Enforce Web Policy with HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security (HSTS, RFC 6797) is a web security policy technology designed to help secure HTTPS web servers against downgrade attacks. HSTS is a powerful technology which is not yet widely adopted. CloudFlare aims to change this.
Downgrade attacks (also known as SSL stripping attacks) are a serious threat to web applications. This type of attack is a form of man-in-the-middle attack in which an attacker can redirect web browsers from a correctly configured HTTPS web server to an attacker controlled server. Once the attacker has successfully redirected a user, user data, including cookies, can be compromised. Unfortunately, this attack is outside the realm of pure SSL to prevent. This is why HSTS was created.
These attacks are very real: many major websites have been attacked through SSL stripping. They are a particularly powerful attack against otherwise well secured sites, as they bypass the protections of SSL.
HSTS headers consists of an HTTP header with several parameters -- including a configurable duration for client web browsers to cache and continue to enforce policy even if the site itself changes. Through CloudFlare, it is easy to configure on a per-domain basis with standard settings.
HSTS causes compliant browsers Continue reading
Universal SSL: Encryption all the way to the origin, for free
Last September, CloudFlare unveiled Universal SSL, enabling HTTPS support for all sites by default. All sites using CloudFlare now support strong cryptography from the browser to CloudFlare’s servers. One of the most popular requests for Universal SSL was to make it easier to encrypt the other half of the connection: from CloudFlare to the origin server.
Until today, encryption from CloudFlare to the origin required the purchase of a trusted certificate from a third party. The certificate purchasing process can be tedious and sometimes costly. To remedy this, CloudFlare has created a new Origin CA service in which we provide free limited-function certificates to customer origin servers.
Today we are excited to announce the public beta of this service, providing full encryption of all data from the browser to the origin, for free.
Encrypted all the way
CloudFlare offers three modes for HTTPS: Flexible, Full and Strict. In Flexible mode, traffic from browsers to CloudFlare is encrypted, but traffic from CloudFlare to a site's origin server is not. In Full and Strict modes, traffic between CloudFlare and the origin server is encrypted. Strict mode adds validation of the origin server’s certificate. We strongly encourage customers to select Strict mode Continue reading
TLS Session Resumption: Full-speed and Secure
At CloudFlare, making web sites faster and safer at scale is always a driving force for innovation. We introduced “Universal SSL” to dramatically increase the size of the encrypted web. In order for that to happen we knew we needed to efficiently handle large volumes of HTTPS traffic, and give end users the fastest possible performance.
CC BY 2.0 image by ecos systems
In this article, I’ll explain how we added speed to Universal SSL with session resumptions across multiple hosts, and explain the design decisions we made in this process. Currently, we use two standardized session resumption mechanisms that require two different data sharing designs: Session IDs RFC 5246, and Session Tickets RFC 5077.
Session ID Resumption
Resuming an encrypted session through a session ID means that the server keeps track of recent negotiated sessions using unique session IDs. This is done so that when a client reconnects to a server with a session ID, the server can quickly look up the session keys and resume the encrypted communication.
At each of CloudFlare’s PoPs (Point of Presence) there are multiple hosts handling HTTPS traffic. When the client attempts to resume a TLS connection with a Continue reading
Do the ChaCha: better mobile performance with cryptography
CC BY-ND 2.0 image image by Clinton Steeds
CloudFlare is always trying to improve customer experience by adopting the latest and best web technologies so that our customers (and their visitors) have a fast and a secure web browsing experience.
More and more web sites are now using HTTPS by default. This sea change has been spearheaded by many groups including CloudFlare enabling free SSL for millions of sites with Universal SSL, Google moving towards marking plain HTTP as insecure in Chrome, and the Let’s Encrypt project’s plans to make certificates free in 2015.
Not only is the encrypted web more secure, it can also be faster than the unencrypted web if the latest HTTPS features are implemented. HTTPS sites are blazing fast on CloudFlare because we keep up with the latest performance-enhancing features:
- SPDY 3.1 is on by default for all customers. SPDY enables faster-than-HTTP download speeds by enabling multiplexing
- OCSP stapling: faster revocation checking.
- Optimized certificate bundles using CFSSL, our open source SSL bundler: an optimized certificate chain provides faster validation of certificates in the browser
- ECDSA certificates for all free customers with Universal SSL: smaller certificates with smaller keys result in faster Continue reading
End of the road for RC4
Today, we completely disabled the RC4 encryption algorithm for all SSL/TLS connections to CloudFlare sites. It's no longer possible to connect to any site that uses CloudFlare using RC4.
Over a year ago, we disabled RC4 for connections for TLS 1.1 and above because there were more secure algorithms available. In May 2014, we deprecated RC4 by moving it to the lowest priority in our list of cipher suites. That forced any browser that had a good alternative to RC4 to use it. Those two changes meant that almost everyone who was using RC4 to connect to CloudFlare sites switched to a more secure protocol.
Back in May, we noted that some people still needed RC4, particularly people using old mobile phones and some Windows XP users. At the time, 4% of requests using RC4 came from a single phone type: the Nokia 6120.
At the time, we noted that roughly 0.000002% of requests to CloudFlare were using the RC4 protocol. In the last 9 months, that number is halved and so, although some people are still using RC4, we have decided to turn off the protocol. It's simply no longer secure.
The remaining users are almost Continue reading
SSL Week Means Less Weak SSL
I'm excited to announce that today kicks off SSL Week at CloudFlare. Over the course of this week, we'll make a series of announcements on what we're doing to improve encryption on the Internet.
Inherently, for encryption to be the most effective, it has to meet three criteria: 1) it needs to be easy and inexpensive to use; 2) it needs to be fast so it doesn't tax performance; and 3) it needs to be up to date and ahead of the latest vulnerabilities.
Easy, Fast & Secure
Throughout CloudFlare's history, these priorities have guided our approach to encryption. Last September, we announced Universal SSL and brought world class encryption to every CloudFlare customer, even those on our Free service plan. While that effort doubled the size of the encrypted web, our work is far from done. This week we're announcing a series of initiatives that further our efforts to ensure we provide the easiest, fastest, and most secure encryption.
While Universal SSL made it easy to ensure that the connection from a device to CloudFlare was secure, this week we're going to begin the process of making it easy (and free) to ensure the connection from CloudFlare back to Continue reading
Get Started with CloudFlare ServerShield for Plesk
ServerShield makes it easy to activate CloudFlare and StopTheHacker.
CloudFlare has partnered with Parallels, the leading hosting solutions provider, to make server protection, content acceleration and malware removal easier than ever. We recently launched CloudFlare ServerShield® to all Plesk 12 users as an extension. ServerShield combines the performance and security features of CloudFlare with the malware scanning and removal solution of StopTheHacker. Whether you are a hosting provider looking to offer additional services to your customers, or a Plesk server user, you can access ServerShield with two easy clicks.
Already, a number of hosters and agencies have found ServerShield a key addition to their tools to help their customer sites’ security and performance. Rafal Kukla of Kukla Studio, a UK based design agency, has this to say:
“ServerShield made it straightforward to give my customers industry leading security and performance as well as reputation monitoring. Running a busy agency, I am focused on my customers' site design, ServerShield allows me to do that without sacrificing the fundamentals of site functionality. With one single click I can enable CloudFlare among all my customers instead of spending time configuring each site separately.”
We believe that this extension is incredibly timely Continue reading
Updating the DNS Registration Model to Keep Pace with Today’s Internet.
CloudFlare is, arguably, the largest third-party DNS Authoritative operator in the world. We manage well over 1 million domains and have registrations in almost every TLD open for registrations. Our role as a DNS operator is to maintain customer information and publish their records in the global DNS.
In this blog, we’ll introduce a significant problem that DNS operators like CloudFlare face when trying to provide the best possible experience to our customers. If you are a CloudFlare customer, you’ll remember during the sign up process you were asked to login to your registrar account in order to change your nameservers (NS). The absence of an automated process for changing NS records not only makes our signup process one step longer than we’d like, it also prevents CloudFlare, and other 3rd party DNS operators, from doing a slew of other things that would benefit customers and the Internet as a whole.
Note: In this blog we’ll use the term DNS Operator mainly in the context of operators that provide Authoritative DNS service. This is sometimes called Managed DNS service.
Manual Updates
For those who are not yet CloudFlare customers, let’s run through the sign up process:
When CloudFlare customers enable Continue reading
Path MTU discovery in practice
Last week, a very small number of our users who are using IP tunnels (primarily tunneling IPv6 over IPv4) were unable to access our services because a networking change broke "path MTU discovery" on our servers. In this article, I'll explain what path MTU discovery is, how we broke it, how we fixed it and the open source code we used.
First there was the fragmentation
When a host on the Internet wants to send some data, it must know how to divide the data into packets. And in particular it needs to know the maximum size of packet. The maximum size of a packet a host can send is called Maximum Transmission Unit: MTU.
The longer the MTU, the better for performance, but the worse for reliability, because a lost packet means more data to be retransmitted and because many routers on the Internet can't deliver very long packets.
The fathers of the Internet assumed that this problem would be solved at the IP layer with IP fragmentation. Unfortunately IP fragmentation has serious disadvantages and it's avoided in practice.
Do-not-fragment bit
To work around fragmentation problems the IP layer contains a "Don't Fragment" bit on every IP packet. Continue reading
DNSSEC Done Right
This blog post is probably more personal than the usual posts here. It’s about why I joined CloudFlare.
I’ve been working on DNSSEC evolution for a long time as implementor, IETF working group chair, protocol experimenter, DNS operator, consultant, and evangelist. These different perspectives allow me to look at the protocol in a holistic way.
First and foremost, it’s important to realize the exact role of DNSSEC. DNSSEC is actually a misnomer: it’s from an era when the understanding of different security technologies, and what role each plays, was not as good as today. Today, this protocol would be called DNSAUTH. This is because all it does is to provide integrity protection to the answers from authoritative servers.
Over the years, the design of DNSSEC has changed. A number of people working on early versions of DNSSEC (myself included) didn’t know DNS all that well. Similarly, many DNS people at the time didn’t understand security, and in particular, cryptography all that well. To make things even more complex, general understanding of the DNS protocol was lacking in certain areas and needed to be clarified in order to do DNSSEC properly. This has led to three major versions of the Continue reading
Help us test our DNSSEC implementation
For an introduction to DNSSEC, see our previous post
Today is a big day for CloudFlare! We are publishing our first two DNSSEC signed zones for the community to analyze and give feedback on:
- www.cloudflare-dnssec-auth.com - a fully signed zone managed by CloudFlare
- www.cloudflare-dnssec-cname.com - an external zone linking to a signed record with a CNAME
We've been testing our implementation internally for some time with great results, so we now want to know from outside users how it’s working!
Here’s an example of what you should see if you pull the records of, for example, www.cloudflare-dnssec-auth.com.
$ dig www.cloudflare-dnssec-auth.com A +dnssec
; <<>> DiG 9.10.1-P1 <<>> www.cloudflare-dnssec-auth.com A +dnssec
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29654
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;www.cloudflare-dnssec-auth.com. IN A
;; ANSWER SECTION:
www.cloudflare-dnssec-auth.com. 300 IN A 104.28.29.67
www.cloudflare-dnssec-auth.com. 300 IN A 104.28.28.67
www.cloudflare-dnssec-auth.com. 300 IN RRSIG A Continue readingFlexible SSL & WordPress: Fixing “Mixed Content” Errors
As many are aware, CloudFlare launched Universal SSL several months ago. We saw lots of customers sign up and start using these new, free SSL certificates. For many customers that didn’t already have an SSL certificate, they were able to use “Flexible SSL”.
Flexible SSL creates a secure (HTTPS) connection between the website visitor and CloudFlare and then an in-secure (HTTP) connection between CloudFlare and the origin server. For any site using absolute links to assets (i.e. javascript, css, and image files), this can lead to a “Mixed Content” error.
Mixed Content = Mixed Protocol
What is “Mixed Content”? This can be understood as mixed protocol. When the webpage is loaded over SSL (HTTPS protocol), most browsers expect all of the assets to be loaded over the same protocol. Some browsers will display an error about loading “insecure content” while others will just block the insecure content outright.
This error only applies to pages loaded over SSL, since the browser is working to make sure that secure pages only load equally secure assets.
Wordpress Plugin Updates
The latest version of the CloudFlare plugin for Wordpress works to resolve a lot of these errors by altering the protocol within the Continue reading
DDoS Packet Forensics: Take me to the hex!
A few days ago, my colleague Marek sent an email about a DDoS attack against one of our DNS servers that we'd been blocking with our BPF rules. He noticed that there seemed to be a strange correlation between the TTL field in the IP header and the IPv4 source address.
CC BY 2.0 image by Jeremy Keith
The source address was being spoofed, as usual, and apparently chosen randomly, but something else was going on. He offered a bottle of Scotch to the first person to come up with a satisfactory solution.
Here's what some of the packets looked like:
$ tcpdump -ni eth0 -c 10 "ip[8]=40 and udp and port 53"
1.181.207.7.46337 > x.x.x.x.53: 65098+
1.178.97.141.45569 > x.x.x.x.53: 65101+
1.248.136.142.63489 > x.x.x.x.53: 65031+
1.207.241.195.52993 > x.x.x.x.53: 65072+
$ tcpdump -ni eth0 -c 10 "ip[8]=41 and udp and port 53"
2.10.30.2.2562 > x.x.x.x.53: 65013+
2.4.9.36.1026 > x.x.x.x.53: 65019+
2.98. Continue readingCloudFlare in 2014: Bigger, Faster, Securer
At the end of 2013 we posted a blog article titled 2013: Rebuild the Engine; 2014: Step on the Gas which explained how in 2013 we had been rebuilding the engine that powers CloudFlare and how we expected 2014 to be when we stepped on the gas.
In that blog post, we said that we'd be expanding our network to betters serve customers in China and Latin America (as well as continuing other global expansions), and that we'd be making a big announcement around SSL.
CC BY-ND 2.0 image by Do Hyun-Kim
Looking back at 2014, we did a whole lot more and many of those changes had a meaningful impact well beyond CloudFlare. Now when we make a change, the needles on the Internet's dials move: when we roll out support for new protocols, sites tracking those protocols see a sudden jump in usage.
Here's a month by month review of CloudFlare's 2014:
January 8: keeping our promise to Latin America, we opened our first data center there in Chile.
January 27: we published our first transparency report covering National Security Orders on the first day it became legal to discuss them.
February 13: we Continue reading
Kyoto Tycoon Secure Replication
Kyoto Tycoon is a distributed key-value store written by FAL Labs, and it is used extensively at CloudFlare. Like many popular key-value stores, Kyoto Tycoon uses timestamp-based replication to ensure eventual consistency and guarantee ordering. Kyoto Tycoon is an open source project, and in the spirit of the holidays, we’re contributing our internal changes back to the open source project.
CC BY-ND 2.0 image by Moyan Brenn
CloudFlare uses Kyoto Tycoon to replicate data from a Postgres Database to our 30 data centers around the world. In practice, it takes around 3 seconds for full propagation in normal conditions. This is our pipeline for distributing sensitive data like our session ticket keys and DNS data to the CloudFlare edge.
Protecting data in transit
If the Internet is not a dangerous place, it at least has dangerous neighborhoods. To move from one datacenter to another, data has to pass through the public Internet. Data could end up going though some network with a wire-tap in place, or through a network with an unscrupulous network operator.
Datacenter-to-datacenter encryption has been brought into the international spotlight since the surveillance revelations. One of the leaked slides contained the expression “SSL added Continue reading
Improving PicoHTTPParser further with AVX2
Vlad Krasnov recently joined CloudFlare to work on low level optimization of CloudFlare's servers. This is the first of a number of blog posts that will include code he's optimized and open sourced.
In a recent post, Kazuho's Weblog describes an improvement to PicoHTTPParser. This improvement utilizes the SSE4.2 instruction PCMPESTRI in order to find the delimiters in a HTTP request/response and parse them accordingly. This update, compared to the previous version of the code, is impressive.
CC BY-SA 2.0 image by Intel Free Press
PCMPESTRI is a versatile instruction that allows scanning of up to 16 bytes at once for occurrences of up to 16 distinct characters (bytes), or up to 8 ranges of characters (bytes). It can also be used for string and substring comparison. However, there are a few drawbacks: the instruction has a high latency of 11 cycles, and is limited to 16 bytes per instruction. It's also under utilized for range comparison in PicoHTTPParser, because it only tests two or three ranges per invocation (out of eight it is capable of). Furthermore, some simple math (16 bytes / 11 cycles) shows that using this instruction limits the parser to 1.45 bytes/cycle throughput.
Continue reading
Johannesburg: CloudFlare’s 30th data center
Fire up the celebration braai, Jozi! CloudFlare is here, and it’s a big one. An important milestone (our 30th data center) calls for an equally important new location: Johannesburg, South Africa, our first data center in Africa.
For the local audience: Steek aan 'n braai ter viering, Jozi! CloudFlare is hier en dis 'n groot een. 'n Belangrike mylpaal (ons 30ste datasentrum), vra vir ewe belangrike en nuwe ligging: Johannesburg, Suid-Afrika, ons eerste datasentrum in Afrika.
Now serving Southern Africa
Prior to now nearly all CloudFlare traffic delivered to Africa was served from our London, Amsterdam and Hong Kong data centers with round trip latency of 200-350ms. Bandwidth in the region is notoriously expensive (it would make even the Australians blush) making it prohibitive to enter into the continent. That is, before now. Just a few months ago we were fortunate to enter into discussions with a number of partners in the region that share CloudFlare’s vision to help build a better Internet.
Our Johannesburg data center will not only make sites on CloudFlare more performant for Internet users in South Africa, but also for Internet users across all of Southern Africa (and beyond). From Botswana to Kenya, users Continue reading
Lima, Peru: CloudFlare’s 29th data center
Just when you thought we’d reached the end, CloudFlare’s Latin America data center expansion continues. Hot on the heels of our recent expansion into Santiago, São Paulo, and Medellin, this holiday season commences in Lima with our 29th data center globally, and our fourth in Latin America.
Latin America is the fastest growing source of traffic to CloudFlare's network, with nearly 10x growth in just the last twelve months. Our new data center in Lima reduces the latency to access any site using CloudFlare, increases web performance for users in the region from Iquitos to Tacna, and adds another point of redundancy. It also increases the capacity and surface area of the CloudFlare network to absorb massive cyber attacks. This is of particular benefit to CloudFlare customers the Presidency of Peru and the ONPE, Peru’s National Election Office. In the lead up to the Peruvian elections this month, CloudFlare partnered with the Government of Peru to ensure that local elections go off without a hitch — no easy feat when voter turnout is expected to reach nearly 90%. Whether you are running a site, mobile app, or national election we have an offering for you.
Coming Continue reading
Prepare Your Site for Traffic Spikes this Holiday Season
The holiday season is approaching, and everyone is thinking about gifts for their friends and family. As people increasingly shop online, this means huge spikes in traffic for web sites---especially ecommerce sites. We want you to get the most out of this year’s surge in web traffic, so we’ve created a list of tips to help you prepare your site to ensure your visitors have a reliable and fast experience.
Make sure your site can handle traffic spikes:
1) Contact your hosting provider to understand the limits of your hosting plan
Even though CloudFlare offsets most of the load to your website via caching and request filtering, a certain amount of traffic will still pass through to your host. Knowing the limits of your plan can help prevent a bottleneck from your hosting plan.
2) Reduce the number of unwanted requests to your infrastructure
CloudFlare allows you to block IP address individually or IPs from entire regions. If you don’t want or need traffic from certain IPs or regions, you can block them using your Threat Control panel. This is useful for sites who know where their visitors usually come from.
For example, if you run an ecommerce site with Continue reading
Migrating to the Ghost Blogging Platform
For those of you that follow the CloudFlare blog, you’ll know that we try to be prolific. We have industry leaders like Matthew Prince, John Graham-Cumming, Nick Sullivan, and others publishing pieces weekly from the front lines of internet performance and security. We’re also big fans of open source software, which is used in almost everything we do.
A little over a year ago we watched as a brand new independent open source blogging platform called Ghost started making waves, raising over $300,000 on Kickstarter. A little later, we reached out to the team to see if CloudFlare could help make the lightning-fast Node.js platform even faster and more secure on the Ghost(Pro) hosted service.
In March, Ghost announced that their entire Pro network was powered by CloudFlare, and today we’re pleased to announce that the CloudFlare blog is now running on Ghost.
While things look largely the same, you’ll find new and improved RSS feeds as well as tag and author archives to allow you to browse through our backlog of content more easily. The biggest improvement by far, though, is in the writing tools which we now have available to us—meaning our team is Continue reading