On May 27 2021, the Internet Engineering Task Force published RFC 9000 – the standardarized version of the QUIC transport protocol. The QUIC Working Group declared themselves done by issuing a Last Call 7 months ago. The i’s have been dotted and the t’s crossed, RFC 8999 – RFC 9002 are a suite of documents…
Read More
Durable Objects are an awesome addition to the Workers developer ecosystem, allowing you to address and work inside a specific Worker to provide consistency in your applications. That sounds exciting at a high-level, but if you’re like me, you might be wondering “Okay, so what can I build with that?”There’s nothing like building something real…
Read More
When Cloudflare started, sophisticated online security was beyond the reach of all but the largest organizations. If your pockets were deep enough, you could buy the necessary services — and the support that was required to operate them — to keep your online operations secure, fast, and reliable. For everyone else? You were out of…
Read More
Cloudflare 在上週舉辦了開發人員週,我們的團隊紛紛發佈了酷炫的新產品,其中包括一系列對 Workers 的增強。不僅是客戶喜愛使用 Workers 部署應用程式,我們的工程團隊也不例外。Workers 還是我們在 Cloudflare Radar 上發佈的網際網路流量與攻擊趨勢的驅動力量。今天,與這篇深度解析部落格貼文一同面世的還有全新的 Radar DDoS Report 頁面,這是我們在 Jupyter、Clickhouse 和 Workers 基礎上打造的第一個全面自動化資料筆記本。上個月,我們推出了自發邊緣 DDoS (分散式阻斷服務) 保護系統,也闡釋了這如何做到既能迅速封鎖攻擊又不影響效能。該系統執行於我們網路的邊緣,異步分析流量以免影響效能,並在偵測到攻擊時立即推送內嵌的緩解規則。一切都自發完成,無需集中共識的介入。今天,我們將分享最新的 DDoS 洞察和趨勢,這源自於我們系統在 2021 年第一季所緩解的攻擊。在分析攻擊時,我們會計算「DDoS 活動」比率,即攻擊流量占總流量 (攻擊 + 乾淨) 的百分比。這樣,我們能夠規範化資料點,並避免出現偏頗,例如,偏向於看到更多流量 (因而發現更多攻擊) 的資料中心。重點應用程式層 DDoS 攻擊2021 年第一季,HTTP 攻擊流量百分比最高的國家是中國。位居其後的是美國、馬來西亞和印度。第一季遭受攻擊最多的是電訊產業,其次是消費者服務、安全與調查、網際網路以及加密貨幣。遭受攻擊最多的網際網路設備來自中國、美國和摩洛哥的公司。網路層 DDoS 攻擊在 Cloudflare 網路上,我們位於盧安達、中國和汶萊的資料中心中觀察到了最高的 DDoS 活動。第一季的所有攻擊中將近 44% 發生在 1 月份。主要新型威脅包括針對 Jenkins 和 TeamSpeak3 伺服器的攻擊,與前一季相比分別增長了 940% 和 203%。其他新型威脅包括 QUIC 版本協商封包洪水,或許意在破壞…
Read More
Today we are thrilled to announce our support of a new set of HTTP response headers that provide surgical control over our CDN’s caching decisions. CDN-Cache-Control allows customers to directly control how our CDN behaves without affecting the behavior of downstream or upstream caches.You might be thinking that this sounds a lot like the Cache-Control…
Read More
The following is a guest post by Martin Hauskrecht, DevOps Engineer at Labyrinth Labs.Here at Labyrinth Labs, we put great emphasis on monitoring. Having a working monitoring setup is a critical part of the work we do for our clients.Cloudflare’s Analytics dashboard provides a lot of useful information for debugging and analytics purposes for our…
Read More
There are halls and corridors in Cloudflare engineering, dangerous places for innocent wanderers, filled with wild project ideas, experiments that we should do, and extremely convincing proponents. A couple of months ago, John Graham-Cumming, our CTO, bumped into me in one of those places and asked: “What if we ported Doom multiplayer to work with…
Read More
Cloudflare Tunnel allows you to connect applications securely and quickly to Cloudflare’s edge. With Cloudflare Tunnel, teams can expose anything to the world, from internal subnets to containers, in a secure and fast way. Thanks to recent developments with our Terraform provider and the advent of Named Tunnels it’s never been easier to spin up.Classic…
Read More