30 Facts About Cloudflare

Cloudflare, Inc is an American content delivery network and DDoS mitigation company, founded in 2010.

Cloudflare was founded in September 2010 by Matthew Prince, Lee Holloway, and Michelle Zatlyn.

Cloudflare has acquired web-services and security companies, including StopTheHacker, CryptoSeal, Eager Platform Co.

Since at least 2017, Cloudflare has been using a wall of lava lamps in their San Francisco headquarters as a source of randomness for encryption keys, alongside double pendulums in its London offices and a geiger counter in its Singapore offices.

Cloudflare received media attention in June 2011 for providing DDoS mitigation for the website of LulzSec, a black hat hacking group.

Related searches

Cloudflare provides DDoS mitigation services that protect customers from distributed denial of service attacks.

In 2017 Cloudflare launched Cloudflare Workers, a serverless computing platform for creating new applications, augmenting existing ones, without configuring or maintaining infrastructure.

In September 2022, Cloudflare began to test Turnstile - an alternative to CAPTCHA.

In March 2021, Tillie Kottmann from the hacking collective "Advanced Persistent Threat 69420" demonstrated that the group had gained root shell access to security cameras in Cloudflare offices managed by cloud-based physical security company Verkada after obtaining the credentials of a Verkada superuser account that had been leaked on the Internet.

Cloudflare stated that the compromised cameras were in offices that had been officially closed for several months, though the hacking collective obtained access to Verkada-operated cameras in Cloudflare's offices in New York City, London, Austin and San Francisco.

From September 2016 until February 2017, a major Cloudflare bug leaked sensitive data, including passwords and authentication tokens, from customer websites by sending extra data in response to web requests.

In May 2017, ProPublica reported that Cloudflare routinely discloses the names and email addresses of persons complaining about hate sites to the operators of those sites, which has led to the complainants being harassed.

Cloudflare has been criticized for not banning websites with hate speech content.

Cloudflare has said it has a content neutrality policy and that it opposes the policing of its customers on free speech grounds, except in cases where the customers break the law.

Cloudflare has faced criticism for not banning websites allegedly connected to terrorism groups, but Cloudflare has maintained that no law enforcement agency has asked the company to discontinue these services and it closely monitors its obligations under U S laws.

In 2022, a report by Stanford University found that Cloudflare was a prominent CDN provider among several other providers that are disproportionately responsible for serving misinformation websites.

Cloudflare has come under pressure on multiple occasions due to its services being utilized to serve hate speech and far-right content.

Cloudflare provided DNS routing and DDoS protection for the white supremacist and neo-Nazi website, The Daily Stormer.

In 2017 Cloudflare stopped providing its services to The Daily Stormer after an announcement on the website asserted that the "upper echelons" of Cloudflare were "secretly supporters of their ideology".

Previously Cloudflare had refused to take any action regarding The Daily Stormer.

In 2019, Cloudflare was criticized for providing services to the far-right discussion and imageboard 8chan, which allows users to post and discuss content with minimal interference from site administrators.

Cloudflare representative stated that the platform "does not host the referenced websites, cannot block websites, and is not in the business of hiding companies that host illegal content".

Cloudflare did not terminate service to 8chan until public and legal pressure mounted in the wake of the 2019 El Paso shooting, a copycat event similar in nature to the Christchurch mosque shootings, in which the associated manifesto was published to 8chan.

Cloudflare provided DDoS mitigation and acted as a reverse proxy for Kiwi Farms, a far-right Internet forum dedicated to discussion and trolling of online figures or communities, that often engages in harassment and doxxing of targets, and has been implicated in the suicides of at least three people.

Cloudflare has been aware since at least 2012, and has taken no action.

Related searches

In November 2015, hacktivist group Anonymous discouraged the use of Cloudflare's services following the ISIL attacks in Paris and additional revelations that Cloudflare aids terrorists.

Cloudflare responded by calling the group "15-year-old kids in Guy Fawkes masks", and saying that whenever such concerns are raised it consults anti-terrorism experts and abides by the law.

Cloudflare services have been used by Rescator, a carding website that sells stolen payment card data.

Cloudflare has been cited in reports by The Spamhaus Project, an international spam tracking organization, for the high numbers of cybercriminal botnet operations hosted by Cloudflare.

In 2018, Cloudflare was identified by the European Union's Counterfeit and Piracy Watch List as a "notorious market" which engages in, facilitates, or benefits from counterfeiting and piracy.