本页使用了标题或全文手工转换

Cloudflare

维基百科,自由的百科全书
(重定向自CloudFlare
跳到导航 跳到搜索
Cloudflare
Cloudflare logo.svg
成立2009年7月,​12年前​(2009-07
總部
创立者
  • Matthew Prince
  • Lee Holloway
  • Michelle Zatlyn
代表人物
  • Matthew Prince(CEO
  • Lee Holloway
  • Michelle Zatlyn
产业互聯網
产品Cloudflare
服务
网址cloudflare.com
Alexa排名 645 截至2021年8月9日 (2021-08-09)[1]

CloudflareNYSENET)是一家總部位於舊金山美國跨國科技企業,以向客戶提供基於反向代理內容傳遞網路Content Delivery Network, CDN)及分佈式域名解析服務Distributed Domain Name Server)為主要業務。

歷史[编辑]

Cloudflare由三個曾為Project Honey Pot英语Project Honey Pot工作的工程師Matthew Prince、Lee Holloway和Michelle Zatlyn於2009年創立,最終在[2][3]2010年9月舉行的TechCrunch Disrupt大赛上首度公開出現。

2011年,駭客組織LulzSec使用Cloudflare的產品保护它的网站不被他人攻击,並在Twitter上赞扬此公司。Cloudflare因此於當年6月受到傳媒留意。[4][5]

2011年7月,Cloudflare宣布來自恩颐投资英语New Enterprise Associates文洛克创投英语Venrock珀利翁风投伙伴英语Pelion Venture Partners的新一輪風險融資已經完成,金額為2000萬美元[6][7]

2012年6月,Cloudflare與數家虛擬主機提供者(包括 HostPapa)建立合作夥伴關係,以實作其Railgun技術。

2012 年 6 月,駭客組織UGNazi英语UGNazi 利用Google帳號驗證程序的缺陷入侵Cloudflare CEO Matthew Prince的企業信箱,以此篡改著名社區網站4chan的Cloudflare帳號密碼並將它的DNS指向該組織的Twitter主頁。[8][9]

2012年12月,Cloudflare得到來自合广投资英语Union Square Ventures及其他現有投資方的C輪融資,其金額為5000萬美元[10]

2014年2月,Cloudflare減緩了當時有記錄以來規模最大的DDoS攻擊,針對未揭露之客戶的攻擊流量最高達每秒400 Gbit。在2014年11月,Cloudflare報告了另一個大規模DDoS攻擊,該次攻擊對獨立媒體網站的流量為每秒500Gbit[11]

2014年2月,Cloudflare宣布收購反病毒企業StopTheHacker[12]

2014年6月,Cloudflare宣布收購CryptoSeal公司。[13]

2014年6月下旬,佔領中環投票網站popvote.hk于2014年6月14日遭受DDoS攻击,攻擊流量峰值達到300 Gbit/s,Cloudflare作为其内容分发网络服务的提供者,使用DNS沉洞缓解了此攻击[14]

2019年9月6日,维基百科受到DDoS攻击。欧洲用户有几个小时无法访问维基百科[15]。在维基媒体网络工程师使用Cloudflare的网络和 DDoS 保护服务重新路由和过滤互联网流量后,攻击得到缓解[16]。使用的特定 Cloudflare 产品是 Magic Transit[17]

併購[编辑]

在2014年6月,Cloudflare併購了由Ryan Lackey所創立的CryptoSeal,意欲藉此交易延伸其Web使用者安全性服務。在2014年2月,它併購了StopTheHacker,這家公司提供惡意程式碼偵測、自動惡意程式碼移除,以及信譽與黑名單監視服務。在2016年12月,Cloudflare併購了Eager,並透過此次併購升級了Cloudflare的应用程序平台,以支援使用拖放方式將第三方应用程序安裝到使用Cloudflare服務的網站[18]。在2017年底,Cloudflare收購了Neumob,一間手機VPN初創企業。[19]

服務[编辑]

DDoS保護[编辑]

Cloudflare為所有客戶提供「我正遭受攻擊模式(I'm Under Attack)」設定。Cloudflare宣稱這樣可要求使用者必須先通過JavaScript計算式查問的驗證才能存取網站,進而減輕進階第7層攻擊的影響。Cloudflare所提供的保護使得SpamHaus免於流量超過每秒300 Gbit的DDoS攻擊。Akamai的首席結構設計師將它稱為「有史以來網際網路上規模最大的公開DDoS攻擊」。據說Cloudflare當時吸收了峰值超過每秒400 Gbit的NTP校時服務放大攻擊(NTP Reflection Attack) [20]

网页應用程式防火牆[编辑]

Cloudflare預設可讓付費方案客戶使用Web應用程式防火牆;此防火牆具有OWASP ModSecurity核心規則集與Cloudflare自有規則集,以及常見Web應用程式規則集。[21]

網域名稱伺服器[编辑]

Cloudflare為具有任一傳播網路的所有客戶提供免費網域名稱伺服器(DNS)。根據W3Cook,Cloudflare的DNS服務目前所服務的對象超過受管理DNS網域的35%。SolveDNS發現Cloudflare能持續提供全球數一數二的 DNS 查閱速度,在2016年4月回報的查閱速度為8.66毫秒。[22]

公共DNS解析器[编辑]

2018年4月1日,Cloudflare推出了面向使用者,聲稱「私隱第一」的域名系統解析服務。

IP位置爲1.1.1.11.0.0.1。IPv6位置爲2606:4700:4700::11112606:4700:4700::1001

由于其所使用的地址块原来属于未分配的地址块,部分网络会使用该地址作为内部认证系统或测试系统地址,所以可能会导致用户无法正常访问该地址或导致被恶意流量攻击。[23]

2018年11月11日,Cloudflare推出了1.1.1.1解析器的手機應用程式,可在iOS和Android設備下載。

反向代理[编辑]

Cloudflare的其中一個主要功能是他們扮演网页流量的反向代理角色。Cloudflare支援新的网页通訊協定,包括SPDYHTTP/2。此外,Cloudflare還提供針對HTTP/2 Server Push的支援。Cloudflare也支援Websocket的代理處理。[24]

内容分发網路[编辑]

Cloudflare的網路在全球擁有許多連線到網際網路交換點的連線。Cloudflare會將內容快取到其邊緣位置,以扮演內容提供網路(CDN)的角色,所有要求接著會透過Cloudflare進行反向Proxy處理,並直接從Cloudflare提供快取的內容。[25]

中国大陆服务[编辑]

Cloudflare推出了中国大陆地区的服务,帮助所有企业改善他们的互联网应用的性能及安全并扩展其全球业务。Cloudflare最初以百度为合作伙伴,但之后转而与京东云合作。Cloudflare和京东云的合作节点预计将在2023年扩展到中国大陆的150个地点。[26]

Project Galileo[编辑]

爲回應對藝術組織、人道救援機構和反政府組織等目標的攻擊,在2014年,Cloudflare推出了Project Galileo,希望可以透過其服務爲這些組織的網站提供網絡攻擊保護和性能提升,確保網站長期在線。

域名註冊商[编辑]

在2019年,Cloudflare宣佈提供域名註冊服務,以不抽利潤的最低價提供域名註冊服務,聲稱只會收取它們需付的費用。[27]

Cloudflare Access[编辑]

2018年,Cloudflare宣佈提供Cloudflare Access服務,讓員工無需使用虛擬私人網絡(VPN)就能透過一次性密碼GitHubAzure Active DirectoryG SuiteSAML等登入,安全存取公司內部網絡。

服務在少於5個使用者的環境使用爲免費,超出後每個使用者每月收費5美金。[28][29]

WARP[编辑]

2019年4月1日,Cloudflare宣佈提供虛擬私人網絡服務,名爲WARP,可在AndroidiOS設備的1.1.1.1軟件使用,稍後將會支援電腦。[30]同年9月25日正式推出。[31]

争议[编辑]

Cloudflare因其为恐怖主义、网络犯罪和仇恨言论提供遮蔽而面临争议,其中包括伊斯兰国塔利班缅甸军政府新纳粹等极端组织,也包括群体枪击案罪犯[32][33][34][35][36][37],它引用言论自由为自己辩护。[38][39] 许多有争议的网站使用Cloudflare,包括The Daily Stormer英语The_Daily_Stormer8chan[40],Cloudflare因为其坚持网络中立性的政策受到批评[41]

恐怖主义[编辑]

赫芬顿邮报记录了Cloudflare为美国国务院指定[34][36]的 「至少7个恐怖组织」提供服务,包括塔利班索马里青年党阿克薩烈士旅哈马斯巴勒斯坦聖城旅。Cloudflare至少从2012年起就知道了,但没有采取任何行动。然而,据Cloudflare的首席执行官称,没有任何执法机构要求该公司停止这些服务[42]伊斯兰国的两个在线论坛以及近四十个网站都由Cloudflare遮蔽[42]

群体枪击案[编辑]

2019年,Cloudflare因向貼圖討論版8chan提供服务而受到批评,该板块允许用户发布和讨论任何内容,网站管理员几乎不做干预。该留言板与美国的大规模枪击事件和新西兰基督城清真寺槍擊案有关[43][44][45][46]。此外,包括《华盛顿邮报》和《The Daily Dot》在内的一些新闻机构报道了兒童色情兒童性虐待讨论板的存在[46][47][48]。 BBC援引Cloudflare代表的话称,该平台「不托管所提及的网站,不能封锁网站,也不从事隐藏托管非法内容的公司的业务」。[49] 2019年埃尔帕索枪击案发生后接受《卫报》采访时,首席执行官Matthew Prince为Cloudflare对8chan的支持辩护,称他有「道德义务」让该网站保持在线。[50]之后迫于公众和法律压力,Cloudflare才终止了对8chan的服务。[50]

客戶[编辑]

直至2017年,Cloudflare提供DNS服務給一千二百萬個網站,[51]每日增加兩萬使用者。[52]其中著名的網站包括UberOKCupidFitbit[53]

獎項與殊榮[编辑]

  • 在2015年2月的8th Annual Crunchies Awards(第8屆年度Crunchies獎)獲得TechCrunch的Best Enterprise Startup(最佳新創企業)獎。
  • 有兩年被《华尔街日报》譽為Most Innovative Network & Internet Technology Company(最佳創新網路與網際網路技術公司)。
  • 在2012年,Cloudflare被World Economic Forum(世界經濟論壇)譽為Technology Pioneer(技術先鋒)。
  • 獲《Fast Company》選為全球十大創新公司。
  • 2016和2017年,Cloudflare名列Forbes Cloud 100(富比士雲端 100)清單第11名。[54]

参考文献[编辑]

  1. ^ Cloudflare.com Traffic, Demographics and Competitors. Alexa Internet. [2021-08-09]. (原始内容存档于2019-02-26) (美国英语). 
  2. ^ Our story. Cloudflare. [2011-08-15]. (原始内容存档于2015-01-05) (美国英语). 
  3. ^ CloudFlare Beta. Project Honey Pot. [2011-08-15]. (原始内容存档于2017-12-04) (美国英语). 
  4. ^ Henderson, Nicole. CloudFlare Gets an Unusual Endorsement from Hacker Group LulzSec. Webhost Industry Review. 2011-06-17 [2014-05-09]. (原始内容存档于2017-09-09) (美国英语). 
  5. ^ Hesseldahl, Arik. Web Security Start-Up CloudFlare Gets Buzz, Courtesy of LulzSec Hackers. All Things Digital. 2011-06-10 [2011-08-15]. (原始内容存档于2011-08-30) (美国英语). 
  6. ^ Hesseldahl, Arik. Web Security Start-Up CloudFlare Lands $20 Million Funding Round. AllThingsD. 2011-07-12 [2012-07-12]. (原始内容存档于2012-06-23) (美国英语). 
  7. ^ Milian, Mark. Why a Fast-Growing Startup Tries to Keep Its Venture Funding Secret. Tech Deals. 彭博新聞社. 2012-12-18 [2013-01-01]. (原始内容存档于2015-05-06) (美国英语). 
  8. ^ Simcoe, Luke. The 4chan breach: How hackers got a password through voicemail. Maclean's. 2012-06-14 [2012-07-12]. (原始内容存档于2013-01-29) (美国英语). 
  9. ^ Ms. Smith. Hacktivists UGNazi attack 4chan, CloudFlare and Wounded Warrior Project. Privacy and Security Fanatic. NetworkWorld. 2012-06-03 [2012-07-12]. (原始内容存档于2013-11-12) (美国英语). 
  10. ^ CloudFlare Reveals $50M Round From Union Square Ventures. TechCrunch. AOL. [2015-01-05]. (原始内容存档于2015-01-03) (美国英语). 
  11. ^ The Largest Cyber Attack In History Has Been Hitting Hong Kong Sites. 福布斯 (美国英语). 
  12. ^ CloudFlare Acquires Anti-Malware Firm StopTheHacker. TechCrunch. AOL. [2015-01-05]. (原始内容存档于2015-02-13) (美国英语). 
  13. ^ CloudFlare Acquires CryptoSeal. CloudFlare. [2014-06-18]. (原始内容存档于2014-06-19) (美国英语). 
  14. ^ Most sophisticated DDoS' ever strikes Hong Kong democracy poll. The Register. 2014-06-20 [2016-06-25]. (原始内容存档于2016-09-12) (英国英语). 
  15. ^ Rahim, Zamira. 'Malicious attack' on Wikipedia causes outage in several countries. 獨立報 (London). 2019-09-07 [2020-09-26] (英国英语). 
  16. ^ Analyzing the Wikipedia DDoS Attack. Internet and Cloud Intelligence Blog. ThousandEyes. [2020-09-26] (美国英语). 
  17. ^ Wikimedia Foundation. Cloudflare. [2020-09-26]. 
  18. ^ Cloudflare acquires app platform Eager, will sunset service in Q1 2017. VentureBeat. 2016-12-13 (美国英语). 
  19. ^ Neumob acquisition gives Cloudflare missing mobile component. TechCrunch. [2019-05-06]. (原始内容存档于2018-12-03) (美国英语). 
  20. ^ Biggest DDoS ever aimed at Cloudflare’s content delivery network. Ars Technica (美国英语). 
  21. ^ Cloudflare Web Application Firewall Review. Fanatic Entrepreneur (美国英语). 
  22. ^ April 2016 DNS Speed Comparison Report. www.solvedns.com (美国英语). 
  23. ^ 5 reasons Cloudflare's roll-out of 1.1.1.1 has been a disaster. SQL Server with Mr. Denny. [2019-05-06]. (原始内容存档于2018-04-26) (美国英语). 
  24. ^ CloudFlare figured out how to make the Web one second faster. ZDNet. 2016-04-28 (美国英语). 
  25. ^ Internet Exchange Report. Hurricane Electric (美国英语). 
  26. ^ Cloudflare 中国网络. www.cloudflare.com (中文(中国大陆)). 
  27. ^ Gallagher, Sean. Cloudflare gets into registrar business with wholesale domains and free privacy. Ars Technica. 2018-09-28 [2019-05-06]. (原始内容存档于2019-04-04) (美国英语). 
  28. ^ Cloudflare Access aims to replace corporate VPNs. TechCrunch. [2019-12-07] (美国英语). 
  29. ^ Log every request to corporate apps, no code changes required. The Cloudflare Blog. 2019-11-17 [2019-12-07]. (原始内容存档于2019-12-08) (英语). 
  30. ^ Cloudflare WARP 免費 VPN 全面開放,整合 DNS 推薦好友獲取流量. 免費資源網路社群. 2019-09-27 [2020-06-22]. (原始内容存档于2020-06-25) (中文(臺灣)). 
  31. ^ Cloudflare Finally Launches Warp, But It's Not a Mobile VPN. PCMAG. [2020-06-22]. (原始内容存档于2020-06-25) (英语). 
  32. ^ Controversial US infosec firm Cloudflare is providing potentially sanctions-busting services to Myanmar’s military junta. Bofa on Insecurity. [2021-06-06] (美国英语). In what is a likely violation of current US Treasury sanctions, the Junta also appears to be using the services of controversial US security company Cloudflare to protect themselves from more leaks, with at least five government websites geo-blocked to make them inaccessible outside Myanmar. 
  33. ^ Wong, Julia Carrie. The far right is losing its ability to speak freely online. Should the left defend it?. 衛報 (London). 2017-08-28 [2019-08-22] (美国英语). Matthew Prince had the power to kill the white supremacist hate site the Daily Stormer for years, but he didn’t choose to. 
  34. ^ 34.0 34.1 Jones, Rhett. Cloudflare Under Fire for Allegedly Providing DDoS Protection for Terrorist Websites. Gizmodo. 2018-12-14 [2019-08-05] (美国英语). Cloudflare is facing accusations that it’s providing cybersecurity protection for at least seven terrorist organizations—a situation that some legal experts say could put it in legal jeopardy. 
  35. ^ Sankin, Aaron. The Dirty Business of Hosting Hate Online. Gizmodo. 2019-07-11 [2019-08-05] (美国英语). The organizations we looked at run the gamut from white supremacists, neo-Nazis, and chapters of the Ku Klux Klan to groups dedicated to stripping the rights of immigrants and LGBT people. We found 151 tech companies currently offering services to the websites on this list. While the overwhelming majority of companies only worked with one or two sites, some names came up again and again. Cloudflare, which provides protection against distributed denial-of-service attacks, works with the second largest number of sites, 56. 
  36. ^ 36.0 36.1 Cook, Jesselyn. U.S. Tech Giant Cloudflare Provides Cybersecurity For At Least 7 Terror Groups: Among its customers are the Taliban, al-Shabab and Hamas.. 赫芬顿邮报. 2018-11-14 [2019-08-05] (美国英语). Among Cloudflare’s customers are groups that are on the State Department’s list of foreign terrorist organizations, including al-Shabab, the Popular Front for the Liberation of Palestine, al-Quds Brigades, the Kurdistan Workers’ Party (PKK), al-Aqsa Martyrs Brigade and Hamas — as well as the Taliban, which, like the other groups, is sanctioned by the Treasury Department’s Office of Foreign Assets Control (OFAC). These organizations own and operate active websites that are protected by Cloudflare, according to four national security and counterextremism experts. In the United States, it’s a crime to knowingly provide tangible or intangible "material support" to a designated foreign terrorist organization or to provide service to an OFAC-sanctioned entity without special permission. Cloudflare, which is not authorized by the OFAC to do business with such organizations, has been informed on multiple occasions, dating back to at least 2012, that it is shielding terrorist groups behind its network, and it continues to do so. 
  37. ^ Schwencke, Ken. How One Major Internet Company Helps Serve Up Hate on the Web. ProPublica. 2017-05-07 [2021-06-06] (美国英语). Cloudflare provides services to neo-Nazi sites like The Daily Stormer, including giving them personal information on people who complain about their content. The widespread use of Cloudflare’s services by racist groups is not an accident. Cloudflare has said it will not deny its services to even the most offensive purveyors of hate. "A website is speech. It is not a bomb," Cloudflare’s CEO Matthew Prince wrote. "There is no imminent danger it creates and no provider has an affirmative obligation to monitor and make determinations about the theoretically harmful nature of speech a site may contain." Cloudflare also has an added appeal to sites such as The Daily Stormer. It turns over to the hate sites the personal information of people who criticize their content. 
  38. ^ Captain, Sean. Is Cloudflare a privacy champion or hate speech enabler? Depends who you ask. Fast Company. 2019-02-27 [2019-08-05] (美国英语). Cloudflare is regularly shamed for enabling repulsive groups by helping them provide a better internet experience to their followers. In October 2018, Cloudflare stood out by continuing to support the chat platform Gab–infamous for racist chatter, including a post by Robert Bowers, who was charged with murdering 11 people in a Pittsburgh synagogue on October 27. Infrastructure companies like Joyent and GoDaddy dropped the site. But Cloudflare held on and continues to support Gab. 
  39. ^ Lee, Timothy B. Tech companies declare war on hate speech—and conservatives are worried. Ars Technica. 2017-08-31 [2019-08-06] (美国英语). 
  40. ^ Kelly, Makena. Cloudflare to revoke 8chan's service, opening the fringe website up for DDoS attacks. The Verge. 2019-08-04 [2019-08-05]. (原始内容存档于2019-08-05) (美国英语). Saturday’s shooting in El Paso, where at least 20 people were killed and two dozen injured, is the third mass shooting linked to both 8chan and white nationalist ideology this year. The first, in Christchurch, New Zealand, brought the fringe website into the mainstream discussion back in April, but Cloudflare declined to revoke its service. 
  41. ^ Peterson, Becky. Cloudflare CEO explains his emotional decision to punt The Daily Stormer and subject it to hackers: I woke up 'in a bad mood and decided to kick them off the Internet'. Business Insider. 2017-08-17 [2017-08-17] (美国英语). While Cloudflare may have been The Daily Stormer's last line of defense, Prince's decision didn't actually take the company's site offline by itself. Earlier in the week, both GoDaddy and Google publicly announced they had dropped The Daily Stormer as a customer of their domain-hosting services. 
  42. ^ 42.0 42.1 Kohlmann, Evan F. Charlie Hebdo and the Jihadi Online Network: Assessing the Role of American Commercial Social Media Platforms (PDF). United States House of Representatives. 2015-10-27 [2019-08-22] (美国英语). Prince continues to insist, “We have never received a request to terminate the site in question from any law enforcement authority, let alone a valid order from a court.” 
  43. ^ Wong, Julia Carrie. 8chan: the far-right website linked to the rise in hate crimes. 衛報. 2019-08-04 [2019-08-05] (英国英语). Protection from Cloudflare: 8chan would have difficultly operating if it didn’t receive protection from Cloudflare, a US-based company that provides internet infrastructure services to websites. Cloudflare faced renewed public pressure over its protection of 8chan in the wake of the Christchurch massacre. And in a phone interview with the Guardian on Saturday night, Prince reiterated his belief that Cloudflare should not cease to provide services to sites such as 8chan based on their content. 
  44. ^ Mezzofiore, Gianluca; O'Sullivan, Donie. El Paso shooting is at least the third atrocity linked to 8chan this year. 有线电视新闻网. 2019-08-05 [2019-08-05] (美国英语). 
  45. ^ Roose, Kevin. 8chan Is a Megaphone for Gunmen. 'Shut the Site Down,' Says Its Creator.. The New York Times. 2019-08-04 [2019-08-05]. 
  46. ^ 46.0 46.1 O'Neill, Patrick Howell. 8chan, the central hive of Gamergate, is also an active pedophile network. The Daily Dot. 2014-11-07 [2019-08-05] (英语). On numerous public forums, 8chan users share graphic images of children, plus links to hardcore child pornography. 
  47. ^ Machkovech, Sam. 8chan-hosted content disappears from Google searches: Domain-specific searches contain warning about "suspected child abuse content.". Ars Technica. 2015-08-17 [2019-08-05] (美国英语). 
  48. ^ Dewey, Caitlin. This is what happens when you create an online community without any rules. 华盛顿邮报. 2015-01-13 [2019-08-22] (美国英语). When a number of people reported 8chan’s active pedophilia boards to Cloudflare, the company that protects the site from malicious traffic, Brennan took screenshots of their names and e-mail addresses and tweeted them publicly. 
  49. ^ Cloudflare embroiled in child abuse row. 英国广播公司. 2019-10-22 [2019-11-15] (英国英语). Cloudflare helps websites host illegal content. The company insists it is powerless because it does not actually host the offending sites. Campaigners say Cloudflare's services make it easier for clients to avoid detection by "hiding" their locations. 
  50. ^ 50.0 50.1 Wong, Julia Carrie. 8chan: the far-right website linked to the rise in hate crimes. 衛報 (London). 2019-08-03 [2019-08-03] (英国英语). Three attackers in six months allegedly posted their plans on the site in advance. 8chan would have difficultly operating if it didn’t receive protection from a company called Cloudflare. Cloudflare faced renewed public pressure over its protection of 8chan in the wake of the Christchurch massacre. CEO Matthew Prince explains his "moral obligation" to keep 8chan online and reiterated his belief that Cloudflare should not cease to provide services to sites such as 8chan based on their content. 
  51. ^ How we made our DNS stack 3x faster. The Cloudflare Blog. 2017-04-11 [2019-05-06]. (原始内容存档于2019-04-02) (英语). 
  52. ^ Cloudflare – Making Your Website Fast, Safe, and Accessible Everywhere in the World. HostAdvice. 2016-12-22 [2019-05-06]. (原始内容存档于2019-05-06) (美国英语). 
  53. ^ Cloudbleed: Big web brands leaked crypto keys, personal secrets thanks to Cloudflare bug. The Register. 2017-02-24 (英国英语). 
  54. ^ Forbes Cloud 100. 福布斯 (美国英语). 

外部链接[编辑]