The Cloudflare Blog

Subscribe to receive notifications of new posts:

Bigger and badder: how DDoS attack sizes have evolved over the last decade

2024-11-20

If we plot the metrics associated with large DDoS attacks observed in the last 10 years, does it show a straight, steady increase in an exponential curve that keeps becoming steeper, or is it closer to a linear growth? Our analysis found the growth is not linear but rather is exponential, with the slope varying depending on the metric (rps, pps or bps). ...

Continue reading »
Bigger and badder: how DDoS attack sizes have evolved over the last decade

Resilient Internet connectivity in Europe mitigates impact from multiple cable cuts

2024-11-20

Cloudflare RadarInternet TrafficTrafficOutage

Two recent cable cuts that occurred in the Baltic Sea resulted in little-to-no observable impact to the affected countries, in large part because of the significant redundancy and resilience of Internet infrastructure in Europe. ...

DO it again: how we used Durable Objects to add WebSockets support and authentication to AI Gateway

2024-11-19

AIAI GatewayDevelopersDeveloper PlatformAgile Developer ServicesJavaScript

We used Cloudflare’s Developer Platform and Durable Objects to build authentication and a WebSockets API that developers can use to call AI Gateway, enabling continuous communication over a single, persistent connection....

What’s new in Cloudflare: Account Owned Tokens and Zaraz Automated Actions

2024-11-14

IdentitySecurityDevelopersProduct NewsZarazAnalyticsManaged Components

Cloudflare customers can now create Account Owned Tokens , allowing more flexibility around access control for their Cloudflare services. Additionally, Zaraz Automation Actions streamlines event tracking and third-party tool integration. ...

How we prevent conflicts in authoritative DNS configuration using formal verification

2024-11-08

DNSResearchAddressingFormal Methods

We describe how Cloudflare uses a custom Lisp-like programming language and formal verifier (written in Racket and Rosette) to prevent logical contradictions in our authoritative DNS nameserver’s behavior....

A look at the latest post-quantum signature standardization candidates

2024-11-07

Post-QuantumResearchCryptographyTLS

NIST has standardized four post-quantum signature schemes so far, and they’re not done yet: there are fourteen new candidates in the running for standardization. In this blog post we take measure of them and discover why we ended up with so many PQ signatures....

Exploring Internet traffic shifts and cyber attacks during the 2024 US election

2024-11-06

Cloudflare RadarElectionsAthenian ProjectTrendsDDoSCloudflare for CampaignsInternet TrafficElection Security

Election Day 2024 in the US saw a surge in cyber activity. Cloudflare blocked several DDoS attacks on political and election sites, ensuring no impact. In this post, we analyze these attacks, as well Internet traffic increases across the US and other key trends....

Workers Builds: integrated CI/CD built on the Workers platform

2024-10-31

Developer PlatformDevelopersAgile Developer ServicesCloudflare Workers

Workers Builds, an integrated CI/CD pipeline for the Workers platform, recently launched in open beta. We walk through how we built this product on Cloudflare’s Developer Platform....

Moving Baselime from AWS to Cloudflare: simpler architecture, improved performance, over 80% lower cloud costs

2024-10-31

ObservabilityCloudflare WorkersDeveloper PlatformPerformance

Post-acquisition, we migrated Baselime from AWS to the Cloudflare Developer Platform and in the process, we improved query times, simplified data ingestion, and now handle far more events, all while cutting costs. Here’s how we built a modern, high-performing observability platform on Cloudflare’s network. ...

Cloudflare’s perspective of the October 30 OVHcloud outage

2024-10-30

Cloudflare RadarTrendsConsumer ServicesOutage

On October 30, 2024, cloud hosting provider OVHcloud (AS16276) suffered a brief but significant outage. Within this post, we review Cloudflare’s perspective on this outage....

Migrating billions of records: moving our active DNS database while it’s in use

2024-10-29

DNSAPIDatabaseKafkaPostgresTracingQuicksilver

DNS records have moved to a new database, bringing improved performance and reliability to all customers....

Forced offline: the Q3 2024 Internet disruption summary

2024-10-29

Cloudflare RadarInternet QualityInternet ShutdownOutageInternet TrafficConsumer Services

The third quarter of 2024 was particularly active, with quite a few significant Internet disruptions. Underlying causes included government-directed shutdowns, power outages, hurricane damage, terrestrial and submarine cable cuts, military action, and more....

Elephants in tunnels: how Hyperdrive connects to databases inside your VPC networks

2024-10-25

Developer PlatformDeep DiveCloudflare WorkersHyperdrivePostgresSQLRustWebSockets

Hyperdrive (Cloudflare’s globally distributed SQL connection pooler and cache) recently added support for directing database traffic from Workers across Cloudflare Tunnels. We dive deep on what it took to add this feature....

Build durable applications on Cloudflare Workers: you write the Workflows, we take care of the rest

2024-10-24

Developer PlatformCloudflare WorkersDurable ObjectsWorkflows

Cloudflare Workflows is now in open beta! Workflows allows you to build reliable, repeatable, long-lived multi-step applications that can automatically retry, persist state, and scale out. Read on to learn how Workflows works, how we built it on top of Durable Objects, and how you can deploy your first Workflows application....

Durable Objects aren't just durable, they're fast: a 10x speedup for Cloudflare Queues

2024-10-24

Product NewsCloudflare QueuesCloudflare WorkersDurable ObjectsDevelopersDeveloper Platform

Learn how we built Cloudflare Queues using our own Developer Platform and how it evolved to a geographically-distributed, horizontally-scalable architecture built on Durable Objects. Our new architecture supports over 10x more throughput and over 3x lower latency compared to the previous version....

4.2 Tbps of bad packets and a whole lot more: Cloudflare's Q3 DDoS report

2024-10-23

DDoS ReportsDDoSAdvanced DDoSCloudflare RadarAttacks

The number of DDoS attacks spiked in the third quarter of 2024. Cloudflare mitigated nearly 6 million DDoS attacks, representing a 49% increase QoQ and 55% increase YoY....

Fearless SSH: short-lived certificates bring Zero Trust to infrastructure

2024-10-23

Zero TrustCloudflare Zero TrustAcquisitionsSSHCloudflare AccessCloudflare OneCompliance

Access for Infrastructure, BastionZero’s integration into Cloudflare One, will enable organizations to apply Zero Trust controls to their servers, databases, Kubernetes clusters, and more. Today we’re announcing short-lived SSH access as the first available feature of this integration. ...

Training a million models per day to save customers of all sizes from DDoS attacks

2024-10-23

DDoSDeep DiveMachine Learning

In this post we will describe how we use anomaly detection to watch for novel DDoS attacks. We’ll provide an overview of how we build models which flag unusual traffic and keep our customers safe....

Is this thing on? Using OpenBMC and ACPI power states for reliable server boot

2024-10-22

InfrastructureOpen SourceOpenBMCServersFirmware

Cloudflare’s global fleet benefits from being managed by open source firmware for the Baseboard Management Controller (BMC), OpenBMC. This has come with various challenges, some of which we discuss here with an explanation of how the open source nature of the firmware for the BMC enabled us to fix the issues and maintain a more stable fleet....