Best of CloudflareOctober 2025

  1. 1
    Article
    Avatar of programmingdigestProgramming Digest·32w

    A complete guide to HTTP caching

    HTTP caching reduces latency, server load, and infrastructure costs by storing responses at multiple layers—browsers, CDNs, proxies, and application caches. The guide explains how Cache-Control directives (max-age, s-maxage, no-cache, no-store, stale-while-revalidate), validators (ETag, Last-Modified), and headers like Vary control freshness and revalidation. It covers common misconceptions (no-cache doesn't mean "don't cache"), freshness calculations, practical recipes for static assets, HTML, APIs, and authenticated content, plus browser behaviors like BFCache and speculation rules. A detailed Cloudflare section addresses CDN-specific defaults, edge cache TTLs, cache key normalization, and cache tags for event-driven purging.

  2. 2
    Article
    Avatar of infoqInfoQ·30w

    Cloudflare Introduces Email Service to Compete with Amazon SES, Resend, and SendGrid

    Cloudflare announced a private preview of its Email Service during Birthday Week, enabling developers to send and receive emails directly from Workers without API keys. The globally managed service automatically configures SPF, DKIM, and DMARC for improved deliverability, supports both REST APIs and SMTP, and integrates with Workers AI for routing and parsing incoming emails. Unlike regional services like Amazon SES, Cloudflare offers a single global endpoint. The beta launches in November with message-based pricing and requires a paid Workers subscription.

  3. 3
    Article
    Avatar of cloudflareCloudflare·30w

    From .com to .anything: introducing Top-Level Domain (TLD) insights on Cloudflare Radar

    Cloudflare Radar launched a new Top-Level Domain (TLD) insights page that provides comprehensive data on TLD popularity, traffic patterns, and security metrics. The page uses DNS Magnitude—a metric measuring how many unique networks query domains within a TLD—to rank over 2,500 TLDs. Surprisingly, .su (Soviet Union's legacy TLD) tops the ranking due to queries from a popular online game. Individual TLD pages offer detailed information including DNSSEC support, RDAP availability, DNS query volumes, certificate issuance data, and geographic distribution. The feature extends existing DNS insights to all delegated TLDs and integrates with Cloudflare Registrar for domain registration. All data is accessible via API and the Radar Data Explorer.

  4. 4
    Article
    Avatar of phProduct Hunt·34w

    Kyno for Cloudflare: Cloudflare management made simple, right from your phone

    Kyno is a mobile client that enables developers and site administrators to manage their Cloudflare-protected websites directly from their phones. The app provides remote access to web infrastructure management, allowing users to control and monitor their Cloudflare configurations on the go.

  5. 5
    Article
    Avatar of webrtchacksWebRTC Hacks·33w

    Is everyone switching to MoQ from WebRTC?

    Analysis of Media over QUIC (MoQ) adoption claims versus reality, using Chrome usage metrics to debunk assertions that developers are switching from WebRTC. Chrome data shows WebTransport usage remains minimal (0.035% peak vs WebRTC's stable 0.35%), with multiple failed experiments over five years. Addresses misconceptions about WebRTC architecture, noting that server-based deployments (SFUs/MCUs) have been standard for years, not peer-to-peer full mesh. Concludes that despite marketing claims, no successful large-scale migration from WebRTC to MoQ has occurred yet.

  6. 6
    Article
    Avatar of cloudflareCloudflare·30w

    So long, and thanks for all the fish: how to escape the Linux networking stack

    Cloudflare engineers developed a custom service called SLATFATF ("fish") to handle IP packet forwarding using their soft-unicast addressing system, which shares IP addresses across machines. The team encountered fundamental conflicts between Linux's socket subsystem and Netfilter's conntrack module when attempting to use both packet rewriting and bound sockets simultaneously. After exploring solutions including Netlink interfaces, TCP_REPAIR, and TCP Fast Open with cookieless connections, they discovered that Linux's "early demux" optimization bypassed custom routing rules. Despite successfully implementing workarounds, they ultimately chose to terminate TCP connections rather than forward raw IP packets due to better observability and minimal performance impact.

  7. 7
    Video
    Avatar of t3dotggTheo - t3․gg·31w

    3.5x Faster (I bullied Cloudflare into fixing their performance)

    Cloudflare improved Workers performance by up to 3.5x after community benchmarks revealed gaps compared to Vercel. The team spent a week fixing scheduling algorithms, V8 garbage collection tuning, stream adapters, and JSON parsing. They also contributed upstream fixes to Node.js and V8 that benefit the entire ecosystem. Key improvements include better cold start handling, reduced memory allocations in OpenNext, and optimized trigonometry functions.

  8. 8
    Article
    Avatar of cloudflareCloudflare·29w

    Go and enhance your calm: demolishing an HTTP/2 interop problem

    Cloudflare engineers discovered that Go's HTTP/2 client implementation sends unnecessary RST_STREAM and PING frames when closing response bodies without reading them first, even when empty. This behavior triggered Cloudflare's PING flood DDoS mitigations, causing connections to close with ENHANCE_YOUR_CALM errors. The solution is to always fully read response bodies using io.Copy(io.Discard, resp.Body) before closing them, especially when reusing connections for multiple requests. The issue highlights how legitimate HTTP/2 client behavior can inadvertently mimic attack patterns and trigger security defenses.

  9. 9
    Video
    Avatar of bytegradByteGrad·32w

    Deploy Next.js 16 To VPS Like A Pro (Coolify, Cloudflare CDN & Tunnel)

    A comprehensive guide to deploying Next.js 16 applications to a VPS using Coolify for simplified deployment management. Covers setting up a production environment with Cloudflare CDN for performance optimization and Cloudflare Tunnel for enhanced security. Demonstrates the complete workflow from initial VPS setup through Hostinger, configuring automatic deployments via GitHub webhooks, adding custom domains, and implementing CDN caching with tunnel-based access control to seal off direct server access.

See all Cloudflare archives