Tag Archives: security

Introducing TLS with Client Authentication

In a traditional TLS handshake, the client authenticates the server, and the server doesn’t know too much about the client. However, starting now, Cloudflare is offering enterprise customers TLS with client authentication, meaning that the server additionally authenticates that the client connecting to it is authorized to connect. TLS Client Authentication is useful in cases More Info »

A tale of a DNS exploit: CVE-2015-7547

This post was written by Marek Vavruša and Jaime Cochran, who found out they were both independently working on the same glibc vulnerability attack vectors at 3am last Tuesday. A buffer overflow error in GNU libc DNS stub resolver code was announced last week as CVE-2015-7547. While it doesn’t have any nickname yet (last year’s More Info »

Introducing CloudFlare Registrar: Designed for Security, Not the Masses

At CloudFlare, we’ve constructed one of the world’s largest networks purpose-built to protect our customers from a wide range of attacks. We’re so good at it that attackers increasingly look for ways to go around us, rather than go through us. One of the biggest risks for high-profile customers has been having their domain stolen More Info »

CloudFlare is now PCI 3.1 certified

The Payment Card Industry Data Security Standard (PCI DSS) is a global financial information security standard that keeps credit card holders safe. It ensures that any company processing credit card transactions adheres to the highest technical standards. PCI certification has several levels. Level one (the highest level) is reserved for those companies that handle the More Info »

DNS parser, meet Go fuzzer

Here at CloudFlare we are heavy users of the github.com/miekgs/dns Go DNS library and we make sure to contribute to its development as much as possible. Therefore when Dmitry Vyukov published go-fuzz and started to uncover tens of bugs in the Go standard library, our task was clear. Hot Fuzz Fuzzing is the technique of More Info »

More Than 162,000 WordPress Sites Used for Distributed Denial of Service Attack

Distributed Denial of Service (DDOS) attacks are becoming a common trend on our blog lately, and that’s OK because it’s a very serious issue for every website owner. Today I want to talk about a large DDOS attack that leveraged thousands of unsuspecting WordPress websites as indirect amplification vectors. Any WordPress site with XML-RPC enabled More Info »