Cloudflare

In February 2014, Cloudflare weakened the largest DDoS attack ever recorded at the time, the peak of which was 400 Gbit / s against an undisclosed customer. In November 2014, Cloudflare reported another massive DDoS attack targeting independent media websites running at 500 Gbit / s.

Since September 29, 2014, Cloudflare has been offering all customers free SSL encryption under the name Universal SSL , which is implemented using Server Name Indication .

According to an article from netzpolitik.org on July 22, 2015 , all DNS queries for the domain of the German Bundestag “bundestag.de” and its subdomains are answered by Cloudflare . The press department of the German Bundestag confirmed this in part in a cautious statement to the blog.

On February 24, 2017, it became known that due to a security gap it was possible to access transmitted data for months - even from encrypted connections. a. Position data of users of the Uber service , private chat messages from the dating site OkCupid and video frames from erotic portals.

As part of the discussions about the right-wing American side The Daily Stormer , Cloudflare terminated their contract in August 2017. The side was unable to counter the following DDoS attacks and was no longer available. Cloudflare CEO Matthew Prince rated his behavior as critical. According to his own statement, he had too much power, since not a single person should be able to decide on the existence of a website.

Since mid-2018, Cloudflare has been hosting the servers for Mozilla to provide the DNS over HTTPS (DoH) service. Strict data protection agreements were made here.

Financing rounds

In November 2009, Cloudflare received $ 2.1 million in a Series A round from Pelion Venture Partners and Venrock . In July 2011, Cloudflare received $ 20 million in a Series B round from New Enterprise Associates, Pelion Venture Partners, Venrock. In December 2012, Cloudflare received $ 50 million in a Series C Round from New Enterprise Associates, Pelion Venture Partners, Venrock, Union Square Ventures, and Greenspring Associates. In December 2014, Cloudflare received $ 110 million in a Series D round led by Fidelity Investments and with participation from Google Capital, Microsoft, Qualcomm and Baidu. Since September 13, 2019, Cloudflare has been traded on the NYSE stock exchange under the symbol NET, and raised $ 525 million through the sale of the shares.

Acquisitions

In June 2014, Cloudflare acquired CryptoSeal, which was founded by Ryan Lackey, in a deal aimed at expanding security services for web users. In February 2014, StopTheHacker was acquired, which offers malware detection, automatic malware removal, protection of IT reputation and monitoring of black lists. In December 2016, Cloudflare took over Eager with the prospect of upgrading Cloudflare's apps platform to enable drag-and-drop installations of third-party apps on Cloudflare-enabled websites.

services

DDoS protection

Cloudflare offers all customers the “I'm Under Attack Mode” setting. According to Cloudflare, this can mitigate advanced level 7 attacks by displaying a JavaScript math problem that must be solved before a user can access a website.

Cloudflare fended off a DDos attack on SpamHaus that exceeded 300 Gbit / s. Akamai's chief architect stated that it was "the largest publicly disclosed DDoS attack in the history of the Internet". Cloudflare has also reportedly intercepted attacks that peaked above 400 Gbps in an NTP reflective attack.

Web application firewall

Cloudflare allows customers with paid plans to use a web application firewall service by default. In addition to Cloudflare's own rule set and the rule sets for popular web applications, the firewall has the OWASP ModSecurity core rule set.

Domain name server

Cloudflare offers a free Domain Name Server (DNS) for all clients supported by an anycast network. According to W3Cook, Cloudflare's DNS service currently operates over 35% of the DNS domains it hosts. SolveDNS found that Cloudflare consistently had one of the fastest DNS search speeds in the world with a reported search speed of 8.66 ms in April 2016.

Reverse proxy

Content Delivery Network

The Cloudflare network has the highest number of connections to Internet nodes of any network in the world. Cloudflare stores content in peripheral locations to act as a content delivery network (CDN). All requests are then sent through Cloudflare as a reverse proxy and the cached content is served directly by Cloudflare.

values

Cloudflare has been very clear on its support for free speech , with CEO Matthew Prince explaining:

Cloudflare publishes a semi-annual transparency report to show how often law enforcement agencies request data about its customers.

Customers

Cloudflare provides DNS services for 6 million websites, some of which are popular ones like Uber , OkCupid, and Fitbit . According to W3Techs, Cloudflare is used by 11.6% of the top 10 million websites, making it the most popular reverse proxy service.

Awards and recognitions

• In February 2015 TechCrunch named "Best Enterprise Startup" at the 8th Annual Crunchies Awards.
• Named "Most Innovative Network & Internet Technology Company" by the Wall Street Journal for two years in a row.
• In 2012, Cloudflare was recognized as a technology pioneer by the World Economic Forum .
• In 2012, according to Fast Company, was one of the 10 most innovative internet companies in the world.
• In 2016, Cloudflare was ranked 11th on the "Forbes Cloud 100" list.

criticism

In a report by the European Commission, the company is accused of not doing enough against copyright infringement on its platform. Accordingly, the report estimates that Cloudflare is used by approximately 40% of all websites that illegally offer copyrighted material. Of the 500 infringing domains with the most visitors, according to Alexa Rank , 62%. The response on the part of Cloudflare to inquiries regarding copyright infringement is further classified as insufficient.

Web links

• Official website of Cloudflare

Individual evidence

1. ↑ CloudFlare Reveals $ 50 Million “Secret” Funding - From One Year Ago . AllThingsD.
2. ↑ Cloudflare beefs up app platform plans with startup acquisition. Bizjournals.com , accessed February 28, 2017.
3. ↑ Our story . Cloudflare. Retrieved August 15, 2011.
4. ^ Nicole Henderson: CloudFlare Gets an Unusual Endorsement from Hacker Group LulzSec . In: Webhost Industry Review . June 17, 2011. Retrieved August 15, 2011.
5. ↑ ^{a b} How Lulzsec protected itself from hacks , golem.de. Retrieved July 14, 2013
6. ↑ Router update sweeps 785,000 websites out of the net , golem.de. Retrieved July 24, 2013.
7. ↑ An inside view of Lulzsec's hacking rampage , cnn.com. Retrieved July 14, 2013.
8. ↑ How we got caught in lulzsec CIA crossfire , zdnet.com. Retrieved July 14, 2013.
9. ↑ On LulzSec, Censorship & CloudFlare ( Memento from July 27, 2013 in the Internet Archive ), blog.cloudflare.com. Retrieved July 14, 2013.
10. ↑ Cloudflare Partners With World's Leading Web Hosts To Implement Its Railgun Protocol, Speeds Up Load Times By Up To 143%. In: TechCrunch. Retrieved January 6, 2019 (American English). 
11. ↑ 4chan hacked by breaking into CloudFlare Server . golem.de. Retrieved July 14, 2013.
12. ↑ CloudFlare Was Down Due To Edge Routers Crashing, Taking Down 785,000 Websites Including 4chan, Wikileaks, Metallica.com , techcrunch.com. Retrieved July 24, 2013.
13. ^ CloudFlare Helps Save Wikileaks' Bacon , techcrunch.com. Retrieved July 24, 2013.
14. ↑ CloudFlare vs Incapsula vs ModSecurity - A Comparative Penetration Testing Analysis Report . Zero Science Lab. Retrieved November 2, 2018.
15. ^ The Internet Sector Calls for a Greater Transparency , blog.mozilla.org. Retrieved July 24, 2013.
16. ^ Greg Simons (Swedish National Defense College): Mass Media and Modern Warfare. Ashgate 2010, pp. 184-185, ISBN 978-0-7546-7472-6 .
17. ^ CloudFlare on censorship: 'A website is speech. It is not a bomb. ' theguardian.com dated August 12, 2013
18. ↑ The Largest Cyber ​​Attack In History Has Been Hitting Hong Kong Sites . Forbes.
19. ↑ Introducing Universal SSL . September 29, 2014. Retrieved December 16, 2014.
20. ↑ CloudFlare: German Bundestag is getting Internet from US providers again, this time for its own websites. netzpolitik.org of July 22, 2015
21. ↑ Kate Conger: Major Cloudflare bug leaked sensitive data from customers' websites. In: Techcrunch. February 24, 2017, accessed February 24, 2017 . 
22. ↑ heise online: "I can do that because I'm CEO": Cloudflare boss violates neo-Nazi side - it goes offline. Retrieved August 18, 2017 . 
23. ↑ Cloudflare Resolver for Firefox . Cloudflare. Retrieved July 26, 2018.
24. ↑ CloudFlare Hints IPO Could Be Coming, But Not This Year . techcrunch.com .
25. ^ Cloudflare jumps in trading debut after raising 525 million bloomberg.com
26. ↑ Cloudflare acquires app platform Eager, will sunset service in Q1 2017 . VentureBeat.
27. ↑ Cloudflare Web Application Firewall Review ( Memento April 8, 2017 in the Internet Archive ). Fanatic Entrepreneur
28. ↑ April 2016 DNS Speed ​​Comparison Report . solvedns.com
29. ↑ CloudFlare figured out how to make the Web faster one second . ZDNet
30. ↑ Internet Exchange Report . Hurricane Electric .
31. ↑ https://blog.cloudflare.com/cloudflare-and-free-speech/
32. ^ CloudFlare Releases Transparency Report for First Half of 2015 . Wired business media
33. ↑ Cloudbleed: Big web brands leaked crypto keys, personal secrets thanks to Cloudflare bug . The Register
34. ↑ Usage Statistics and Market Share of Reverse Proxy Services for Websites, January 2020. In: w3techs.com. Retrieved January 28, 2020 (English). 
35. ↑ Winners. Retrieved December 16, 2018 (American English). 
36. ↑ Technology Innovation Awards - Network And Internet Technologies. In: WSJ.com. Wall Street Journal, October 16, 2012, accessed December 16, 2018 . 
37. ↑ CloudFlare. In: Digital Transformation. Retrieved December 16, 2018 (American English). 
38. ↑ The 2012 Top 10 Most Innovative Companies by Sector: Internet. Retrieved December 16, 2018 (American English). 
39. ↑ Forbes Cloud 100 . Forbes.
40. ↑ European Commission: Counterfeit and Piracy Watch List. December 7, 2018, p. 21 , accessed December 12, 2018 .