Cloudflare, Inc. is a U.S. web infrastructure and website security company, providing content delivery network services, DDoS mitigation, Internet security and distributed domain name server services. Cloudflare's services sit between a website's visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites. Cloudflare's headquarters are in San Francisco, California, with additional offices in Lisbon, London, Singapore, Munich, San Jose, Champaign, Illinois, Austin, New York City and Washington, D.C.
|Alexa rank||1056 (February 2019)[update]|
Cloudflare has faced controversy a number of times over its stance providing technical support to online hate groups and terrorists, citing free speech concerns. Cloudflare ensured it will "continue to abide by the law" and "serve all customers", further explaining "our proper role is not that of Internet censor". For example, at one time Cloudflare provided technical services to 8chan, an image board which has been linked to multiple mass shootings in the United States and the Christchurch mosque shootings in New Zealand. However, in 2017 Cloudflare succumbed to pressure to no longer provide their services the neo-nazi website The Daily Stormer. Similarly, in August 2019 Cloudflare stopped services for 8chan following a mass shooting in El Paso.
In 2014, Cloudflare introduced Project Galileo in response to cyber attacks launched against important, yet vulnerable targets, such as artistic groups, humanitarian organizations, and the voices of political dissent. In 2019 Cloudflare celebrated the five-year anniversary of Project Galileo and announced that 600 users and organisations are currently participating.
Cloudflare was created in 2009 by Matthew Prince, Lee Holloway, and Michelle Zatlyn, who had previously worked on Project Honey Pot. Cloudflare was launched at the September 2010 TechCrunch Disrupt conference. It received media attention in June 2011, after providing security to LulzSec's website.
In February 2014, Cloudflare mitigated the largest-ever recorded DDoS attack at that time, which peaked at 400 Gbit/s against an undisclosed customer. In November 2014, Cloudflare reported another massive DDoS attack with independent media sites being targeted at 500 Gbit/s.
In March 2019, Cloudflare raised $150 million in a Series E round led by Franklin Templeton Investments, with participation from New Enterprise Associates, Union Square Ventures, Venrock, Pelion Venture Partners, Greenspring Associates, CapitalG, Microsoft, Baidu, Qualcomm and Fidelity.
In February 2014, it acquired StopTheHacker, which offers malware detection, automatic malware removal, and reputation and blacklist monitoring. In December 2016, Cloudflare acquired Eager, with the view of upgrading Cloudflare's Apps platform to allow for drag-and-drop of installation of third-party apps onto Cloudflare-enabled sites. In late 2017, Cloudflare acquired Neumob, a mobile VPN startup.
In March 2013, Cloudflare defended SpamHaus from a DDoS attack that exceeded 300 Gbit/s. Akamai's chief architect stated that at the time it was "the largest publicly announced DDoS attack in the history of the Internet". Cloudflare has also reportedly absorbed attacks that have peaked over 400Gbit/s from an NTP Reflection attack.
Web application firewallEdit
Cloudflare allows customers on paid plans to utilize a web application firewall service, by default; the firewall has the OWASP ModSecurity Core Rule Set alongside Cloudflare's own ruleset and rulesets for popular web applications.
Cloudflare offers free authoritative Domain Name System (DNS) service for all clients which are powered by an anycast network. SolveDNS have found Cloudflare to consistently have one of the fastest DNS lookup speeds worldwide, with a reported lookup speed of 5.6ms in July 2019.
Public DNS resolverEdit
On April 1, 2018, Cloudflare announced a 'privacy-first' consumer DNS service, hosted at IP addresses 126.96.36.199 and 188.8.131.52. Alternatively, the service can be accessed via IPv6 at 2606:4700:4700::1111 and 2606:4700:4700::1001.
On November 11, 2018, Cloudflare announced a mobile version of their 184.108.40.206 service for iOS and Android.
A key functionality of Cloudflare is that they act as a reverse proxy for web traffic.
Content delivery networkEdit
Cloudflare's network has the highest number of connections to Internet exchange points of any network worldwide. Cloudflare caches content to its edge locations to act as a content delivery network (CDN), all requests are then reverse proxied through Cloudflare with cached content served directly from Cloudflare.
In 2014, Cloudflare introduced Project Galileo in response to cyber attacks launched against important, yet vulnerable targets, such as artistic groups, humanitarian organizations, and the voices of political dissent. Working with free speech, public interest, and civil society organizations. Cloudflare then extended its Enterprise-class DDoS protection and business-level performance benefits to ensure these websites stay online, without being violated.
Project Galileo has been compared to Alphabet's Project Shield, a different service providing protection to vulnerable humanitarian and free-speech groups. In contrast to Project Shield, Project Galileo does not create its own guidelines for eligible users. Rather, it outsourced the selection to 28 (non-profit) organisations and any one of those can accept users into the program. Cloudflare's CEO, Matthew Prince, hopes that other companies will follow suit and start similar projects. According to some Project Galileo users, organisations benefit from being able to choose whom to work with, a notion that has been echoed by Cloudflare's CEO.
Since the project started in 2014, Cloudflare has remained fairly secretive about the project, in part to avoid drawing further attention to organisations that might be targeted. For the five-year anniversary of the project a blogpost was created sharing some detail about the service, revealing that 600 organisations are currently participating and announcing number of new additions.
Cloudflare created Project Athenian to ensure that state and local government election websites have the highest level of protection (Enterprise grade) and reliability for free, so that their constituents always have access to election information and voter registration.
On April 1, 2019 Cloudflare announced a new freemium Virtual Private Network service named Warp. The service would initially be available through the 220.127.116.11 mobile apps with a desktop app available later.
Network Time ServicesEdit
On June 21, 2019 Cloudflare announced that users would be able to sync their computers time securely with Cloudflare's NTP service. Cloudflare’s time service will allow users to connect to their Network Time Protocol (NTP) server that supports Network Time Security (NTS), enabling users to obtain time in an authenticated manner.
Cloudflare provided support services for 8chan until August 2019. 8chan has since moved to BitMitigate. In an August 3 interview immediately post the 2019 El Paso shooting with The Guardian, Matthew Prince defended Cloudflare's support of 8chan saying: "What happened in El Paso today is abhorrent in every possible way, and it’s ugly, and I hate that there’s any association between us and that … For us the question is which is the worse evil?".
Cloudflare has come under pressure on multiple occasions due to its ironclad policy on free speech, refusing to cease technical support (DNS routing, DDoS mitigation etc) of websites such as LulzSec, The Daily Stormer, and 8chan. Activists argue Cloudflare's services allow access to content which spreads hate and has led to harm and deaths. Cloudflare consider all the content which passes through their infrastructure as protected by the First Amendment, no matter its content or consequences.Cloudflare has broad legal immunity from the content produced by its users.
Cloudflare provided DoS protection for the hacker group LulzSec through its services. This garnered significant positive media attention at the time, as Cloudflare was a young and relatively unknown company.
Cloudflare provided DNS routing and DoS protection for the white supremacist and neo-nazi website, The Daily Stormer. In 2017 Cloudflare stopped providing their services to the The Daily Stormer after an announcement on the controversial website asserted that the "upper-echelons" of Cloudflare were "secretly supporters of their ideology". Previously Cloudflare had refused to take any action regarding The Daily Stormer, despite widespread public pressure. The removal was addressed in a blogpost in which Cloudflare emphasized their dedication towards freedom of speech. As a 'free speech absolutist' Cloudflare's CEO Matthew Prince vowed never to succumb to external pressure again and sought to create a 'political umbrella' for the future. Matthew Prince further addressed the dangers of large companies deciding what is allowed to stay online, a concern that is shared by a number of civil liberties groups and privacy experts. The Electronic Frontier Foundation said that services such as Cloudflare "should not be adjudicating what speech is acceptable" adding "when illegal activity, like inciting violence or defamation, occurs, the proper channel to deal with it is the legal system."
According to The Huffington Post, Cloudflare provides services to "at least 7 terrorist groups", as designated by the United States Department of State. According to the article Cloudflare provides services to the Taliban, Hamas and al-Quds Brigades among others, and have been aware since at least 2012 and have taken no action. The US Justice Department has not asked the company to discontinue the services.
Cloudflare came under pressure due to the technical support provided for the discussion board 8chan, which allows users to post and discuss any content free from interference from a site administrator. The message board has been linked to mass shootings in the United States and the Christchurch mosque shootings in New Zealand. In addition, a number of news organizations including The Washington Post and The Daily Dot have reported child pornography and child rape discussion boards. In the wake of the 2019 El Paso shooting, Cloudflare announced that they will be terminating support for 8chan due to the consistent use of the site for terror purposes. In the announcement, CEO Matthew Prince warned this was not the end for 8chan and described the previous events of The Daily Stormer;
"Unfortunately, we have seen this situation before and so we have a good sense of what will play out. Almost exactly two years ago we made the determination to kick another disgusting site off Cloudflare's network: the Daily Stormer. That caused a brief interruption in the site's operations but they quickly came back online using a Cloudflare competitor. That competitor at the time promoted as a feature the fact that they didn't respond to legal process. Today, the Daily Stormer is still available and still disgusting. They have bragged that they have more readers than ever. They are no longer Cloudflare's problem, but they remain the Internet's problem."
In the wake of being pressured to censor The Daily Stormer, Cloudflare sought to create an alliance of free speech organizations so the company could stand up to pressure next time. A number of organizations, including The Electronic Frontier Foundation, a U.S. digital rights charity, joined Project Galileo supporting Cloudflare's free speech stance.
Cloudflare has been vocal of their values, with CEO Matthew Prince stating:
"One of the greatest strengths of the United States is a belief that speech, particularly political speech, is sacred. A website, of course, is nothing but speech ... A website is speech. It is not a bomb. There is no imminent danger it creates and no provider has an affirmative obligation to monitor and make determinations about the theoretically harmful nature of speech a site may contain."
Two of Islamic State of Iraq and the Levant's top three online chat forums are guarded by Cloudflare but U.S. law enforcement has not asked them to discontinue the service, and they have not chosen to do so themselves.
In November 2015, Anonymous discouraged the use of Cloudflare's services, following the ISIL attacks in Paris and the renewed accusation that it provides help to terrorists. Cloudflare responded by calling their accusers "15-year-old kids in Guy Fawkes masks" and saying that whenever such concerns are raised they consult actual anti-terrorism experts and abide by the law.
Breaking with its long-standing policy of total content neutrality, Cloudflare withdrew access to its services by white supremacist web site The Daily Stormer on 16 August 2017, in the aftermath of the fatal vehicular attack at the Charlottesville rally four days earlier. This withdrew the website's protection against distributed denial of service attack, and soon thereafter attackers took down the website. CEO Matthew Prince stated: "I woke up this morning in a bad mood and decided to kick them off the internet", the tipping point in the decision being that "the team behind Daily Stormer made the claim that we were secretly supporters of their ideology." Andrew Anglin, editor for The Daily Stormer, denied that his team made such a claim, and the move to disconnect The Daily Stormer from Cloudflare services was criticised as 'dangerous' by Prince himself, Anglin, and the Electronic Frontier Foundation.
Awards and recognitionEdit
- Awarded "Best Enterprise Startup" by TechCrunch at the 8th Annual Crunchies Awards in February 2015.
- Named the "Most Innovative Network & Internet Technology Company" for two years running by the Wall Street Journal.
- In 2012, Cloudflare was recognized by the World Economic Forum as a Technology Pioneer.
- Ranked among the world's 10 most innovative companies in 2012 by Fast Company.
- In 2016 and 2017, Cloudflare was ranked #11 on the Forbes Cloud 100 list.
The hacker group UGNazi attacked Cloudflare partially via flaws in Google's authentication systems in June 2012, gaining administrative access to Cloudflare and using it to deface 4chan. Cloudflare published in full the details of the hack. Following this, Google publicly announced they had patched the flaw in the Google Enterprise App account recovery process which allowed the hackers to bypass two-step verification.
From September 2016 until February 2017, a major Cloudflare bug (nicknamed Cloudbleed) leaked sensitive data—including passwords and authentication tokens from customer websites, by sending extra data in response to web requests. The leaks resulted from a buffer overflow, which occurred, according to analysis by Cloudflare, on approximately 1 in every 3,300,000 HTTP requests.
Cloudflare publishes a Transparency Report on a semi-annual basis to show how often law enforcement agencies request data about its clients.
In May 2017, ProPublica reported that Cloudflare as a matter of policy relays the names and email addresses of persons complaining about hate sites to the sites in question, which has led to the complainants being harassed. Cloudflare's general counsel defended the company's policies by saying it is "base constitutional law that people can face their accusers". In response Cloudflare updated their abuse reporting process to provide greater control of whom to notify for the complaining party.
Spam and phishing supportEdit
Cloudflare is listed on Spamhaus for providing spam support services (pink contract). The current list of Spamhaus listings changes on a near daily basis as reported issues are addressed with the responsible website owner.
An October 2015 report found that Cloudflare provisioned 40% of SSL certificates used by phishing sites with deceptive domain names resembling those of banks and payment processors.
In July 2019 Cloudflare suffered a major outage, which rendered more than 12 million websites unreachable for 27 minutes (80% of all customers). The affected websites responded with a blank 502 Error Page. Cloudflare published internal investigation results, in which the cause of the outage was pinpointed to a faulty regular expression.
- "Cloudflare.com Traffic, Demographics and Competitors". Alexa Internet. Retrieved 2019-02-26.
- "Cloudflare - The Web Performance & Security Company". Cloudflare. Retrieved 2019-08-05.
- "Cloudflare's new Lisbon office". The Cloudflare Blog. 2019-07-17. Retrieved 2019-07-22.
- "Cloudflare Reveals $50 Million "Secret" Funding -- From One Year Ago - Kara Swisher - Security - AllThingsD". AllThingsD.
- "Cloudflare beefs up app platform plans with startup acquisition". Bizjournals.com. Retrieved 2017-02-28.
- Wong, Julia Carrie (2017-08-28). "The far right is losing its ability to speak freely online. Should the left defend it?". The Guardian. ISSN 0261-3077. Retrieved 2019-08-05.
- Jones, Rhett. "Cloudflare Under Fire for Allegedly Providing DDoS Protection for Terrorist Websites". Gizmodo. Retrieved 2019-08-05.
- Sankin, Aaron. "The Dirty Business of Hosting Hate Online". Gizmodo. Retrieved 2019-08-05.
- "U.S. Tech Giant Cloudflare Provides Cybersecurity For At Least 7 Terror Groups". HuffPost UK. 2018-12-14. Retrieved 2019-08-05.
- Captain, Sean (2019-02-27). "Is Cloudflare a privacy champion or hate speech enabler? Depends who you ask". Fast Company. Retrieved 2019-08-05.
- Lee, Timothy B. (2017-09-01). "Tech companies declare war on hate speech—and conservatives are worried". Ars Technica. Retrieved 2019-08-06.
- Kelly, Makena (4 August 2019). "Cloudflare to revoke 8chan's service, opening the fringe website up for DDoS attacks". The Verge. Archived from the original (html) on 5 August 2019. Retrieved 5 August 2019.
- Wong, Julia Carrie (2019-08-04). "8chan: the far-right website linked to the rise in hate crimes". The Guardian. ISSN 0261-3077. Retrieved 2019-08-05.
- CNN, Gianluca Mezzofiore and Donie O'Sullivan. "El Paso shooting is at least the third atrocity linked to 8chan this year". CNN. Retrieved 2019-08-05.
- "Why We Terminated Daily Stormer". The Cloudflare Blog. 2017-08-16. Retrieved 2019-08-05.
- Prince, Matthew (5 August 2019). "Terminating Service for 8Chan". new.blog.cloudflare.com. Archived from the original on 5 August 2019. Retrieved 5 August 2019.
- "Cloudflare's Five-Year Project to Protect Nonprofits Online". Wired. ISSN 1059-1028. Retrieved 2019-08-05.
- Henderson, Nicole (2011-06-17). "Cloudflare Gets an Unusual Endorsement from Hacker Group LulzSec". Webhost Industry Review. Retrieved 2014-05-09.
- "Our story". Cloudflare. Retrieved 2016-02-25.
- "Cloudflare Beta". Project Honey Pot. Retrieved 2011-08-15.
- Hesseldahl, Arik (2011-06-10). "Web Security Start-Up Cloudflare Gets Buzz, Courtesy of LulzSec Hackers". All Things Digital. Retrieved 2011-08-15.
- Clark, Jack (1 March 2013). "Cloudflare's Railgun protocol gets buy-in from web giants". The Register. Retrieved 8 October 2015.
- Lardinois, Frederic (26 February 2013). "Cloudflare Partners With World's Leading Web Hosts To Implement Its Railgun Protocol, Speeds Up Load Times By Up To 143%". Tech Crunch. Retrieved 12 February 2016.
- "DDoS Attack Hits 400 Gbit/s, Breaks Record". Dark Reading.
- Olson, Parmy. "The Largest Cyber Attack In History Has Been Hitting Hong Kong Sites". Forbes.
- "CloudFlare | CrunchBase". web.archive.org. April 27, 2014.
- Hesseldahl, Arik (2011-07-12). "Web Security Start-Up Cloudflare Lands $20 Million Funding Round". AllThingsD. Retrieved 2012-07-12.
- Milian, Mark (December 18, 2012). "Why a Fast-Growing Startup Tries to Keep Its Venture Funding Secret". Tech Deals. Bloomberg. Retrieved January 1, 2013.
- "Cloudflare Reveals $50M Round From Union Square Ventures". TechCrunch. AOL.
- Michael Hickins. "Cloudflare Raised $50M, Ready to Spend". WSJ.
- "Cloudflare Reveals $50M Round From Union Square Ventures". TechCrunch. AOL. 17 December 2013.
- Miller, Ron. "Cloudflare Hints IPO Could Be Coming, But Not This Year". www.techcrunch.com. Retrieved 30 September 2015.
- Kawamoto, Dawn. "Cloudflare's $150 million funding round puts its IPO plans in question". www.bizjournals.com. Retrieved 12 March 2019.
- "CryptoSeal". crunchbase.com. Retrieved 10 March 2015.
- "Cloudflare Acquires Anti-Malware Firm StopTheHacker". TechCrunch. AOL.
- Yeung, Ken. "Cloudflare acquires app platform Eager, will sunset service in Q1 2017". VentureBeat. Retrieved 28 December 2016.
- Miller, Ron (November 14, 2017). "Cloudflare expands into mobile performance with Neumob acquisition". TechCrunch. Archived from the original on December 3, 2018. Retrieved April 2, 2019.
- Holloway, Lee Hahn; Rao, Srikanth N.; Prince, Matthew Browning; Tourne, Matthieu Philippe François; Pye, Ian Gerald; Bejjani, Ray Raymond; Rodery Jr, Terry Paul (2013). "Identifying a denial-of-service attack in a cloud-based proxy service".
- Storm, Darlene. "Biggest DDoS attack in history slows Internet, breaks record at 300 Gbps". Computerworld.
- Markoff, John; Perlroth, Nicole (26 March 2013). "Online Dispute Becomes Internet-Snarling Attack". The New York Times.
- Gallagher, Sean. "Biggest DDoS ever aimed at Cloudflare's content delivery network". Ars Technica. Retrieved 17 May 2016.
- Kaushik, Mehul. "Cloudflare Web Application Firewall Review". Fanatic Entrepreneur. Archived from the original on 2017-04-08. Retrieved 2017-04-07.
- Jackson, Brian (17 September 2015). "10 Best Free DNS Hosting Providers". KeyCDN Blog. Retrieved 17 May 2016.
- "July 2019 DNS Speed Comparison Report". www.solvedns.com.
- "Anouncing 18.104.22.168: the fastest, privacy-first consumer DNS service". Cloudflare. 1 April 2018.
- "Cloudflare Launches Privacy-Focused 22.214.171.124 DNS Service". Tom's Hardware. 2 April 2018.
- Cimpanu, Catalin. "Cloudflare launches Android and iOS apps for its 126.96.36.199 service | ZDNet". ZDNet.
- Osborne, Charlie. "Cloudflare figured out how to make the Web one second faster | ZDNet". ZDNet. Retrieved 17 May 2016.
- "Internet Exchange Report - bgp.he.net". bgp.he.net. Hurricane Electric. Retrieved June 1, 2016.
- Newman, Lily Hay (2019-06-12). "Cloudflare's Five-Year Project to Protect Nonprofits Online". Wired. ISSN 1059-1028. Retrieved 2019-08-05.
- Fri, Jun 14th 2019 7:39pm-Mike Masnick. "The Flipside To Figuring Out What Content Do You Block: Cloudflare's Project Galileo Focuses On Who It Should Protect". Techdirt. Retrieved 2019-08-05.
- "Project Galileo: the view from the front lines". The Cloudflare Blog. 2019-06-14. Retrieved 2019-08-05.
- "Athenian Project Turns One: Are Election Websites Safer?". The Cloudflare Blog. 2018-12-21. Retrieved 2019-08-05.
- Rambo, Guilherme (April 1, 2019). "Cloudflare announces Warp: a new free VPN service for iOS". 9to5Mac. Archived from the original on April 2, 2019. Retrieved April 2, 2019.
- "Cloudflare Time Services". Cloudflare. Retrieved 2019-06-22.
- "How we made our DNS stack 3x faster". blog.cloudflare.com. Retrieved 2017-04-11.
- "Cloudflare – Making Your Website Fast, Safe, and Accessible Everywhere in the World | HostAdvice". HostAdvice. Retrieved 2017-07-19.
- "Terminating Service for 8Chan". The Cloudflare Blog. August 5, 2019.
- Julia Carrie Wong (3 August 2019). "8chan: the far-right website linked to the rise in hate crimes". The Guardian. Retrieved 3 August 2019.
Three attackers in six months allegedly posted their plans on the site in advance. In an exclusive interview, Silicon Valley CEO [Matthew Prince] explains his ‘moral obligation’ to keep 8chan online
- "8chan is home to a hive of pedophiles". The Daily Dot. 2014-11-17. Retrieved 2019-08-05.
- Machkovech, Sam (2015-08-17). "8chan-hosted content disappears from Google searches [Updated]". Ars Technica. Retrieved 2019-08-05.
- Roose, Kevin (2019-08-04). "8chan Is a Megaphone for Gunmen. 'Shut the Site Down,' Says Its Creator". The New York Times. ISSN 0362-4331. Retrieved 2019-08-05.
- Lee, Timothy B. (2017-12-04). "Cloudflare's CEO has a plan to never censor hate speech again". Ars Technica. Retrieved 2019-08-05.
- "Cloudflare and Free Speech". The Cloudflare Blog. 2013-08-09. Retrieved 2019-08-05.
- Johnson, Steven (2018-01-16). "Inside Cloudflare's Decision to Let an Extremist Stronghold Burn". Wired. ISSN 1059-1028. Retrieved 2019-08-05.
- Keats Citron, Danielle (November 28, 2017). "What to Do about the Emerging Threat of Censorship Creep on the Internet" (PDF). Cato Institute Policy Analysis. No. 282: 3–4 – via Cato.org.
- "The Daily Stormer, Online Speech, and Internet Registrars". cyberlaw.stanford.edu. Retrieved 2019-08-06.
- Shaban, Hamza (August 18, 2017). "Banning neo-Nazis online may be slippery slope, tech group warns Silicon Valley". Washington Post. Retrieved August 6, 2019.
- Johnson, Steven (2018-01-16). "Inside Cloudflare's Decision to Let an Extremist Stronghold Burn". Wired. ISSN 1059-1028. Retrieved 2019-08-05.
- "Testimony of Evan F. Kohlmann" (PDF). docs.house.gov. 27 January 2015.
- "Terminating Service for 8Chan". The Cloudflare Blog. 2019-08-05. Retrieved 2019-08-05.
- Lee, Timothy B. (2017-12-04). "Cloudflare's CEO has a plan to never censor hate speech again". Ars Technica. Retrieved 2019-08-05.
- "The Electronic Frontier Foundation - Project Galileo". Cloudflare. Retrieved 2019-08-05.
- Dredge, Stuart (12 August 2013). "Cloudflare on censorship: 'A website is speech. It is not a bomb'". the Guardian.
- Yadron, Danny (29 September 2014). "Cloudflare Pushes More Encrypted Web". Retrieved 10 August 2015.
- Kovacs, Eduard (17 March 2014). "Underground Payment Card Store Rescator Hacked and Defaced". Retrieved 10 August 2015.
- Krebs, Brian (15 January 2015). "Spreading the Disease and Selling the Cure". Retrieved 14 August 2015.
- Hern, Alex (19 November 2015). "Web services firm Cloudflare accused by Anonymous of helping Isis". Retrieved 19 November 2015.
- "Cloudflare CEO: Anonymous Hacker Gripes About ISIS Support 'Absurd'". Fortune.com. Retrieved 2017-02-28.
- Becky Peterson (17 August 2017). "Cloudflare CEO: Hackers pushed The Daily Stormer offline as soon as Cloudflare stopped protecting it". Business Insider. Retrieved 17 August 2017.
- David Ingram and Joseph Menn (17 August 2017). "Internet firms shift stance, move to exile white supremacists". Reuters. Retrieved 17 August 2017.
- Dave Lee (17 August 2017). "Why Cloudflare kicked out the neo-Nazis". BBC News. Retrieved 17 August 2017.
- Matthew Prince (17 August 2017). "Why We Terminated Daily Stormer". Cloudflare blog. Retrieved 17 August 2017.
- "The Daily Stormer just lost the most important company defending it". The Verge. Retrieved 2018-03-23.
- Johnson, Steven. "Inside Cloudflare's Decision to Let an Extremist Stronghold Burn". WIRED. Retrieved 19 March 2018.
- Andrew Anglin (17 August 2017). "Matthew Prince of Cloudflare Admits He Killed the Internet Because He Thinks Andrew Anglin is an Asshole". The Daily Stormer. Archived from the original on 18 August 2017. Retrieved 17 August 2017.
- O'Brien, Jeremy Malcolm, Cindy Cohn, and Danny (2017-08-17). "Fighting Neo-Nazis and the Future of Free Expression". Electronic Frontier Foundation. Retrieved 2018-03-23.
- "8th Annual Crunchies Awards". TechCrunch. AOL. Retrieved 10 March 2015.
- Michael Totty and Shirley S. Wang (17 October 2011). "Winners of the 2011 Wall Street Journal Innovation Awards - WSJ". WSJ. Retrieved 10 March 2015.
- "Technology Pioneer 2012 - Matthew Prince, Michelle Zatlyn & Lee Holloway (Cloudflare)". Technology Pioneer 2012 - Matthew Prince, Michelle Zatlyn & Lee Holloway (Cloudflare) - World Economic Forum. Retrieved 10 March 2015.
- "Most Innovative Companies 2012 - Industries Top 10 - Web/Internet". Fast Company. Retrieved 10 March 2015.
- "Forbes Cloud 100". Forbes. Retrieved 6 May 2017.
- Simcoe, Luke (2012-06-14). "The 4chan breach: How hackers got a password through voicemail". Maclean's. Retrieved 2012-07-12.
- Ms. Smith (2012-06-03). "Hacktivists UGNazi attack 4chan, Cloudflare and Wounded Warrior Project". Privacy and Security Fanatic. NetworkWorld. Retrieved 2012-07-12.
- Prince, Matthew (4 June 2012). "The Four Critical Security Flaws that Resulted in Last Friday's Hack". Cloudflare.
- "Major Cloudflare bug leaked sensitive data from customers' websites". TechCrunch. 2017-02-23. Retrieved 2017-02-28.
- Joseph Steinberg (February 24, 2017). "Why You Can Ignore Calls To Change Your Passwords After Today's Massive Password Leak Announcement". Inc. Retrieved February 24, 2017.
- Molina, Brett (February 28, 2017). "Cloudfare bug: Yes, you should change your passwords". USA Today. Retrieved 1 March 2017.
- Kovacs, Eduard (2015-07-15). "Cloudflare Releases Transparency Report for First Half of 2015 | SecurityWeek.Com". www.securityweek.com. Wired Business Media.
- Schwencke, Ken (May 4, 2017). "How One Major Internet Company Helps Serve Up Hate on the Web". ProPublica.org. Retrieved 6 May 2017.
- "Anonymity and Abuse Reports". The Cloudflare Blog. May 7, 2017.
- "Cloudflare and Spamhaus". Word to the Wise. 2012-07-16. Retrieved 2017-02-28.
- "The Spamhaus Project - SBL". www.spamhaus.org.
- Edgecombe, Graham (12 October 2015). "Certificate authorities issue SSL certificates to fraudsters". Retrieved 14 October 2015.
- "Details of the Cloudflare outage on July 2, 2019". 12 July 2019. Retrieved 12 July 2019.
- "Cloudflare Landing Page". 15 July 2019. Retrieved 15 July 2019.
- "Cloudflare 502 Outage". 2 July 2019. Retrieved 2 July 2019.