Episode Details

Website attacks are very common. They are often not personal, but they can create a mess for website operators. As website owners and operators, we need website privacy and security especially if we are collecting data and personal information.

As I was making more money from my business in 2015, the need for better performance became an issue. I also needed to be able to keep my site up 24/7 and not have to deal with outages. My website started getting sustained 500-bit denial service attacks. I realized very quickly that this was not my expertise, but that is when I began my partnership with Cloudflare.

Cloudflare provides services that increase the security performance of over 26 million internet properties around the world from individual blogs to governments to Fortune 500 companies. Cloudflare offers services to accelerate internet applications and mobile experiences, mitigate DDoS attacks, prevent customer data breaches, stop malicious bot abuse, and more.

Our guests on today's show are John Graham and Evan Johnson. John Graham is a British software engineer and the current CTO at Cloudflare. Evan is a Product Security Manager at Cloudflare.

We talk about attacks on websites, distributed denial of service attacks, and how to protect your own website. If you want to keep your website up and running without skipping a beat, this is a must-listen episode.

Show Notes:

• [00:58] - Chris is a Cloudflare customer and shares how he became a Cloudflare customer. He shares his history of working with Cloudflare.
• [03:05] - In 2015 Chris started getting sustained 500-bit denial services attacks. He realized it was not his expertise and he needed help with this.
• [04:23] - John and Evan share the risks that Cloudflare helps website owners protect against.
• [05:53] - What things should we worry about as website operators?
• [07:09] - Evan is recommending businesses move more of their applications to the edge with workers with Cloudflare Workers. It has real security benefits.
• [08:29] - The big benefit of Cloudflare Workers is that there is no back-end server to overwhelm. It just moves the application to all of their servers.
• [10:38] - Often hackers are using automated tools to scan websites, so you really want to limit the ability for that scanner to see something. Then they will just move on.
• [11:39] - Anyone that has a database should prepare for the contingency if you get your database breached. Know your legal obligations in dealing with that especially if you are storing personally identifiable information.
• [14:01] - With Cloudflare, you can identify a problem and have it blocked almost immediately.
• [14:58] - It is really hard to patch your website fast enough. So a WAF can give you some breathing room while you patch the back end systems. Everyone should have a WAF, it is an extra layer that can really, really help. A WAF is a web application firewall.
• [17:16] - If you are connected to the public internet and you provide a service or website Cloudflare can protect that.

• Listen Now