for enterprise traffic has improved from 99.9% to 99.99%, significantly decreasing the cold start rate. Despite these advancements, Cloudflare acknowledges that there is still potential for further improvement in optimizing their serverless computing platform.
Sep 26, 2025
3,705 words in the original blog post.
Cloudflare remains committed to being the fastest network globally by continuously measuring and improving its performance against competitors, with a focus on enhancing user experience. Regular updates, such as the one from September 2024, highlight Cloudflare's status as the fastest provider in 40% of the top 1,000 networks. Utilizing metrics like TCP connection time, measured through Real User Measurements (RUM), Cloudflare gathers data to identify areas for improvement and outperform competitors, often by narrow margins. This data-driven approach has enabled Cloudflare to make significant improvements, such as the strategic addition of partner data centers, which enhance network speed and user experience. Despite fluctuations in provider rankings, Cloudflare remains competitive, especially in challenging scenarios, and continues to strive for further optimization and transparency in its processes.
Sep 26, 2025
2,247 words in the original blog post.
The text introduces Cloudflare's new monitoring and observability tool, Observatory, alongside its complementary protection feature, Smart Shield. These innovations aim to enhance web application performance and resilience by providing a unified platform that integrates real-user data, synthetic testing, error rates, and backend telemetry. Observatory offers actionable insights with data-driven suggestions to improve key metrics such as Time to First Byte (TTFB) and Largest Contentful Paint (LCP). Smart Shield simplifies origin protection by combining essential features like dynamic traffic acceleration and intelligent caching into a single interface, reducing the complexity of managing origin routes and connections. Cloudflare's enhancements aim to improve user experiences by leveraging data from 20% of the web, while focusing on reducing the total cost of ownership and time-to-value for customers. The company plans to continue expanding these tools with more diagnostic capabilities and user-driven solutions, reinforcing its commitment to performance, availability, and security.
Sep 26, 2025
3,714 words in the original blog post.
The text discusses a new approach to using the Model Context Protocol (MCP) for AI agents by converting MCP tools into a TypeScript API, allowing large language models (LLMs) to write code that calls these APIs. This method significantly enhances the capability of agents to manage a wider range of tools, particularly complex ones, by leveraging the extensive amount of real-world TypeScript data in LLMs' training sets. Traditional MCP usage involves directly exposing tools to LLMs, which can be inefficient and limit the number of tools an agent can handle. The new approach avoids this by enabling the LLM to generate code that interacts with the MCP server, bypassing the need for the LLM to process each tool call individually and thereby conserving resources. This method utilizes the Cloudflare Workers platform, employing lightweight isolates rather than containers for executing code in secure sandboxes, which offers faster and more cost-effective deployment. The Worker Loader API facilitates this process by allowing on-demand code execution in isolated environments, enhancing security by using bindings that manage connectivity and authorization without exposing API keys. This development aims to streamline AI agent operations, making them more efficient and capable of handling complex tasks through standardized and secure API interactions.
Sep 26, 2025
2,934 words in the original blog post.
AS-SETs are Internet Routing Registry objects that enable network operators to group related networks, facilitating the management of downstream customer networks and the communication of routing preferences to other networks. Despite their critical role in Border Gateway Protocol (BGP) routing, AS-SETs are largely trust-based and prone to misuse, prompting the need for accurate management to prevent incidents like route leaks. Cloudflare Radar has introduced a public listing to aid network operators in monitoring AS-SET memberships and ensuring data accuracy. The text highlights the potential of future systems like Autonomous System Provider Authorization (ASPA) and RFC9234 to provide more reliable provider authorization and prevent routing misconfigurations. It encourages the adoption of hierarchical AS-SETs to ensure secure ownership and accuracy, emphasizing the importance of maintaining clean AS-SETs for improving network security and reliability.
Sep 26, 2025
1,525 words in the original blog post.
Cloudflare Radar has announced significant updates during their Birthday Week, introducing regional Internet traffic insights and enhanced Certificate Transparency (CT) data. The new regional insights allow users to observe Internet traffic trends at a more localized level, offering detailed breakdowns by region and autonomous systems, which is beneficial for understanding local events' impacts on traffic. The introduction of CT data enhances Radar's mission to offer in-depth visibility into Internet security by providing insights into TLS certificates, including details on certificate volume, characteristics, and issuance trends. These updates aim to provide more granular insights into Internet traffic and security, helping users understand the dynamics of online activity and the trust infrastructure. Additionally, the updates facilitate a deeper exploration of data through Cloudflare's Data Explorer and API, allowing for customized regional analyses and broader insights into certificate coverage and CT logs. As Cloudflare continues to enhance its offerings, feedback from users is encouraged to further refine these tools.
Sep 26, 2025
3,758 words in the original blog post.
Cloudflare has announced a private beta for AI Index for domains, a new tool designed to help content creators make their data accessible to AI in a controlled and monetizable way while offering AI builders access to better data. By enabling an AI-optimized search index, website owners can manage and monetize how their content is accessed, while AI builders can subscribe to specific sites to receive structured updates, reducing the need for indiscriminate crawling. This new system aims to create a fairer ecosystem where content creators have more control and are compensated for their data, and AI platforms receive high-quality, structured data. Furthermore, Cloudflare's Open Index aggregates individual site indexes into a unified platform, simplifying large-scale content discovery while maintaining individual site control and compensation through a pay-per-crawl model. This initiative seeks to shift the content discovery landscape towards a more equitable and efficient model for both creators and AI developers.
Sep 26, 2025
1,464 words in the original blog post.
Cloudflare has been committed to enhancing the speed and efficiency of its network since 2021, and the company has recently implemented a significant software upgrade that boosts performance by 25% and reduces response time by 10 milliseconds. This overhaul involved rebuilding their core system, known as FL, which had become cumbersome over 15 years of operation. FL2, the new system, is constructed using the Rust programming language and the Oxy framework, providing improved performance, security, and modularity. The transition to FL2 allows for more efficient handling of customer requests, enhanced security features, and smoother software upgrades without disrupting service. The move to FL2 has been gradual, starting in 2025, with Cloudflare now serving most customers through this new system while continuing to fine-tune and complete the migration, which is set to conclude in early 2026. The company anticipates further optimizations and expansions to support various traffic types, continuing its mission to deliver a faster and more reliable Internet experience.
Sep 26, 2025
3,483 words in the original blog post.
Cloudflare is enhancing its network speed globally by overhauling its software technology and addressing Internet-scale congestion with improved algorithms. By leveraging its extensive Free Plan user base, Cloudflare aims to optimize traffic routing across its network, resulting in a reported 10% increase in performance. The company uses its Argo Smart Routing product and insights from the global network to optimize connections, while managing congestion is crucial to prevent delays caused by overloaded nodes. Cloudflare is transitioning its network technology stack to a new platform powered by Rust, which allows for more flexibility in experimenting with congestion control algorithms. The company utilizes both passive logs and Real User Measurement (RUM) data to understand and enhance user experience, further refining its predictive models with insights from its largest customers. Experiments and improved algorithms for congestion control are currently being tested on free tier QUIC traffic, with plans to expand these enhancements to all customers over the coming years.
Sep 26, 2025
1,617 words in the original blog post.
The text discusses the global focus on AI as a tool for national transformation, highlighting both the opportunities and challenges it presents. Nations are striving for AI sovereignty, debating how much control they should have over technology predominantly developed in the U.S. and China. Cloudflare is aiding this pursuit by providing tools and infrastructure that enable countries to maintain autonomy over their data and AI models while fostering innovation through open standards. It emphasizes the importance of creating dynamic markets with diverse AI options, reducing entry barriers through serverless models, and supporting regional AI initiatives, particularly in India, Japan, and Southeast Asia, to develop solutions tailored to local languages and cultures. The overarching goal is to promote economic growth and social empowerment by integrating AI into various sectors, ensuring accessibility and customization for local needs.
Sep 25, 2025
1,177 words in the original blog post.
Cloudflare has partnered with PlanetScale to enable direct connections between Cloudflare Workers and PlanetScale databases, specifically Postgres and MySQL, allowing developers to build full-stack applications with enhanced performance and reliability. The integration leverages Hyperdrive, a distributed connection pooler and query caching infrastructure, to ensure optimal access speed and reduced latency by maintaining warm connections and caching frequently used queries. This collaboration simplifies the process of linking Cloudflare and PlanetScale accounts, eliminating the need for manual credential management, and offering secure, one-click password rotation. The setup facilitates seamless database connectivity across different Workers applications or environments, ensuring that developers can easily deploy globally distributed applications with efficient database interactions.
Sep 25, 2025
785 words in the original blog post.
Cloudflare's recent announcements highlight a range of new features and improvements aimed at enhancing developer experiences by reducing friction and increasing capabilities. These updates include expanded support for Node.js APIs, allowing for greater compatibility with existing coding frameworks, and enhancements to its AI Search platform, which now supports models from multiple providers like OpenAI. Cloudflare has also introduced larger and more powerful container instances, a new storage class with R2 Infrequent Access for cost-effective data management, and the general availability of the Media Transformations tool for video processing. Significant improvements have been made to Cloudflare Workers, offering increased disk space and CPU power, while the Remote Bindings feature facilitates seamless connection between local development and production services. Additionally, Cloudflare has made its Playwright browser automation library generally available, enabling AI agents to navigate web pages with increased efficiency, and introduced Stagehand, a framework that leverages natural language for browser tasks. These advancements demonstrate Cloudflare's ongoing commitment to providing developers with robust tools to build and scale applications effectively.
Sep 25, 2025
2,229 words in the original blog post.
The text discusses Cloudflare Workers, a serverless cloud platform that executes user code on a globally distributed infrastructure, emphasizing its efficiency and security architecture. To enhance security, Cloudflare leverages the V8 JavaScript runtime, originally developed for Chrome, and incorporates technologies like memory protection keys and the V8 sandbox. These features aim to isolate and protect scripts running on their servers from memory corruption attacks, a common vulnerability in executing third-party code. The platform employs defense-in-depth strategies, utilizing compressed pointers and sandboxing to confine potential threats to a restricted memory area, thereby preventing attackers from exploiting vulnerabilities to access unauthorized data. This comprehensive security framework allows Cloudflare to manage complex security challenges while offering low-latency, globally distributed services, ensuring users do not need to worry about maintaining their server software or configurations. The text concludes by inviting professionals with relevant expertise to join Cloudflare, which is expanding its workforce in the US and Europe.
Sep 25, 2025
3,352 words in the original blog post.
In April 2025, Cloudflare announced the public beta of its fully managed Apache Iceberg catalog, R2 Data Catalog, built on Cloudflare R2 object storage. This initiative expanded with the launch of Cloudflare Pipelines, which processes events using SQL and stores them in Iceberg or R2, and R2 SQL, a distributed SQL engine designed for large-scale data queries. Together, these components form the Cloudflare Data Platform, offering a comprehensive solution for data ingestion, storage, and analysis. Built on open standards, the platform allows integration with various query engines and platforms without egress fees, addressing the challenges of traditional, costly, and complex data infrastructures. The R2 Data Catalog simplifies metadata management with features like automatic compaction to enhance query performance, while R2 SQL, leveraging Cloudflare's global infrastructure, offers a serverless query experience. The platform is designed for ease of use, with affordable pricing, and aims to democratize access to analytical data processing by eliminating the need for specialized expertise and expensive infrastructure.
Sep 25, 2025
2,096 words in the original blog post.
Cloudflare has announced a private beta for its new Email Sending feature, which integrates with Cloudflare Workers to streamline the process of sending transactional emails, thereby enhancing developers' workflow. This capability is part of the broader Cloudflare Email Service, which also includes the existing Email Routing product, providing a comprehensive solution for both sending and receiving emails. The service emphasizes reliability and speed, crucial for maintaining user engagement, through features like automatic DNS record configuration and global low-latency delivery. Developers can utilize familiar frameworks to create HTML-rendered emails, integrate email functionalities seamlessly within their applications, and gain observability over email metrics. Additionally, the combination of Email Sending and Routing allows for sophisticated workflows, such as automated ticketing systems or AI-driven email parsing. While Email Sending will require a paid subscription, Email Routing remains free, and Cloudflare plans to release the private beta in November.
Sep 25, 2025
1,154 words in the original blog post.
Cloudflare has expanded its Cloudflare Workers platform to enhance compatibility with the Node.js ecosystem, enabling the seamless integration of numerous npm modules, including the popular Express framework. The initiative focuses on implementing a substantial subset of the Node.js standard library within Workers, covering key APIs such as node:console, node:crypto, node:fs, node:http, and more, with native support to approximate Node.js behavior closely. Notable enhancements include a virtual file system for node:fs, integration of networking APIs for node:http using existing Workers capabilities, and cryptographic functionalities via node:crypto. The updates, done using TypeScript and C++, aim to improve performance and memory usage, while ensuring robust error handling and compatibility with existing Node.js packages. Cloudflare also supports the Node.js community through contributions to the Node.js project and partnerships with the OpenJS Foundation. The Node.js compatibility features can be enabled in Workers by setting the nodejs_compat flag, allowing developers to leverage Node.js APIs in their applications.
Sep 25, 2025
4,436 words in the original blog post.
R2 SQL is a serverless query engine designed to execute SQL queries efficiently over petabyte-scale data stored in Cloudflare's R2 object storage, leveraging the Apache Iceberg format for logical organization. It eliminates the need to set up separate services like Apache Spark or Trino by enabling direct querying of Iceberg tables, utilizing a two-phase approach to overcome I/O and compute challenges. The Query Planner intelligently prunes data using metadata and statistics, while the Query Execution system distributes the workload across Cloudflare's global network for parallel processing. By implementing a streaming planning pipeline and prioritizing data that aligns with the query's ORDER BY clause, R2 SQL minimizes query latency and often finishes processing early without reading the entire dataset. The architecture incorporates Apache DataFusion for efficient partition-based query execution, optimizing data access and reducing computational overhead. Future enhancements aim to support complex aggregations and improve developer experience, with R2 SQL currently available in open beta.
Sep 25, 2025
2,969 words in the original blog post.
Cloudflare is transitioning to a model where nearly all of its features will be accessible to any customer, irrespective of whether they have an enterprise account. This shift begins by making Single Sign-On (SSO) available to all users, eliminating the need for sales consultations or contracts. The company aims to democratize access to its advanced tools, traditionally reserved for enterprise customers, in order to enhance Internet security and user experience across all customer tiers. This change addresses a historical divide where powerful features were limited to larger companies, and it encourages Cloudflare's product teams to ensure features are user-friendly from the outset. While some features, due to technical or legal constraints, may remain exclusive, Cloudflare is committed to simplifying its billing and access processes to enhance customer experience. The company is also introducing options like GitHub as a social login provider, and it plans to continue updating users as more features become broadly available. This initiative aligns with Cloudflare's mission to build a better Internet by making top-tier tools accessible to all.
Sep 25, 2025
1,319 words in the original blog post.
The text introduces the Content Signals Policy, a new addition to the robots.txt protocol designed to help website operators indicate their preferences for how their content should be used after being accessed by web crawlers and bots. This policy aims to maintain open access to web content while offering creators more control over their data's use, addressing issues like unwanted data scraping and the economic disadvantages faced by content creators. The Content Signals Policy allows website owners to specify preferences using three content signals—search, ai-input, and ai-train—via a machine-readable format in their robots.txt files, enabling them to allow or disallow certain uses of their content, such as training AI models. While the policy serves as a way to express preferences, it does not act as a technical barrier against non-compliant entities, and website operators are encouraged to combine it with other security measures like WAF rules and Bot Management. Released under a CC0 License to encourage widespread adoption, the policy reflects a broader effort to establish standardized solutions that help keep the internet open while protecting content creators' rights.
Sep 24, 2025
1,841 words in the original blog post.
The Salesloft breach highlighted the difficulty of monitoring connections between SaaS applications, revealing significant security vulnerabilities for data owners and SaaS platform providers. In response, Cloudflare is developing a solution that utilizes a proxy to consolidate SaaS connections, enhancing monitoring, detection, and response capabilities. This approach aims to give data owners control over who accesses their data, where it's accessed from, and allows for instant access shutdown in case of a breach. For SaaS platforms, Cloudflare's deployment model offers improved visibility into SaaS to SaaS connections, complemented by API Shield enhancements for better session and token management. The solution employs key splitting to securely manage tokens, preventing unauthorized access even in the event of a breach. Cloudflare seeks feedback from the community to refine these tools and is inviting interested parties to participate in early access programs.
Sep 24, 2025
1,443 words in the original blog post.
The Internet is undergoing a crucial transition to post-quantum cryptography (PQC) to prepare for the potential threat of quantum computers breaking classical cryptographic systems. The U.S. National Institute of Standards and Technology (NIST) has set a timeline for phasing out classical cryptography by 2035. Cloudflare is ahead of schedule by implementing PQC across its products, including the WARP client, which now supports post-quantum key agreement, providing immediate protection against potential future data breaches. The transition involves an intricate process, including a phased approach to introducing PQC in the WARP client, balancing security and robustness, and supporting multiple operating systems. Cloudflare's strategy includes using post-quantum encrypted tunnels to protect internet traffic, even if individual connections have not yet adopted PQC. This effort is part of Cloudflare's commitment to making a secure and private Internet accessible at no extra cost, while maintaining compliance with standards like FedRAMP and FIPS for cryptography.
Sep 24, 2025
2,531 words in the original blog post.
The text discusses the introduction and evolution of a CSAM Scanning Tool designed to help website operators identify and prevent the spread of child sexual abuse material on their platforms. Initially launched to make this technology accessible beyond large social media companies by partnering with organizations like NCMEC and Interpol, the tool faced challenges in adoption due to the requirement for users to set up their own credentials. Recent changes have simplified the process by eliminating the need for unique NCMEC credentials, resulting in a significant increase in tool adoption. The tool employs fuzzy hashing to detect altered images, enhancing its ability to identify CSAM even if modifications are made. Despite the streamlined process, site operators are still responsible for filing reports with NCMEC or regional counterparts. The aim is to democratize access to tools that contribute to a safer Internet, and the text encourages website owners to implement the tool, offering further resources for technical support and community engagement.
Sep 24, 2025
644 words in the original blog post.
Cloudflare highlights the dual impact of AI-powered chatbots and search summaries on internet users and web publishers, emphasizing the need for clear guidelines on AI bot behavior to maintain the internet's integrity. While users benefit from quick information access, publishers face reduced website traffic, threatening their revenue and content creation. Cloudflare proposes five principles to guide AI bot operations: public disclosure, self-identification, declared single purpose, respecting website preferences, and acting with good intent. These guidelines aim to promote transparency and accountability, encouraging a balance between innovation and content creator rights. Cloudflare commits to fostering dialogue among stakeholders, including AI companies, content creators, and policymakers, to establish industry standards that support an open, quality-focused internet.
Sep 24, 2025
2,945 words in the original blog post.
The Internet's dynamic nature necessitates continuous evolution in web security technologies, such as Transport Layer Security (TLS) and emerging post-quantum cryptography (PQC). Cloudflare's Automatic SSL/TLS, launched during Birthday Week 2024, aims to automatically enhance encryption levels for domains by scanning and upgrading origin server configurations to the most secure modes possible. Over six million domains have benefited from this service, enhancing security without manual intervention. TLS 1.3 has accelerated secure connections through speculative key agreement guessing, while preparations for the quantum era involve hybrid key agreements integrating ML-KEM. Although early TLS versions suffered from vulnerabilities, subsequent iterations, particularly TLS 1.3, have streamlined encryption processes, boosting both security and performance. As encryption becomes increasingly integral, Cloudflare's Automatic SSL/TLS continues to facilitate a shift towards stronger encryption, helping domains transition from HTTP to HTTPS and preparing for the post-quantum era. Future enhancements aim to offer more visibility and control, ensuring a robust and encrypted Internet landscape.
Sep 24, 2025
3,608 words in the original blog post.
Security and IT teams are grappling with the challenges of managing employee adoption of AI tools, which often bypass traditional oversight and create "Shadow AI," posing significant compliance, data privacy, and security risks. To address this, Cloudflare has introduced Application Confidence Scorecards as part of its AI Security features within the Cloudflare One SASE platform, aiming to streamline the evaluation of generative AI and SaaS applications. These scorecards automate the laborious task of assessing the safety and trustworthiness of AI tools by providing a clear score based on factors such as compliance certifications, data management practices, and the maturity of the provider. This innovation allows organizations to implement security policies more confidently, protecting sensitive data and maintaining compliance while embracing technological innovation. Cloudflare's system combines automated data extraction with human validation to ensure accurate scoring, and these scores are integrated into the Cloudflare dashboard, offering real-time updates and enabling enforcement of security policies. Cloudflare's initiative seeks to make AI adoption safer and more secure, providing free access to the scorecards and inviting users to participate in further research on AI security.
Sep 23, 2025
1,253 words in the original blog post.
Cloudflare's Project Galileo has expanded to include Bot Management and AI Crawl Control services, offering free protection to approximately 750 journalists and non-profit news organizations worldwide. Launched in 2014, Project Galileo aims to safeguard civic voices online and has grown to support over 3,000 groups in 125 countries. With the rise of AI-driven web interactions, news organizations face declining traffic, impacting their revenue from subscriptions and advertising. The inclusion of AI Crawl Control enables these organizations to manage AI bots' access to their content, helping them negotiate fair compensation and maintain traffic. This development is crucial for local news entities, which are already grappling with financial challenges and closures. Cloudflare's tools, which differentiate between beneficial and harmful bots, empower news organizations to protect their intellectual property and explore new revenue streams, supporting quality journalism in a digital age.
Sep 23, 2025
1,179 words in the original blog post.
Cloudflare and Coinbase have teamed up to launch the x402 Foundation to promote the adoption of the x402 protocol, designed to facilitate machine-to-machine transactions over the web by standardizing payment processes. Unlike traditional human-centered payment systems, x402 enables digital services to directly transact using a framework that leverages HTTP 402 response codes, previously underutilized due to a lack of standardization. The protocol aims to streamline payments for various use cases, from purchasing goods through digital assistants to enabling AI agents to pay per service session. The introduction of a deferred payment scheme further enhances x402 by allowing delayed settlements and aggregated payments, accommodating both traditional payment methods and stablecoins. Cloudflare is integrating x402 into its Agents SDK and MCP servers, with a live demo available in the x402 playground, showcasing the protocol's capabilities in real-world applications. The ongoing development with Coinbase seeks to establish x402 as a recognized standard, inviting contributions from the broader community to refine and expand the protocol's use.
Sep 23, 2025
1,490 words in the original blog post.
The text discusses the sponsorship of two major open-source projects, Astro and TanStack, by Cloudflare, in collaboration with Netlify and Webflow. Astro is praised for its high-performance and content-driven architecture, which aligns with Cloudflare's requirements for its developer documentation site. Its framework-agnostic nature allows integration with various JavaScript components without vendor lock-in. Meanwhile, TanStack offers a comprehensive suite of libraries to address complex challenges in modern web application development, such as state management and routing, and has recently released a new full-stack framework, TanStack Start 1.0. The sponsors believe in sustaining an open-source ecosystem that benefits the web community, encouraging developers to utilize and contribute to these frameworks, emphasizing that collaboration among competing companies strengthens the open web's foundation.
Sep 23, 2025
886 words in the original blog post.
The text introduces VibeSDK, an open-source AI-powered platform designed to simplify the creation and deployment of applications through a process called "vibe coding." This platform allows users to build applications by merely describing their requirements in a few sentences, leveraging large language models (LLMs) for tasks such as code generation, debugging, and real-time iteration. VibeSDK offers features like isolated development environments, project templates, and integration with Cloudflare's infrastructure for infinite scalability and secure application hosting. The platform supports exporting applications to users' GitHub or Cloudflare accounts, fostering further development. It is designed to be accessible for both internal and external use, enabling non-technical teams to create tools independently while maintaining data privacy and control. By open-sourcing VibeSDK, the creators aim to democratize access to AI coding platforms, allowing anyone to customize and deploy their own solutions easily.
Sep 23, 2025
1,489 words in the original blog post.
Cloudflare has announced a new platform to combat sophisticated AI-driven bot attacks, particularly focusing on web scraping. This new approach provides per-customer behavioral anomaly detection, allowing for hyper-personalized security on individual websites. The system tracks bot behavior over time to identify anomalies against a baseline of normal activity specific to each customer, enabling the detection of bots that blend in with human traffic. It involves a three-step process: establishing dynamic baselines, identifying anomalies, and generating actionable findings. This is particularly important as modern bots use AI to mimic human interaction, making traditional detection methods ineffective. Cloudflare's platform leverages its vast network to create unique defense models for each customer, improving the bot score system and integrating seamlessly with existing security tools like Super Bot Fight Mode and Enterprise Bot Management. The initial focus is on detecting AI-driven scraping, with plans to expand to other threats such as credential stuffing and inventory hoarding, aiming to raise the baseline of Internet security for all users.
Sep 23, 2025
2,491 words in the original blog post.
Cloudflare is supporting two independent open-source projects, Ladybird and Omarchy, to promote a diverse and open Internet. Ladybird is an ambitious endeavor to build a completely independent web browser from scratch, featuring its own rendering and JavaScript engines, aiming to challenge the dominance of Chromium-based browsers and foster innovation in privacy, performance, and security. Omarchy offers a tailored Arch Linux setup for developers, simplifying the process of creating a modern development environment and making Linux more accessible. Cloudflare's backing of these projects underscores its commitment to enhancing Internet ecosystems without imposing any requirements or conditions, thus promoting a healthier digital landscape where there is more choice both in web browsers and development environments.
Sep 22, 2025
1,084 words in the original blog post.
Cap'n Web is a new RPC protocol written in TypeScript, designed as a web-friendly counterpart to Cap'n Proto. It eliminates the need for schemas and boilerplate, using JSON for serialization and supporting HTTP, WebSocket, and postMessage for transport. Cap'n Web is lightweight, open source under the MIT license, and can be minified to under 10 kB. It enables bidirectional calling, passing functions and objects by reference, promise pipelining, and capability-based security patterns. This allows developers to design RPC interfaces similarly to JavaScript APIs while addressing network latency issues. Cap'n Web is compatible with TypeScript, enabling type-safe RPC API declarations. It offers an alternative to GraphQL by solving the "waterfall" problem in REST APIs without introducing new languages or ecosystems, allowing complex interactions to be modeled in JavaScript. Cap'n Web also introduces a novel way of handling arrays with a special `.map()` operation that enables server-side transformations without additional network round trips.
Sep 22, 2025
2,831 words in the original blog post.
Cloudflare has announced its plan to hire 1,111 interns globally in 2026, emphasizing the importance of internships as a pipeline for talent and innovation, particularly in the realm of AI. This initiative reflects Cloudflare's commitment to fostering new ideas and addressing challenges with fresh perspectives, as it believes that AI tools enhance rather than replace human contributions. Interns at Cloudflare are integrated into various teams, from engineering to finance, and are expected to deliver tangible results, thereby gaining practical experience and building professional networks. The program, which includes a focus on AI-powered applications, provides competitive compensation and requires interns to work primarily in hub locations, supporting the belief that in-person mentorship is crucial. Cloudflare's approach contrasts with trends of decreased intern hiring elsewhere, asserting that investing in emerging talent is essential for long-term success.
Sep 22, 2025
1,689 words in the original blog post.
Cloudflare is planning to open its office spaces to startups and independent builders starting in 2026, transforming them into inclusive coworking environments in major cities such as San Francisco, Austin, London, and Lisbon. This initiative aims to foster collaboration and innovation by providing a space for people to work and connect, building on Cloudflare's legacy of hosting community events and supporting early-stage companies. The company recognizes that its physical spaces have been underutilized, particularly on Mondays and Fridays, and sees this move as a way to maximize the potential of its offices. By offering these spaces at no cost, Cloudflare intends to support the growth of startups, encouraging diverse working styles and enhancing its community-focused mission. The program will initially be available to participants of Cloudflare's Startup Program, with a structured registration process to manage access, and plans to expand further in the future.
Sep 22, 2025
952 words in the original blog post.
Cloudflare for Startups, launched in 2018, aims to support startups by alleviating high infrastructure costs and facilitating innovation and scaling. By offering up to $250,000 in cloud credits for use on its Developer Platform, Cloudflare enables founders to focus on building products and growing their businesses. The Cloudflare Workers Launchpad Program, introduced during Birthday Week 2022, initially provided $1.25 billion in potential funding through partnerships with 26 venture capital firms, which has since expanded to $2 billion. The program has welcomed 145 startups from 23 countries, addressing challenges in various industries, including AI, developer tools, and finance. Participants benefit from bootcamp sessions, design support, and access to a vast VC network, fostering growth and collaborations. Notable acquisitions include Nefeli Networks and Outerbase, while startups like Langbase and Sherpo.io have emerged as key players in their fields. The program is praised for its community and expert guidance, helping startups scale and innovate rapidly. As the program continues to grow, Cloudflare remains committed to supporting and empowering the next generation of entrepreneurs.
Sep 22, 2025
1,606 words in the original blog post.
Cloudflare has launched a new initiative, Cloudflare for Students, which offers 12 months of free access to its developer platform for U.S. students aged 18 and over with a verified .edu email. This initiative aims to eliminate financial barriers for students who need production-grade tools and computational resources for building applications and projects. The offering includes increased usage allotments for several Cloudflare tools, such as Workers, Pages Functions, and Durable Objects, among others, compared to the standard free plan. After the 12-month period, students can choose to subscribe to the paid plan or revert to the free plan without incurring charges. Additionally, students gain access to a dedicated developer community on Discord. The initiative is currently available only in the United States, but Cloudflare plans to expand it to other countries in the future.
Sep 22, 2025
1,873 words in the original blog post.
Cloudflare has announced that non-profit, civil society, and public interest organizations can now join the Cloudflare for Startups program, offering up to $250,000 in Cloudflare credits for use on various developer and core products. This initiative aims to support non-profits facing funding shortages and technological deficits by providing scalable resources and infrastructure. The program, which mirrors challenges faced by startups, is designed to help small teams maximize their impact globally by focusing on their ideas rather than infrastructure management. The application period is open until December 1, 2025, and will be assessed based on the project's description, requirements, and potential impact. This effort comes in response to a challenging year for non-profits, who are struggling with reduced government funding and increased demand for services, while new non-profit startups are emerging to address these gaps innovatively.
Sep 22, 2025
975 words in the original blog post.
Cloudflare, celebrating its 15th anniversary, reflects on the evolution of the Internet and envisions a transformative future driven by AI. Over the past decade and a half, significant progress has been made in areas like encryption, while others, such as IPv6 adoption, lag behind. The enduring Internet business model has relied heavily on traffic generation, often incentivizing low-quality content through clickbait. However, the rise of AI-powered "Answer Engines" like ChatGPT and Anthropic's Claude presents a challenge to traditional traffic-based models, particularly impacting media companies as they shift from search to direct answers. This change threatens the business models of content creators who rely on traffic and ads for revenue. Cloudflare sees an opportunity to foster a healthier Internet ecosystem by advocating for a new business model where content creators are compensated for enriching AI systems. The company emphasizes the importance of collaboration among AI companies, content creators, and infrastructure providers to ensure a sustainable Internet. Cloudflare is optimistic about the potential for a new golden age of Internet content, driven by creative, local, and unique contributions, and is taking steps to support this shift through partnerships and new tools.
Sep 21, 2025
2,311 words in the original blog post.
As quantum computing advances, it threatens the security of traditional cryptographic systems by potentially solving complex mathematical problems that underpin current public-key cryptography. This development has sparked the need for organizations to prepare for "Q-day," when quantum computers can break conventional cryptography. Post-quantum cryptography (PQC) offers a viable solution without requiring new hardware, as it can run on existing devices and provides security against quantum attacks. While quantum key distribution (QKD) and quantum random number generation (QRNG) are often marketed as necessary quantum security technologies, they are neither essential nor sufficient to ensure security in the quantum age. QKD, in particular, does not scale for widespread Internet use, and QRNG does not offer significant advantages over classical random number generators. Organizations like Cloudflare are leading in deploying PQC, ensuring data protection against future threats, and advocating for investments in PQC as a key strategy for quantum readiness.
Sep 19, 2025
2,363 words in the original blog post.
Cloudflare has introduced a new feature that allows routing traffic to Cloudflare Tunnel based on hostnames or domains, eliminating the dependence on ever-changing IP addresses and simplifying the process of implementing zero-trust security policies. This development aligns with the shift encouraged by the National Institute of Standards and Technology (NIST) towards a Zero Trust model, which involves granting access to specific resources rather than broad network permissions, thereby enhancing security by minimizing potential attack surfaces. The feature enables organizations to create precise, per-resource authorization policies without needing to manage complex and brittle IP lists. It also addresses the challenges of modern cloud environments where IP addresses are often unstable due to factors like dynamic load balancing and ephemeral infrastructure. By using hostname routing, Cloudflare facilitates secure connections to both private and third-party services, helping users enforce user-based zero-trust policies effectively. The functionality is built on a "synthetic IP" mechanism that tags traffic based on DNS queries, allowing decisions to be made at the network layer before seeing application-level data. This new capability is integrated into Cloudflare Tunnel and is available for all Cloudflare One customers, representing a significant step in making zero-trust architecture more intuitive and accessible.
Sep 18, 2025
3,261 words in the original blog post.
Cloudflare is set to enhance its performance analytics suite by integrating Web Analytics with real user monitoring (RUM) tools and network-level insights, aiming to provide comprehensive, privacy-first monitoring and debugging capabilities. This initiative addresses the complexity of diagnosing and resolving performance issues across multiple Internet layers, from users' devices to servers, without compromising user privacy. By offering detailed visibility into factors affecting latency, such as DNS lookups and server processing times, the new platform will help developers optimize web applications globally. Starting October 15, 2025, Web Analytics will be enabled by default for all free domains, allowing users to track performance metrics in real-time without collecting personal data, except for EU and UK traffic. Cloudflare's approach focuses on correlating client-side metrics with network and origin data, offering actionable insights to improve site performance and user experience. This marks the beginning of a journey to build a unified platform where developers can address performance bottlenecks and innovate, as detailed in their ongoing series, The RUM Diaries.
Sep 17, 2025
2,359 words in the original blog post.
Security teams face challenges with manual response processes, leading to delays and alert fatigue. To address this, a new integration between Cloudflare One and CrowdStrike's Falcon® Fusion SOAR has been announced, offering automated responses to common threats. This integration includes two pre-built solutions for Zero Trust and Email Security, helping organizations using CrowdStrike Falcon® Insight XDR or Next-Gen SIEM to quickly tackle phishing, malware, and suspicious activities with minimal manual intervention. By utilizing a drag-and-drop editor, SOC teams can automate workflows across platforms, significantly reducing response times. The integration relies on webhook and API interactions, ensuring threats are efficiently managed from both network and endpoint perspectives. Organizations can activate these workflows via the Cloudflare Dashboard or CrowdStrike console, and further customization is possible through APIs and custom playbooks.
Sep 15, 2025
830 words in the original blog post.
Cloudflare experienced a significant outage in its Tenant Service API, which led to widespread disruptions in many of its APIs and the Cloudflare Dashboard. This incident was triggered by a bug in the dashboard that caused excessive calls to the Tenant Service API due to a React useEffect hook misconfiguration, resulting in repeated API calls during a single dashboard render. Compounding this was a concurrent service update that caused the Tenant Service to become overwhelmed and fail, adversely affecting API request authorization and leading to 5xx errors. To address the issue, Cloudflare increased resources for the Tenant Service, implemented a temporary rate-limiting rule, and reverted problematic changes. However, a well-intentioned patch further degraded service before it was rolled back. The incident underscored the importance of improving release processes and observability tools, and Cloudflare plans to enhance its systems to better manage such incidents in the future. Despite the outage, core network services remained unaffected, and efforts are underway to prevent similar occurrences by adopting measures such as Argo Rollouts for error detection and rollback, increasing resource allocation, and improving monitoring and visibility tools.
Sep 12, 2025
1,107 words in the original blog post.
Cloudflare Workers now supports the node:http client and server APIs, allowing developers to run Node.js applications on its serverless platform without needing to rewrite their code. This enhancement enables the deployment of frameworks like Express.js and Koa globally with zero cold starts, automatic scaling, and reduced latency. The Workers environment abstracts complex networking tasks such as TLS negotiation and connection management, which are handled by Cloudflare's systems like the Open Egress Router and Pingora, providing enterprise-grade networking without manual intervention. This setup makes Workers distinct from traditional Node.js environments but more efficient for serverless computing. Developers can integrate Node.js-style HTTP servers with Workers' request handling model through manual or automatic methods, using familiar APIs built on top of the native fetch() API to maintain compatibility and performance. The platform supports popular HTTP methods, headers, and streaming responses, although some Node.js-specific features like TLS options and certain response types are not supported. This development aligns with Cloudflare's goal of making its platform optimal for running JavaScript applications at the edge.
Sep 08, 2025
1,136 words in the original blog post.
Cloudflare recently discovered that unauthorized certificates were issued by Fina CA for its public DNS resolver service at the IP address 1.1.1.1, without Cloudflare's consent, between February 2024 and August 2025. While there is no evidence of malicious use, the incident highlights a lapse in security by Fina CA, which issued these certificates for internal testing purposes without verifying domain control. All unauthorized certificates have since been revoked. Cloudflare emphasized the importance of Certificate Transparency in identifying such issues and plans to enhance its monitoring and alerting systems to prevent similar incidents in the future. The company also highlighted the potential risks of unencrypted DNS queries and advocated for improved security measures for DNS clients using DNS over HTTPS (DoH) and DNS over TLS (DoT), which rely on certificate validation to establish server authenticity.
Sep 04, 2025
3,356 words in the original blog post.
In AI Week 2025, Cloudflare unveiled a series of initiatives to help businesses harness AI's potential while maintaining control and safety. The event highlighted four key areas: securing AI environments, protecting original content, enabling developers to build secure AI experiences, and enhancing Cloudflare's capabilities through AI. The company introduced new features like AI prompt protection and AI Crawl Control, and enhanced tools like Cloudflare CASB, to manage AI usage and content security. Cloudflare also expanded its AI infrastructure with AI Gateway, Infire inference engine, and Omni platform to optimize AI model deployment. The week concluded with promises of future developments and a video recap featuring Kenny Johnson and João Tomé.
Sep 03, 2025
1,229 words in the original blog post.
Cloudflare recently disclosed a security breach linked to the Salesloft Drift incident, where an external threat actor accessed Cloudflare's Salesforce instance, affecting hundreds of companies globally. The breach enabled unauthorized access to customer support case data, potentially compromising sensitive information, though no Cloudflare infrastructure was directly affected. In response, Cloudflare initiated a comprehensive investigation and implemented security measures, including disabling compromised integrations, rotating credentials, and notifying affected customers. The breach highlighted the risks associated with third-party integrations, leading Cloudflare to enhance its security protocols and share threat intelligence to prevent future incidents. The company has apologized for the breach and is committed to preventing similar occurrences in the future.
Sep 02, 2025
3,399 words in the original blog post.