Multi-Path TCP (MPTCP) leverages multiple network interfaces, like Wi-Fi and cellular, to provide seamless mobility for more reliable connectivity. While promising, MPTCP is still in its early stages, with limited support and practical use cases. This post explores its potential and current limitations.| The Cloudflare Blog
Oblivious DoH (ODoH) makes secure DNS over HTTPS (DoH) queries into private queries which prevent the leakage of client IP addresses to resolvers. The new proposed ODoH standard addresses this problem and today we are enabling users to use this protocol with 1.1.1.1| The Cloudflare Blog
A deep dive into the Encrypted Client Hello, a standard that encrypts privacy-sensitive parameters sent by the client, as part of the TLS handshake.| The Cloudflare Blog
The Domain Name System (DNS) is the address book of the Internet. When you visit cloudflare.com or any other site, your browser will ask a DNS resolver for the IP address where the website can be found.| The Cloudflare Blog
Cloudflare Radar now shows how often a given AI model sends traffic to a site relative to how often it crawls that site. This information can help site owners make decisions about which AI bots to allow or block, and enables users to understand how AI usage in aggregate impacts Internet traffic.| The Cloudflare Blog
AI face cropping for Images automatically crops around faces in an image. Here’s how we built this feature on Workers AI to scale for general availability.| The Cloudflare Blog
Announcing the Browser Developer Program: Cloudflare’s new collaborative program to help shape Cloudflare challenges that work seamlessly with your browser. Join us today!| The Cloudflare Blog
A new HTTP/2 denial-of-service (DoS) vulnerability called MadeYouReset was recently disclosed by security researchers. Cloudflare HTTP DDoS mitigation, already protects from MadeYouReset.| The Cloudflare Blog
You asked for simplicity. We listened. Introducing Externa and Interna, two new use-case-driven packages to simplify how you connect and protect your entire infrastructure.| The Cloudflare Blog
Workers KV is Cloudflare's global key-value store. After the incident on June 12, we re-architected KV’s redundant storage backend, remove single points of failure, and make substantial improvements.| The Cloudflare Blog
OpenAI’s newest open-source models are now available on Cloudflare Workers AI on Day 0, with support for Responses API, Code Interpreter and Web Search (coming soon).| The Cloudflare Blog
We significantly sped up our privacy proxy service by fixing a 40ms delay in "double-spend" checks. The issue stemmed from how Nagle's algorithm and delayed ACKs interacted with a third-party dependency.| The Cloudflare Blog
On August 21, 2025, an influx of traffic directed toward clients hosted in AWS us-east-1 caused severe congestion on links between Cloudflare and us-east-1. In this post, we explain what the failure was, why it occurred, and what we’re doing to make sure this doesn’t happen again.| The Cloudflare Blog
Fogos.pt, a volunteer-run wildfire tracker in Portugal, grew from a side project into a critical national resource used by citizens, media, and government. During 2025 fire season it was hit by DDoS attacks, but stayed online thanks to Cloudflare’s protections under Project Galileo.How a volunteer-run wildfire site in Portugal stayed online during DDoS attacks| The Cloudflare Blog
We believe the true dream of cloud computing is that your code lives in the network itself. Your code doesn't run in "us-west-4", it runs everywhere.| The Cloudflare Blog
Get the latest news on how products at Cloudflare are built, technologies used, and join the teams helping to build a better Internet.| The Cloudflare Blog
An upcoming vulnerability disclosure in Cloudflare’s SSL for SaaSv1 is detailed, explaining the steps we’ve taken towards deprecation.| The Cloudflare Blog
The White House AI Action Plan is a pivotal policy document outlining the current administration's priorities and deliverables in AI to establish American AI as the gold standard for AI worldwide.| The Cloudflare Blog
Faced with a data-ingestion challenge at a massive scale, Cloudflare's Business Intelligence team built a new framework called Jetflow.| The Cloudflare Blog
Microsoft disclosed two critical vulnerabilities, CVE-2025-53771 and CVE-2025-53770, that are exploited to attack SharePoint servers.| The Cloudflare Blog
In Q2 2025, we observed Internet disruptions around the world resulting from government-directed shutdowns, power outages, cable damage, a cyberattack, and technical problems, as well as several with unexplained causes.| The Cloudflare Blog
Perplexity is repeatedly modifying their user agent and changing IPs and ASNs to hide their crawling activity, in direct conflict with explicit no-crawl preferences expressed by websites.| The Cloudflare Blog
Build and deploy real-time, decentralized Authenticated Transfer Protocol (ATProto) apps on Cloudflare Workers.| The Cloudflare Blog
You can now build and deploy remote MCP servers to Cloudflare, and we handle the hard parts of building remote MCP servers for you. Unlike local MCP servers you may have previously used, remote MCP servers are Internet-accessible. People simply sign in and grant permissions to MCP clients using familiar authorization flows.| The Cloudflare Blog
This is part two of a story about how we overcame the challenges of making a complex system more scalable.| The Cloudflare Blog
We’ve partnered with marimo to bring their best-in-class Python notebook experience to your Cloudflare data.| The Cloudflare Blog
Gartner has recognized Cloudflare as a Visionary in the 2025 Gartner® Magic Quadrant™ for SASE Platforms report.| The Cloudflare Blog
June was the busiest month for DDoS attacks in 2025 Q2, accounting for nearly 38% of all observed activity.| The Cloudflare Blog
Cloudflare's SASE platform now offers egress policies by hostname, domain, content category, and application in open beta. This makes it easy to author simple and secure policies that control the source IP addresses that an organization's Internet traffic uses to connect to external services.| The Cloudflare Blog
In Q3, DDoS attacks increased by 111% YoY, Cloudflare auto-mitigated a 2.5 Tbps attack targeting a Minecraft server as multi-terabit scale DDoS attacks become increasingly frequent. Read more in our 2022 Q3 DDoS Report| The Cloudflare Blog
On July 14th, 2025, Cloudflare made a change to our service topologies that caused an outage for 1.1.1.1 on the edge, resulting in downtime for 62 minutes for customers using the 1.1.1.1 public DNS Resolver as well as intermittent degradation of service for Gateway DNS. We’re deeply sorry for this outage. This outage was the result of an internal configuration error and not the result of an attack or a BGP hijack. In this blog post, we’re going to talk about what the failure was, why it o...| The Cloudflare Blog
CloudFlare had an hour-long outage this last weekend. Thankfully, outages like this have been a relatively rare occurrance for our service.| The Cloudflare Blog
Nearly half of observed login attempts across websites protected by Cloudflare involved leaked credentials. The pervasive issue of password reuse is enabling automated bot attacks and account takeovers on a massive scale.| The Cloudflare Blog
Most of today's cryptography is designed to be secure against an adversary with enormous amounts of computational power.| The Cloudflare Blog
It’s Content Independence Day: Cloudflare, along with a majority of the world's leading publishers and AI companies, is changing the default to block AI crawlers unless they pay creators for content.| The Cloudflare Blog
We're open-sourcing use-mcp, a React library that connects to any MCP server in just 3 lines of code, as well as our AI Playground, a complete chat interface that can connect to remote MCP servers.| The Cloudflare Blog
Pay per crawl is a new feature to allow content creators to charge AI crawlers for access to their content.| The Cloudflare Blog
Since June 9, 2025, Internet users located in Russia and connecting to the open Internet have been throttled by Russian Internet Service Providers (ISPs).| The Cloudflare Blog
By combining the power of eBPF and Nftables, Magic Firewall can mitigate sophisticated attacks on infrastructure by enforcing a positive security model.| The Cloudflare Blog
Cloudflare Containers are now available in public beta. Deploy simple, global, and programmable containers alongside your Workers.| The Cloudflare Blog
Welcome to the 19th edition of the Cloudflare DDoS Threat Report. Released quarterly, these reports provide an in-depth analysis of the DDoS threat landscape as observed across the Cloudflare network. This edition focuses on the third quarter of 2024.| The Cloudflare Blog
Cloudflare Workers now support FinalizationRegistry, but just because you can use it doesn’t mean you should. Dive into the tricky world of JavaScript and WebAssembly memory management and see why newer features make life a lot easier.| The Cloudflare Blog
How Knock shipped an AI Agent with human-in-the-loop capabilities with Cloudflare’s Agents SDK and Cloudflare Workers.| The Cloudflare Blog
Today, June 12, 2025, Cloudflare suffered a significant service outage that affected a large set of our critical services, including Workers KV, WARP, Access, Gateway, Images, Stream, Workers AI, Turnstile and Challenges, AutoRAG, and parts of the Cloudflare Dashboard.| The Cloudflare Blog
Proper TCP socket splicing reduces the load on userspace processes and enables more efficient data forwarding. We realized that Linux Kernel's SOCKMAP infrastructure can be reused for this purpose.| The Cloudflare Blog
Yesterday, August 8, 2022, Twilio shared that they’d been compromised by a targeted phishing attack. Around the same time as Twilio was attacked, we saw an attack with very similar characteristics also targeting Cloudflare’s employees.| The Cloudflare Blog
If you’re running a SaaS company, you know how important it is that your application is performant, highly available, and hardened against attack.| The Cloudflare Blog
For the third consecutive year, Gartner has named Cloudflare to the Gartner® Magic Quadrant™ for Security Service Edge (SSE) report.| The Cloudflare Blog
We're excited to announce a contribution to improving privacy for everyone on the Internet. Encrypted Client Hello, a new standard that prevents networks from snooping on which websites a user is visiting, is now available on all Cloudflare plans.| The Cloudflare Blog
Bots now browse like humans. We're proposing bots use cryptographic signatures so that website owners can verify their identity. Explanations and demonstration code can be found within the post.| The Cloudflare Blog
You'll soon be able to deploy JavaScript to Cloudflare's edge, written against an API similar to Service Workers.| The Cloudflare Blog
The idea behind graceful upgrades is to swap out the configuration and code of a process while it is running, without anyone noticing it. If this sounds error prone, dangerous, undesirable and in general a bad idea – I’m with you.| The Cloudflare Blog
Recently at I gave a short talk titled "Linux at Cloudflare". The talk ended up being mostly about BPF. It seems, no matter the question - BPF is the answer. Here is a transcript of a slightly adjusted version of that talk.| The Cloudflare Blog
An experiment that uses hardware security keys (like a YubiKey) to replace CAPTCHAs completely. The idea is rather simple: if a real human is sitting at their keyboard or uses their phone, they can touch their security key’s button or bring it near their phone to demonstrate that they are human.| The Cloudflare Blog
We’re teaming up with Anthropic, Asana, Atlassian, Block, Intercom, Linear, PayPal, Sentry, Stripe, and Webflow to launch new remote MCP servers, built on Cloudflare, to enable Claude users to manage projects, generate invoices, and even deploy applications — without ever leaving the chat interface.| The Cloudflare Blog
DDoS attacks are surging. In 2025 Q1, Cloudflare blocked +20M attacks (a 358% YoY spike) along with 5.6 Tbps and 4.8 Bpps record-breaking attacks. And that's just the beginning. Read more in our latest DDoS Threat Report.| The Cloudflare Blog
Cloudflare Containers are coming this June. Run new types of workloads on our network with an experience that is simple, scalable, global and deeply integrated with Workers.| The Cloudflare Blog
Almost nine years ago, Cloudflare was a tiny company and I was a customer not an employee. Cloudflare had launched a month earlier and one day alerting told me that my little site, jgc.org, didn’t seem to have working DNS any more.| The Cloudflare Blog
How Cloudflare uses generative AI to slow down, confuse, and waste the resources of AI Crawlers and other bots that don’t respect “no crawl” directives.| The Cloudflare Blog
On Thursday, February 6, 2025, we experienced an outage with our object storage service (R2) and products that rely on it. Here's what happened and what we're doing to fix this going forward.| The Cloudflare Blog
Durable Objects provide a truly serverless approach to storage and state: consistent, low-latency, distributed, yet effortless to maintain and scale. They also enable coordination and real-time collaboration between clients.| The Cloudflare Blog
Today we’re announcing Private Access Tokens, a completely invisible, private way to validate that real users are visiting your site.| The Cloudflare Blog
On Thanksgiving Day, November 23, 2023, Cloudflare detected a threat actor on our self-hosted Atlassian server. Our security team immediately began an investigation, cut off the threat actor’s access, and no Cloudflare customer data or systems were impacted by this event.| The Cloudflare Blog
We have a cloud computing platform called Workers. Unlike essentially every other cloud computing platform I know of, it doesn’t use containers or virtual machines. We believe that is the future of Serverless and cloud computing in general, and I’ll try to convince you why.| The Cloudflare Blog
On January 19, 2025, ByteDance shut down access to TikTok and other owned/operated apps for US users, causing an 85% traffic plunge and a rapid shift to alternatives like RedNote.| The Cloudflare Blog
Traditional cloud storage is inherently slow because it is accessed over a network and must synchronize many clients. But what if we could instead put your application code deep into the storage layer, such that your code runs where the data is stored? Durable Objects with SQLite do just that.| The Cloudflare Blog
To help preserve a safe Internet for content creators, we’ve just launched a brand new “easy button” to block all AI bots. It’s available for all customers, including those on our free tier.| The Cloudflare Blog
Cloudflare launched nearly twelve years ago. Over that time, our set of services has become much more complicated. With that complexity we have developed policies around how we handle abuse of different features Cloudflare provides| The Cloudflare Blog
One of our large scale data infrastructure challenges here at Cloudflare is around providing HTTP traffic analytics to our customers. HTTP Analytics is available to all our customers via two options:| The Cloudflare Blog
On June 27, 2024, a small number of users globally may have noticed that 1.1.1.1 was unreachable or degraded. The root cause was a mix of BGP (Border Gateway Protocol) hijacking and a route leak.| The Cloudflare Blog
On Wednesday, October 18, 2023, we discovered attacks on our system that we were able to trace back to Okta. We have verified that no Cloudflare customer information or systems were impacted by this event because of our rapid response.| The Cloudflare Blog
This post dives into the details of the HTTP/2 protocol, the feature that attackers exploited to generate the massive Rapid Reset attacks, and the mitigation strategies we took to ensure all our customers are protected| The Cloudflare Blog
