Introducing Accelerated Mobile Links: Making the Mobile Web App-Quick

Published on by Matthew Prince.

In 2017, we've predicted that more than half of the traffic to Cloudflare's network will come from mobile devices. Even if they are formatted to be displayed on a small screen, the mobile web is built on traditional web protocols and technologies that were designed for desktop CPUs, network connections, and displays. As a result, browsing the mobile web feels sluggish compared with using native mobile apps. In…

Cloudflare’s Transparency Report for Second Half 2016 and an Additional Disclosure for 2013

Published on by Kenneth R. Carter.

Cloudflare is publishing today its seventh transparency report, covering the second half of 2016. For the first time, we are able to present information on a previously undisclosed National Security Letter (NSL) Cloudflare received in the 2013 reporting period. Wikipedia provides the most succinct description of an NSL: An NSL is an administrative subpoena issued by the United States federal government to gather information for national security purposes.…

Token Authentication for Cached Private Content and APIs

Published on by Michael Tremante.

While working to make the Internet a better place, we also want to make it easier for our customers to have control of their content and APIs, and who has access to them. Using Cloudflare’s Token Authentication features, customers can implement access control via URL tokens or HTTP request headers without having to build complex back-end systems. Cloudflare will check these tokens at the edge before any…

The Porcupine Attack: investigating millions of junk requests

Published on by Marek Majkowski.

We extensively monitor our network and use multiple systems that give us visibility including external monitoring and internal alerts when things go wrong. One of the most useful systems is Grafana that allows us to quickly create arbitrary dashboards. And a heavy user of Grafana we are: at last count we had 645 different Grafana dashboards configured in our system! grafana=> select count(1) from dashboard; count…

How and why the leap second affected Cloudflare DNS

Published on by John Graham-Cumming.

At midnight UTC on New Year’s Day, deep inside Cloudflare’s custom RRDNS software, a number went negative when it should always have been, at worst, zero. A little later this negative value caused RRDNS to panic. This panic was caught using the recover feature of the Go language. The net effect was that some DNS resolutions to some Cloudflare managed web properties failed. The problem only…