Subscribe to receive notifications of new posts:

How we prevent conflicts in authoritative DNS configuration using formal verification

2024-11-08

We describe how Cloudflare uses a custom Lisp-like programming language and formal verifier (written in Racket and Rosette) to prevent logical contradictions in our authoritative DNS nameserver’s behavior....

Continue reading »
How we prevent conflicts in authoritative DNS configuration using formal verification

A look at the latest post-quantum signature standardization candidates

2024-11-07

Post-QuantumResearchCryptographyTLS

NIST has standardized four post-quantum signature schemes so far, and they’re not done yet: there are fourteen new candidates in the running for standardization. In this blog post we take measure of them and discover why we ended up with so many PQ signatures....

Exploring Internet traffic shifts and cyber attacks during the 2024 US election

2024-11-06

Cloudflare RadarElectionsAthenian ProjectTrendsDDoSCloudflare for CampaignsInternet TrafficElection Security

Election Day 2024 in the US saw a surge in cyber activity. Cloudflare blocked several DDoS attacks on political and election sites, ensuring no impact. In this post, we analyze these attacks, as well Internet traffic increases across the US and other key trends....

Workers Builds: integrated CI/CD built on the Workers platform

2024-10-31

Developer PlatformDevelopersAgile Developer ServicesCloudflare Workers

Workers Builds, an integrated CI/CD pipeline for the Workers platform, recently launched in open beta. We walk through how we built this product on Cloudflare’s Developer Platform....

Moving Baselime from AWS to Cloudflare: simpler architecture, improved performance, over 80% lower cloud costs

2024-10-31

ObservabilityCloudflare WorkersDeveloper PlatformPerformance

Post-acquisition, we migrated Baselime from AWS to the Cloudflare Developer Platform and in the process, we improved query times, simplified data ingestion, and now handle far more events, all while cutting costs. Here’s how we built a modern, high-performing observability platform on Cloudflare’s network. ...

Cloudflare’s perspective of the October 30 OVHcloud outage

2024-10-30

Cloudflare RadarTrendsConsumer ServicesOutage

On October 30, 2024, cloud hosting provider OVHcloud (AS16276) suffered a brief but significant outage. Within this post, we review Cloudflare’s perspective on this outage....

Migrating billions of records: moving our active DNS database while it’s in use

2024-10-29

DNSAPIDatabaseKafkaPostgresTracingQuicksilver

DNS records have moved to a new database, bringing improved performance and reliability to all customers....

Forced offline: the Q3 2024 Internet disruption summary

2024-10-29

Cloudflare RadarInternet QualityInternet ShutdownOutageInternet TrafficConsumer Services

The third quarter of 2024 was particularly active, with quite a few significant Internet disruptions. Underlying causes included government-directed shutdowns, power outages, hurricane damage, terrestrial and submarine cable cuts, military action, and more....

Elephants in tunnels: how Hyperdrive connects to databases inside your VPC networks

2024-10-25

Developer PlatformDeep DiveCloudflare WorkersHyperdrivePostgresSQLRustWebSockets

Hyperdrive (Cloudflare’s globally distributed SQL connection pooler and cache) recently added support for directing database traffic from Workers across Cloudflare Tunnels. We dive deep on what it took to add this feature....

Build durable applications on Cloudflare Workers: you write the Workflows, we take care of the rest

2024-10-24

Developer PlatformCloudflare WorkersDurable ObjectsWorkflows

Cloudflare Workflows is now in open beta! Workflows allows you to build reliable, repeatable, long-lived multi-step applications that can automatically retry, persist state, and scale out. Read on to learn how Workflows works, how we built it on top of Durable Objects, and how you can deploy your first Workflows application....

Durable Objects aren't just durable, they're fast: a 10x speedup for Cloudflare Queues

2024-10-24

Product NewsCloudflare QueuesCloudflare WorkersDurable ObjectsDevelopersDeveloper Platform

Learn how we built Cloudflare Queues using our own Developer Platform and how it evolved to a geographically-distributed, horizontally-scalable architecture built on Durable Objects. Our new architecture supports over 10x more throughput and over 3x lower latency compared to the previous version....

4.2 Tbps of bad packets and a whole lot more: Cloudflare's Q3 DDoS report

2024-10-23

DDoS ReportsDDoSAdvanced DDoSCloudflare RadarAttacks

The number of DDoS attacks spiked in the third quarter of 2024. Cloudflare mitigated nearly 6 million DDoS attacks, representing a 49% increase QoQ and 55% increase YoY....

Fearless SSH: short-lived certificates bring Zero Trust to infrastructure

2024-10-23

Zero TrustCloudflare Zero TrustAcquisitionsSSHCloudflare AccessCloudflare OneCompliance

Access for Infrastructure, BastionZero’s integration into Cloudflare One, will enable organizations to apply Zero Trust controls to their servers, databases, Kubernetes clusters, and more. Today we’re announcing short-lived SSH access as the first available feature of this integration. ...

Training a million models per day to save customers of all sizes from DDoS attacks

2024-10-23

DDoSDeep DiveMachine Learning

In this post we will describe how we use anomaly detection to watch for novel DDoS attacks. We’ll provide an overview of how we build models which flag unusual traffic and keep our customers safe....

Is this thing on? Using OpenBMC and ACPI power states for reliable server boot

2024-10-22

InfrastructureOpen SourceOpenBMCServersFirmware

Cloudflare’s global fleet benefits from being managed by open source firmware for the Baseboard Management Controller (BMC), OpenBMC. This has come with various challenges, some of which we discuss here with an explanation of how the open source nature of the firmware for the BMC enabled us to fix the issues and maintain a more stable fleet....

Building Vectorize, a distributed vector database, on Cloudflare’s Developer Platform

2024-10-22

EngineeringDeveloper PlatformEdge DatabaseDeep DiveStorage

Vectorize was recently upgraded and made generally available, now supporting indexes of up to 5 million vectors, delivering faster responses, with lower pricing and a free tier. This post dives deep into how we built Vectorize to enable these improvements....

The story of web framework Hono, from the creator of Hono

2024-10-17

Cloudflare WorkersCloudflare Pages

Hono is a web framework that is fast, lightweight, and built using the Web Standards API. Hear the story of Hono by the creator of Hono....

Analysis of the EPYC 145% performance gain in Cloudflare Gen 12 servers

2024-10-15

AMDEPYCHardwareCloudflare Network

Cloudflare’s Gen 12 server is the most powerful and power efficient server that we have deployed to date. Through sensitivity analysis, we found that Cloudflare workloads continue to scale with higher core count and higher CPU frequency, as well as achieving a significant boost in performance with larger L3 cache per core....

Protect against identity-based attacks by sharing Cloudflare user risk scores with Okta

2024-10-15

Cloudflare Zero TrustOktaPartners

Uphold Zero Trust principles and protect against identity-based attacks by sharing Cloudflare user risk scores with Okta. Learn how this new integration allows your organization to mitigate risk in real time, make informed access decisions, and free up security resources with automation....