-
1.发明公开公开(公告)号:US20240264877A1
公开(公告)日:2024-08-08
申请号:US18362721
申请日:2023-07-31
申请人: CLOUDFLARE, INC.
发明人: Michael Hart , Alyson Cabral , Kenton Taylor Varda
IPC分类号: G06F9/50
CPC分类号: G06F9/5072 , G06F9/505
摘要: A request is received from a client device at a first datacenter a distributed cloud computing network. The distributed cloud computing network includes multiple datacenters. The received request triggers execution of code at the distributed cloud computing network. The code includes a first function and a second function. A determination is made to execute the first function at the first datacenter and to execute the second function at a second datacenter of the distributed cloud computing network. The first function is executed at the first datacenter to get a first result. The first datacenter causes the second function to be executed at the second datacenter. The first datacenter receives, from the second datacenter, a second result from the execution of the second function. The first datacenter transmits a response to the client device that is based at least in part on the first result and the second result.
-
公开(公告)号:US20240259347A1
公开(公告)日:2024-08-01
申请号:US18478191
申请日:2023-09-29
申请人: CLOUDFLARE, INC.
CPC分类号: H04L63/0263 , G06F30/27 , H04L41/16 , H04L63/1416
摘要: A machine learning (ML) based web application firewall (WAF) is described. Transformation(s) are applied to raw data including normalizing and generating a signature over the normalized data. The signature and the normalized data are vectorized to create a first and second vector of integers respectively. The first and second vector of integers are input into an ML model that uses a multiple stage process including a first stage that operates on the first vector of integers to identify candidate signature tokens that are commonly associated with different classes of attack, and a second stage that operates on the candidate signature tokens and the second vector of integers and conditions attention on the second vector of integers on the candidate signature tokens. The ML model outputs a score that indicates a probability of the raw data being of a type that is malicious. A traffic processing rule is enforced that instructs a WAF to block traffic when the score is above a threshold that indicates the raw data is of the type that is malicious.
-
公开(公告)号:US12034726B1
公开(公告)日:2024-07-09
申请号:US18326811
申请日:2023-05-31
申请人: CLOUDFLARE, INC.
摘要: A proxy server receives a first request from a first user to access a resource hosted by a cloud-based server. The proxy server inserts a first tenant control header into the first request specifying a tenant identifier. The tenant identifier indicates a tenant permitted to access the resource. The proxy server then transmits the first request with the inserted first tenant control header to the cloud-based server. In response to receiving a first response indicating a rejection of the first request with the inserted first tenant control header, the proxy server transmits the first request again to the cloud-based server but without the first tenant control header. The proxy server then logs the first request as an access request using a non-permitted tenant identifier.
-
公开(公告)号:US12028434B2
公开(公告)日:2024-07-02
申请号:US17734944
申请日:2022-05-02
申请人: CLOUDFLARE, INC.
IPC分类号: H04L67/5681
CPC分类号: H04L67/5681
摘要: An intermediary server receives a request from a client that identifies an asset that is handled by an origin server. The intermediary server generates an informational response that includes one or more link header fields that reference one or more pieces of content respectively that are predicted by the intermediary server to be linked within a final response for the asset. The intermediary server transmits the generated informational response to the client prior to a final response for the request. The intermediary server transmits the request to the origin server and receives a final response to the request. The intermediary server transmits the final response to the request to the client.
-
公开(公告)号:US12026272B2
公开(公告)日:2024-07-02
申请号:US18146459
申请日:2022-12-27
申请人: CLOUDFLARE, INC.
发明人: Yair Dovrat , Yoav Moshe
CPC分类号: G06F21/6218 , H04L63/0428
摘要: Managing the loading of third-party tools on a website is described. Configuration is received for loading the third-party tools. An intermediary server receives a request for a page that is hosted at an origin server. The intermediary server retrieves the page and modifies the page including automatically including a third-party tool manager to the retrieved page. The third-party tool manager includes a set of one or more client-side scripts that, when executed by the client network application, collects, and transmits information to the intermediary server for loading the third-party tools. The intermediary server loads the third-party tools based on the received information and the configuration. The intermediary server causes event data to be transmitted to third-party tool servers that correspond with the third-party tools.
-
6.发明公开公开(公告)号:US20240129273A1
公开(公告)日:2024-04-18
申请号:US18392521
申请日:2023-12-21
申请人: CLOUDFLARE, INC.
发明人: Marek Przemyslaw Majkowski , Braden Michael Ehrat , Sergi Isasi , Dane Orion Knecht , Dina Kozlov , Rustam Xing Lalkaka , Eric Reeves , Oliver Zi-gang Yu
IPC分类号: H04L61/5007
CPC分类号: H04L61/5007
摘要: A map of IP addresses of a distributed cloud computing network to one or more groupings is stored. The IP addresses are anycast IP addresses for which compute servers of the distributed cloud computing network share. These IP addresses are to be used as source IP addresses when transmitting traffic to destinations external to the cloud computing network. The map is made available to external destinations. Traffic is received at the distributed cloud computing network that is destined to an external destination. An IP address is selected based on the characteristic(s) applicable for the traffic and the map. The distributed cloud computing network transmits the traffic to the external destination using the selected IP address.
-
公开(公告)号:US11943308B1
公开(公告)日:2024-03-26
申请号:US18148352
申请日:2022-12-29
申请人: CLOUDFLARE, INC.
发明人: Lucas Pardue
IPC分类号: H04L67/142 , H04L67/02 , H04L67/143
CPC分类号: H04L67/142 , H04L67/02 , H04L67/143
摘要: A condition exists that triggers an HTTP server to modify one or more HTTP connections for one or more HTTP clients that are connected to the HTTP server. The HTTP server dynamically modifies the one or more HTTP connections including dynamically modifying one or more HTTP connection resource parameters for the one or more HTTP connections. For each of the one or more HTTP clients, the HTTP server monitors that HTTP client to determine whether it is complying with the modified one or more HTTP connection resource parameters. If one of the one or more HTTP clients is not complying with the modified one or more HTTP connection resource parameters, the HTTP server closes an HTTP connection to that HTTP client.
-
公开(公告)号:US11895227B1
公开(公告)日:2024-02-06
申请号:US18322265
申请日:2023-05-23
申请人: CLOUDFLARE, INC.
发明人: Derek Chamorro , Michael Pak
IPC分类号: H04L9/08
CPC分类号: H04L9/0825 , H04L9/0827
摘要: A first intermediate key management system (KMS) server of a distributed KMS receives a key lookup service (KLS) query from a KMS client for determining an identity of KMS server(s) that are capable of performing a first operation with a first managed key. The first intermediate KMS server is one of the intermediate KMS servers of the distributed KMS. The first KMS server determines the identity of one or more of the KMS servers that are capable of performing the first operation with the first managed key. The first KMS server transmits a KLS response to the KMS client that includes the identity of the KMS server(s) that are capable of performing the first operation with the first managed key.
-
公开(公告)号:US11895009B2
公开(公告)日:2024-02-06
申请号:US18147573
申请日:2022-12-28
申请人: CLOUDFLARE, INC.
发明人: Braden Ehrat , Jay A. Kreibich , Jérôme Fleury , Michael Vanderwater , Nicholas Alexander Wondra , Richard Thompson
IPC分类号: H04L45/00 , H04L45/44 , H04L61/5007
CPC分类号: H04L45/14 , H04L45/44 , H04L61/5007
摘要: A request from a client device is received at a first one of a plurality of compute nodes at a first one of a plurality of data centers of a distributed cloud computing network. A destination of the request is determined. An optimized route for transmitting the request toward an origin server that corresponds with the destination of the request is determined, where the optimized route is based on at least in part on probe data between data centers of the distributed cloud computing network for a plurality of transit connections, and where the optimized route has an IP address that encodes an identification of which of the plurality of transit connections is to be used to deliver the request. The request is transmitted to a next hop as defined by the optimized route over the identified one of the plurality of transit connections.
-
公开(公告)号:US11882199B2
公开(公告)日:2024-01-23
申请号:US17893003
申请日:2022-08-22
申请人: CLOUDFLARE, INC.
发明人: Christopher Philip Branch , Naga Sunil Tripirineni , Rustam Xing Lalkaka , Nick Wondra , Mohd Irtefa , Matthew Browning Prince , Andrew Taylor Plunk , Oliver Yu , Vlad Krasnov
CPC分类号: H04L67/63 , H04L12/4633 , H04L12/4641 , H04L63/0272 , H04L67/10
摘要: A request is received from a client device over a Virtual Private Network (VPN) tunnel. The request is received at a first one of a plurality of edge servers of a distributed cloud computing network. A destination of the request is determined and an optimized route for transmitting the request toward an origin server is determined. The optimized route is based at least in part on probe data between edge servers of the distributed cloud computing network. The request is transmitted to a next hop as defined by the optimized route.
-
-
-
-
-
-
-
-
-
搜索结果
387 条记录 (耗时 0.028 秒)
