back to article We chat to CloudFlare about its 'EVERYBODY GETS SSL' venture

CloudFlare boss Matthew Prince is hoping the firm's project to roll out SSL support to customers who use its free cloud-based web hosting service will inspire other internet firms to build out a fully encrypted web. The Universal SSL program from CloudFlare allows its customers to encrypt and secure web traffic between …

  1. dotdavid

    Cloudflare

    Just wanted to post that I'm a happy customer and run all my domains through Cloudflare now. Quite apart from the SSL stuff, the fact that my server's IP address is obfuscated from every tom dick and harry script kiddie out there is a big bonus, and benefits all of my domains on the free plan as well as the ones on a paid plan.

    1. Pen-y-gors

      Re: Cloudflare

      I'm running a few sites through Cloudflare as a test. Seems to be going okay, although so far as I can tell it doesn't seem to be forcing https on every request, just if you ask for it specifically.

      This is a useful step, but 4 million sites out of a billion leaves a lot to go. If one of the big hosting providers (1&1 etc) could take the step and encrypt every one of their millions of sites automatically, then things would really start moving (until NSA start launching drone strikes against them!)

    2. Franklin

      Re: Cloudflare

      Another benefit of Cloudflare is your IP address is obfuscated from spam trackers. That, plus Cloudflare's rather...relaxed attitudes toward spam and malware, make Cloudflare the content delivery platform of choice for really aggressive hardcore spammers and malware distributors.

      I keep track of who's hosting/serving the spamvertised domains in all the spam I receive. Right now, Cloudflare's serving a bit over a third of the domains for all the spam landing on my spamtrap addresses.

  2. Lee D

    SSL* by default is inevitable.

    Though this is a good first step (well done CloudFlare!), eventually these base SSL certificates will be so cheap as to be ridiculous. Hell, I bought 5 years of SSL certificate for my domain for something like $50. If you have any reason to have SSL, even a popular forum requiring login, then SSL is a drop in the ocean against hosting, bandwidth and even just simple management costs.

    The certification authorities wouldn't allow this (specifically the wildcard domains) without knowing that the money they get from them is going to plummet soon anyway. That's pretty much why they want to push EV and like it when Chrome drops support for 1024-bit, etc. They can give the old stuff away for free while pushing the stuff that won't be warning in your browser next year.

    And there are already "free" SSL certificates out there on this level, you just have to dig for them.

    And, to be honest, where we need to worry is things like SSL on email, etc. which is disgustingly easy to configure nowadays if you own any domain SSL certificate (or even a self-signed one). I'm pretty sure my SSL cert is running not only my domains, but my email, DKIM signature and things like SSH etc. (with different passphrases in some instances, granted).

    (*Please replace SSL throughout with TLS etc. as I'm pretty sure my servers don't accept SSL 2.0, 3.0 or anything else nowadays).

  3. Anonymous Coward
    Anonymous Coward

    At this rate El Reg will be the last site on the internet that doesn't offer SSL (TLS) to protect it's users.

    1. dotdavid

      Yeah, what's the deal with that? Especially on the forums!

  4. MisterD

    It would be nice if Cloudflare would do something about their ongoing abuse problems. Matthew Prince claims to come from an anti-spam background but his company provides bulletproof hosting to spammers and ignores months of complaints.

  5. James 100

    I like their advocacy of and support for IPv6 and SSL - I just wish they were less spam-friendly (as noted in two comments here already) and didn't insist on taking over your DNS hosting to provide their CDN service unless you upgrade to the $200/month plan.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022