Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

12/3/2015
03:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

CloudFlare Introduces HTTP/2 Support, Bringing All Customers Into the Modern Internet for Free

The Size of the HTTP/2 Universe Doubles Today

SAN FRANCISCO, CA-- Dec 3, 2015) - CloudFlare, the leading Internet performance and security company, today announced HTTP/2 support for all customers. Now any CloudFlare customer can speed up their web properties with the latest version of Hypertext Transfer Protocol (HTTP) for free. What's more, CloudFlare customers do not need to change their existing server configuration to get all of the benefits of the best available page load times and performance today.

"The last update to HTTP was in 1999 and the Internet has changed a lot since then. HTTP/2 was built to improve the performance of everything from traditional websites to modern mobile apps," said Matthew Prince, co-founder and CEO of CloudFlare. "To give you a sense, if every request over the CloudFlare network came over HTTP/2, in one month we'd collectively save Internet users 95 thousand years they'd otherwise spend waiting for the Internet to load over HTTP/1.1."

HTTP/2 is the new and improved version of HTTP, the primary protocol over which data is exchanged online. HTTP/2 is based on the draft SPDY protocol, which CloudFlare has supported since June 2012. SPDY was created by Google to address many of the performance problems with the fifteen-year-old HTTP/1.1. HTTP/2 expanded on Google's work with SPDY and was codified as an official Internet protocol by the Internet Engineering Task Force in May 2015.

 

HTTP/2 for Faster Performance and A Better Online Experience

Websites and mobile apps are more complicated today than they were when HTTP/1.1 was created in

1999. HTTP/2 means that resources like images, CSS, JavaScript, and fonts can be multiplexed into a single request, increasing performance by an average of 30 percent per page view. 

To use an analogy, HTTP/1.1 is like making a full trip to and from the store each time you need to buy an item. HTTP/2 is like multiple-item shopping: buying everything you need in a single trip. HTTP/2 allows several requests to be sent and received over a single TCP connection, resulting in significant performance gains and a better online experience for site visitors.

 

Better Performance Regardless of Site Protocol:

 

Support for HTTP/2 is being rolled out across all modern browsers. Approximately 30 percent of browsers seen across CloudFlare's network support HTTP/2, 50 percent support SPDY but not HTTP/2, and 20 percent support only HTTP/1.1. CloudFlare will continue to support SPDY and HTTP/1.1, falling back to whatever the fastest protocol a browser will support to ensure that even users without the latest software will continue to get the fastest possible experience.

"Today, CloudFlare continued our mission of helping build a better Internet by more than doubling the number of sites available over HTTP/2," Prince explained. "Beyond adding functionality for our customers, we think of rolling out HTTP/2 as CloudFlare's free holiday gift to every Internet user: the gift of time."

HTTP/2 support is enabled by default for all customers on the CloudFlare's Free and Pro tiers. Business and Enterprise customers can enable HTTP/2 from their control panel with a single click. To learn more please check out the additional resources below:

See the difference in performance over HTTP/1.1 through CloudFlare's HTTP/2 Guide

Introducing HTTP/2 (Blog)

 

About CloudFlare

CloudFlare, Inc. (www.cloudflare.com / @cloudflare) makes any Internet application lightning fast, protects them from attacks, ensures they are always online, and makes it simple to add web apps with a single click. Regardless of size or platform, CloudFlare supercharges Internet applications with no need to add hardware, install software, or change a line of code. The CloudFlare community gets stronger as it grows: every new site makes the network smarter. More than 5 percent of global Internet requests flow through CloudFlare's network; every month more than 2 billion people experience a faster, safer, better Internet. CloudFlare was recognized by the World Economic Forum as a Technology Pioneer, named the Most Innovative Network & Internet Technology Company for two years running by the Wall Street Journal, and ranked among the world's 50 most innovative companies by Fast Company. CloudFlare has offices in San Francisco, Washington DC, London and Singapore.

 

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Stop Defending Everything
Kevin Kurzawa, Senior Information Security Auditor,  2/12/2020
Small Business Security: 5 Tips on How and Where to Start
Mike Puglia, Chief Strategy Officer at Kaseya,  2/13/2020
5 Common Errors That Allow Attackers to Go Undetected
Matt Middleton-Leal, General Manager and Chief Security Strategist, Netwrix,  2/12/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-20477
PUBLISHED: 2020-02-19
PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342.
CVE-2019-20478
PUBLISHED: 2020-02-19
In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unaware of the need to use methods such as safe_load in these use cases.
CVE-2011-2054
PUBLISHED: 2020-02-19
A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are correct. The vulnerabilities is due to improper in...
CVE-2015-0749
PUBLISHED: 2020-02-19
A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on the affected software. The vulnerabilities is due to improper input validation of certain parameters passed to the affected software. An attacker ...
CVE-2015-9543
PUBLISHED: 2020-02-19
An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is rel...