Industry Buzz

DreamHost is Ready for COVID-19

DreamHost Blog -

You’ve no doubt seen and heard plenty about COVID-19 over the past several weeks. This disease that has spread so quickly across the globe is highly transmissible and acutely dangerous to those with weakened immune systems as well as other high-risk groups. COVID-19 represents a tremendous public health threat, and we are seeing its impact on industries worldwide. As the World Health Organization declared the COVID-19 outbreak to be a global pandemic this week, I wanted to update you on the work we’ve done to ensure the safety of our team and to assure you that our services will continue to operate as expected without interruption as the world comes to grips with this exceptional disruption. We maintain physical office space in three cities (two in California, one in Oregon), and we have data centers on the east and west coasts of the United States. Our company culture places a high value on face-to-face connections and the spontaneous and serendipitous interactions that can only occur when team members are working in the same physical space, but we also value flexibility and have extensive experience working remotely. In the interest of the continued health of our team members, and in the greater interest of public health, we’ve asked our entire global team to begin working remotely until the situation is under control and it is safe to return to the office. The software and systems that enable every DreamHost team member to work offsite have been in place for many years. There was no last-minute scramble to make this happen — just a simple policy change to strongly encourage our valued team members to stay home and work remotely. And by “remotely”, we do mean safely at home, away from public gathering spaces like coffee shops where others are likely to congregate. Our data centers, the one area of our business that does need regular “hands-on” physical contact, will remain staffed with tightly-controlled access policies. We are committed to providing the same consistent, high level of service to you and your business while the world continues to cope with COVID-19. We know very well how much you rely on DreamHost to keep your businesses, websites, and dreams up and running. Our responsibility to you is not one we take lightly, and it’s one that we’re well prepared to support throughout these times of uncertainty. You’ve got enough to worry about — we’ve got this. You should experience no change in the level of service or support you receive from DreamHost. Our servers haven’t gone anywhere, and our world-class team remains just as available as always to help you find success online. The only difference is that some of us might be doing it in our pajamas for a bit. Thank you for choosing DreamHost. We’re proud to be your online partner. Be safe, Michael Rodriguez CEO, DreamHost The post DreamHost is Ready for COVID-19 appeared first on Website Guides, Tips and Knowledge.

COVID-19 impacts on Internet traffic: Seattle, Northern Italy and South Korea

CloudFlare Blog -

The last few weeks have seen unprecedented changes in how people live and work around the world. Over time more and more companies have given their employees the right to work from home, restricted business travel and, in some cases, outright sent their entire workforce home. In some countries, quarantines are in place keeping people restricted to their homes.These changes in daily life are showing up as changes in patterns of Internet use around the world. In this blog post I take a look at changing patterns in northern Italy, South Korea and the Seattle area of Washington state.SeattleTo understand how Internet use is changing, it’s first helpful to start with what a normal pattern looks like. Here’s a chart of traffic from our Dallas point of presence in the middle of January 2020.This is a pretty typical pattern. If you look carefully you can see that Internet use is down a little at the weekend and that Internet usage is diurnal: Internet use drops down during the night and then picks up again in the morning. The peaks occur at around 2100 local time and the troughs in the dead of night at around 0300. This sort of pattern repeats worldwide with the only real difference being whether a peak occurs in the early morning (at work) or evening (at home).Now here’s Seattle in the first week of January this year. I’ve zoomed in to a single week so we see a little more of the bumpiness of traffic during the day but it’s pretty much the same story.Now let’s zoom out to the time period January 15 to March 12. Here’s what the chart looks like for traffic coming from Cloudflare’s Seattle PoP over that period (the gaps in the chart are just missing data in the measurement tool I’m using).Focus in on the beginning of the chart. Looks like the familiar diurnal pattern with quieter weekends. But around January 30 something changes. There’s a big spike of traffic and traffic stays elevated. The weekends aren’t so clear either. The first reported case of COVID-19 was on January 21 in the Seattle area.Towards the end of February, the first deaths occurred in Washington state. In early March a small number of employees of Facebook, Microsoft and Amazon in the Seattle area were confirmed to be infected. At this point, employers began encouraging or requiring their staff to work from home. If you focus on the last part of the chart and compare it with the first two things stand out: Internet usage has grown greatly and the night time troughs are less evident. People seem to be using the Internet more and for more hours.Throughout the period there are also days with double spikes of traffic. If I zoom into the period March 5 to March 12 it’s interesting to compare with the week in January above.Firstly, traffic is up about 40% and nighttime troughs are now above the levels seen in January during the day. The traffic is also spiky and continues through the weekend at similar levels to the week.Next we can zoom in on traffic to residential ISPs in the Seattle area. Here’s a chart showing the first three days of this week (March 9 to March 11) compared to Monday to Wednesday a month prior in early February (February 10 to February 12).Traffic to residential ISPs appears to be up about 5% month on month during the work day. We might have expected this to be higher given the number of local companies asking employees to work from home but many appear to be using VPNs that route all Internet traffic back through the corporate gateway.Northern ItalyTurning to Italy, and in particular northern Italy, where there has been a serious outbreak of COVID-19 leading to first a local quarantine and then a national one. Most of the traffic in northern Italy is served from our Milan point of presence.For reference here’s what traffic looked like the first week in January.A familiar pattern with peak traffic typically in the evening. Here’s traffic for March 5 to 12.Traffic has grown by more than 30% with Internet usage up at all hours of the day and night. Another change that’s a little harder to see is that traffic is ramping up earlier in the morning than in early January. In early January traffic started rising rapidly at 0900 UTC and reach the daytime plateaus you see above around 1400 UTC. In March, we see the traffic jump up more rapidly at 0900 UTC and reach a first plateau before tending to jump up again.Drilling into the types of domains that Italians are accessing we see changes in how people are using the Internet. Online chat systems are up 1.3x to 3x of normal usage. Video streaming appears to have roughly doubled. People are accessing news and information websites about 30% to 60% more and online gaming is up about 20%.One final look at northern Italy. Here’s the period that covers the introduction of the first cordon sanitaire in communes in the north.The big spike of traffic is the evening of Monday, February 24 when the first cordons sanitaire came into full effect.South KoreaHere’s the normal traffic pattern in Seoul, South Korea using the first week of January as an example of what traffic looked like before the outbreak of COVID-19:And here’s March 5 to 12 for comparison:There’s no huge change in traffic patterns other than that Internet traffic seen by Cloudflare is up about 5%.Digging into the websites and APIs that people are accessing in South Korea shows some significant changes: traffic to websites offering anime streaming up over 2x, online chat up 1.2x to 1.8x and online gaming up about 30%.In both northern Italy and South Korea traffic associated with fitness trackers is down, perhaps reflecting that people are unable to take part in their usual exercise, sports and fitness activities.ConclusionCloudflare is watching carefully as Internet traffic patterns around the world alter as people alter their daily lives through home-working, cordon sanitaire, and social distancing. None of these traffic changes raise any concern for us. Cloudflare's network is well provisioned to handle significant spikes in traffic. We have not seen, and do not anticipate, any impact on our network's performance, reliability, or security globally.

Coronavirus Preparedness

Nexcess Blog -

Nexcess has been closely monitoring the ongoing outbreak of the coronavirus disease (COVID-19) and guidance as issued by government and health authorities. As of yesterday, the World Health Organization (WHO) declared a global pandemic with regards to the coronavirus.  While our infrastructure and planning is always ready for these types of scenarios we wanted to let you know that we have activated a Virtual Command Center to take additional precautionary measures for our employees so that they can continue to provide the high level of support you’ve come to expect. Operations are our lifeblood and we are committed to our customers to keep your business online while also keeping our employees safe. While our offices and data center locations are secure, we’ve implemented several precautionary measures to focus on the health and safety of our customers and employees: We have increased the timing of our cleaning protocols for all facilities and are disinfecting high traffic areas daily. Hand sanitizer stations have been placed along with high traffic areas for use by both customers and employees. Employees have been briefed on the importance of maintaining a clean and safe environment and on our communication and action plans regarding COVID-19. We have restricted employee travel. In addition we have engaged with our suppliers to understand their Pandemic Response plans. In addition to the above, we’re closely monitoring the health of our employees on a daily basis. If an employee shows any signs of illness, we are encouraging them to seek a medical diagnosis and work from home until cleared by a medical professional or until the symptoms pass. Access to any Nexcess facility will be closely monitored, and anyone showing symptoms or anyone who has traveled to an area with known high-transmission of COVID-19 may have restricted access. In the event an outbreak occurs in the area of one of our facilities, we’re prepared to activate our Pandemic Response Plan and do the following: Ensure regular digital communication with our customers and employees, including the possibility of increased access restrictions to our facilities. Activate minimum on-site staffing levels to provide continuity of our services at a 24/7/365 level and allow non-essential employees to work from home. Ensure sufficient resources are available for our on-site employees to continue to safely operate. Continue to review guidance from local, state and federal government agencies and implement updated action plans as needed. At Nexcess our high level of support and ensuring your business is supported at all times is of the utmost importance to us. The health and safety of our employees is a priority as well, and these plans will help us ensure we’re doing our best to keep both in mind. As you monitor the situation and consider your own continuity plans, Nexcess is prepared to help in any capacity needed. More information on the coronavirus is available here: World Health Organization: https://www.who.int/emergencies/diseases/novel-coronavirus-2019 Center for Disease Control: https://www.cdc.gov/coronavirus/2019-ncov/index.html If you have any questions, please contact us at 1-866-639-2377 or submit a ticket via the portal. The post Coronavirus Preparedness appeared first on Nexcess Blog.

How to Create a Coming Soon Page for Your Website

HostGator Blog -

The post How to Create a Coming Soon Page for Your Website appeared first on HostGator Blog. When you’re building a new website or online store, there’s a lot that needs to happen behind the scenes before it’s ready for the world. You don’t want to have to wait until launch to start marketing and building interest, which makes a coming soon page a very valuable asset to have. With a coming soon page you can create an enticing page that is ready to show to the world. This page serves as the face of your website while you’re busy building behind the scenes.  Coming soon pages give you a way to build buzz, grow an email list, and even test ideas before the official launch day comes. Below you’ll learn about what a coming soon page is, and a handful of reasons and scenarios where you’ll want to build one. Finally, you’ll learn how you can quickly and easily build a coming soon page in WordPress, step-by-step.  What is a Coming Soon Page? First, we’ll get started with a little clarification, as you’ll hear coming soon pages referred to by multiple names.  There are two different types of coming soon pages: The first is a traditional coming soon page, which tells your visitors that a new website, app, store, or project is launching soon. The second is a maintenance page. This lets your visitors know that your site is currently undergoing routine maintenance or technical difficulties. Sometimes maintenance pages can be used when you’re making visual changes to your site as well. Instead of making these changes to a live website, you put up a maintenance mode page until the changes are complete.  You may also hear coming soon pages referred to as pre-launch pages. But, no matter what words you’re using to describe your page, they all serve the same general purpose: to help garner interest, gain user feedback, collect email addresses, and give visitors a place to go while your website is being developed or updated. Unlike other pages on your site, coming soon pages are temporary. They’re like an appetizer you can offer your visitors while the real meal is being made. For example, here’s a simple coming soon page created with the SeedProd Coming Soon plugin for a website that could currently be under construction: Here’s another super simple coming soon page created with the same WordPress plugin. You’ll notice that your coming soon page doesn’t have to be incredibly in-depth to be effective: Reasons to Use a Coming Soon Page A coming soon page gives you a temporary way to send traffic to your website while you’re busy in the backend building it. As you’ll soon learn, coming soon pages serve a variety of purposes, from giving you peace of mind while working on your site, to helping generate leads, assist with the website migration process, and let you easily test new ideas. Here are a handful of the most common reasons you’ll want to use a WordPress coming soon page: 1. Generating Leads Before Launch The last thing you want to hear when you launch your website to the world is crickets. You can avoid this fate by strategically building an audience while your website is still under construction. One of the best ways to do this is to start building an email list before you launch. A coming soon page is a fantastic way to do this. Since it’s basically a landing page, you can offer an incentive for people to join your list (more on this below). Then, you can start building a relationship with your new subscribers right away through email.  2. Building Up Buzz and Hype If you don’t have an existing audience or following to tap into when you launch, you can use your coming soon page to build this initial hype. For example, maybe you use your coming soon page to host a compelling giveaway, or you give away some great resources in exchange for an email address or social media post. Essentially, a coming soon page presents an idea. If your idea is compelling enough and you give your visitors a reason or incentive to share, you can naturally build hype around your launch—even if you’re starting with no audience.  3. Testing Website or Product Ideas Quickly You can create a coming soon page rather quickly. Depending on your existing WordPress skills, you can have a coming soon page live in a couple of hours. Then, with this skeleton of a product or idea created you can start sending traffic to it to see how people react.  If you’re not sure about the direction you want to take with your website, or you have a few different branding ideas, then this can be a fast way to test them and get real-world feedback. This way you know that when you launch your website you’re building something that people want, and not something you “think” people want. This will make a big difference in the success of your website.   Alternative Uses for a Coming Soon Page Beyond the main reasons above there are two alternative reasons you’ll want to use a coming soon or maintenance page. 1. Using a Coming Soon Page During Site Migration Coming soon pages can be used during a website migration. For example, let’s say you built your site using a website builder, but now you want to switch over to WordPress. If you want to start building your WordPress site but don’t want to take down your current site until it’s complete, then you can use a coming soon page to bridge the gap. The process for this is pretty simple. You install WordPress on your new site and install a coming soon page plugin (we discuss this in the final section). Then, you can build your new site completely in the background. You’ll have full access to the WordPress dashboard and the theme customization options. Once you’re finished building your new site, just turn off the coming soon plugin, and forward your domain that’s pointing to your old site to your new one.  This process allows for a seamless and stress-free site migration experience.  2. Creating a WordPress Staging Environment Another use of a coming soon plugin is when you’re doing routine maintenance or making changes to your site that you don’t want your visitors to see.  So, instead of trying to make these changes during the light of day you can activate a coming soon plugin and create a simple page that lets your visitors know you’re making changes to your site, and it’ll be back online soon.  Before you make changes to your site, one thing worth doing is installing a staging area plugin. This allows you to essentially create a cloned version of your site that you can work on.  With this kind of plugin activated, you can test out new changes without affecting your original site. You can also preview any changes in real-time. This gives you the freedom to test out design ideas and implement new features without the fear of breaking your existing site. Some popular WordPress staging area plugins include WP Staging, Duplicator, and WP Stagecoach. What Should You Include in a Coming Soon Page? Coming soon pages look different depending on their purpose. For example, if you’re trying to gauge interest for a new website you’re launching, this will look different than a maintenance mode page.  However, regardless of the purpose, most coming soon pages will have some similar elements. Here are the most common elements of a coming soon page: A message that announces what, exactly, is coming soon Your website logo and a color scheme that matches your brandingA timeline of when this project will go live, maybe even with a countdown timer to launchA sign-up form to collect visitor email addresses before launchLinks to anywhere else you can be found online, like social media profiles, or existing projects Let’s break down the details of some of these sections: What’s actually “coming soon” and why does it matter? Coming soon pages, when done the right way, can be incredibly valuable. They not only allow you to build buzz before you launch your website, but they can also give you feedback into whether or not your idea is worth pursuing. Make sure your page offers enough information so that your visitors know what’s coming soon. Curiosity can be a great way to get people intrigued about your new project, but they’ll need enough information to be curious in the first place. For example, is it a website that will help gardeners find the best natural products for their gardens? Or maybe you’re creating a website that shows dog owners how to best care and train their pets? Whatever your idea you’ll want to have a compelling headline, along with a brief description.  Ask yourself, why would this website matter for these new visitors? What’s in it for them? By teasing your idea you’ll be able to get valuable feedback from your visitors before launch. This will help with your positioning, messaging, and even design before you launch the final version of your site.  Finally, it can be helpful to include a countdown timer. Nearly every WordPress coming soon plugin will give you the ability to add a countdown timer to your site. These timers can help to build buzz and give your visitors something to look forward to. Also, if you’re using your coming soon page to generate leads, then this timer can give people a deadline to join your list. This leads us to the next section. Generate leads by offering an incentive Adding an email signup form to your coming soon page is a great way to start building your list before you launch. However, if a visitor is already checking out your coming soon page you’ll want to do everything you can to make sure they stick around. A great way to do this is to offer an incentive for a visitor to join. For example, in exchange for their email you could offer things like: Access to early bird pricing (if you’re opening an eCommerce store)A free guide or set of resourcesA free coaching or consulting sessionThe chance to win a contest (if you’re running a giveaway) Once you get their email list you can stay in touch with them, ask for feedback on your idea, inform them about the launch timeline, and more. By building an email list before you even launch you can avoid launching to a crowd of zero. Instead, you’ll have a ton of people excited about your new project and can help to spread the word.  Give visitors a way to get in touch and spread the word You don’t have to wait until you launch to get valuable feedback from your visitors. Right from the very start, you should encourage your visitors to get in touch with you to share any questions, ideas, or concerns. By opening this line of dialogue early on you can improve the quality of your website and ensure you’re building something your visitors want. This can be as simple as including your email on the coming soon page. Or, you can engage in dialogue later on, if you collect their email address.  These initial people to support your project can be your biggest advocates in getting the word out. So, you’ll want to treat them like gold. Another element you might want to add is a way for your visitors to share your coming soon page with their audience. This can be as simple as having a handful of social media icons. Or, try offering an incentive for sharing, such as entry into a contest you’re running.  How to Create a Coming Soon Page in WordPress By now you should be well versed in what goes into a WordPress coming soon page. You should have a thorough understanding of what you’re going to include on your page, as well as what the overarching goal for your page will be. Here’s how you can create your own coming soon page in WordPress: 1. Find the Perfect WordPress Coming Soon Page Plugin When you’re using WordPress there are always a dozen plugins you can choose from for any task you want to accomplish, or feature you want to add.  For adding a coming soon page to your site one of the best is called Coming Soon Page & Maintenance Mode by SeedProd. This plugin has both a free and premium version and has all the features you need to create an epic coming soon page. You can even use this plugin to create a simple website maintenance mode page as well, if that’s your goal. This plugin will help you quickly create a coming soon page on WordPress. You can even customize the page with CSS if you want it to match the design of your new site.  For the rest of this tutorial we’ll be using the Coming Soon Page & Maintenance Mode by SeedProd plugin, so to follow along you’ll want to use the same plugin. However, there are some alternatives that provide comparable features like the Minimal Coming Soon & Maintenance Mode and the Nifty Coming Soon plugins.  2. Install and Activate the Plugin To install the plugin you’ll need to login to your WordPress dashboard. Once you’re in the backend of your site navigate to Plugins>Add New. Then, click ‘Add New’ and search for Coming Soon SeedProd, and install the plugin that looks like the one below.  Once the plugin is activated you can access the plugin settings by clicking on the ‘SeedProd’ icon on the left-hand side of your dashboard. If you have a lot of plugins installed, you might have to scroll to find it.  3. Configure Your Settings For the sake of this tutorial, we’re using the free version of the SeedProd plugin, which will be more than enough for most users. However, if you want access to even more features, then you can upgrade to the premium version as well. The first thing we’ll do is navigate to the ‘Design’ tab. Here we can customize how the coming soon page will look. At the top, you’ll notice the theme selection options (note that this is only available for those using the pro version). If you scroll down you’ll notice Background, Content, and Text options. By customizing these we can set a background image or color, set the content width, and text colors. If you know CSS, then you can add that to truly customize your page. Once you’re satisfied with the design, let’s move over to the ‘Content’ tab.  This is where we’ll be adding the logo, page headline, and content. Spend some time with this section as this is the most important aspect of your coming soon page. Create a compelling headline and body copy that entices your visitors to learn more and get excited about your project.  You can also embed an email sign up form into this section as well. However, you’ll need to embed it with a shortcode or HTML form, as the free version isn’t equipped with integration abilities right out of the box (for instant integration, simply upgrade to the Pro version).  Finally, at the bottom of this tab, you can optimize the SEO settings for your page. This is how your coming soon page will show up in the search engines. Although the chances of ranking are pretty low (on a brand new website), it can be helpful if you’re going to have your coming soon page up for a while. You can add your Google Analytics code to this section as well. This can be helpful if you’re going to be trying a ton of different traffic generation methods and you want to see which marketing approach is the most effective.  4. Enable Your Coming Soon Page Once you’re satisfied with the design of your page and the copy, it’s time to make it live.  To do this you’ll need to be back in the ‘Content’ tab. Then, under the ‘General’ box select the ‘Enable Coming Soon Mode’ option. You might have noticed that once you turn this option on, nothing changes in the backend. But, now whenever someone comes to your site all they’ll be able to see and access is the coming soon page. When you’re logged into your site you’ll be able to see the version of the site that you’re working on. So, if you want to see what your visitors see when they access your site, then you’ll need to log out and maybe even view your site through an Incognito browser tab. With a coming soon page enabled, you now have the freedom and time to build your site as you see fit. Let your coming soon page do the work for you, while you build your perfect website in the backend.  Once you’re finished with your design, just return to the same tab and turn the option to ‘Disabled’ and your site will be available for the world to see. Alternatively, you can also deactivate and uninstall the plugin. Moving Forward with Your Own Coming Soon Page As you can see, a coming soon page can be a very valuable addition to your website. It gives you time to build your site as you see fit. You won’t feel rushed to build your site or make design changes while the world can see your site. Plus, by using a coming soon page the right way you can help to build buzz for your new project, generate leads before launch, and even make the website migration process less stressful. For this tutorial we used the free version of the SeedProd Coming Soon plugin. However, you can use any plugin you wish that has similar features. The specific plugin you choose doesn’t matter as much as it having the features you require and you being able to use it easily. You’re now ready to unlock the power of a coming soon page for your website. Hopefully, the tips above will get you moving in the right direction and one step closer to your website building dreams! Find the post on the HostGator Blog

Big Hosting Days: Discounts on Domains, Hosting, Email, Addons & more! 

BigRock Blog -

It’s almost sale time! We’re excited to announce a huge upcoming promo for our customers! If there’s any time to start a blog, buy a domain name or begin your online journey, it’s now! We at BigRock are gearing up for Big Hosting Days, offering discounts on web hosting, domains, email solutions, add-on products  and more! The sale dates are 16th March – 18th March. We want you to make the most of this 3 day sale! The details of the discounts are below:   Discounts on .IN, .COM & more Domains As part of Big Hosting Days, enjoy discounts on popular domains such as .IN and .COM. .IN: Buy for 1 year at ₹299 .IN: When you buy for 2 years, get 1st year at flat ₹139  .COM: 10% off for 1st year .ICU ₹149 .CLUB ₹129 .XYZ ₹99 .LIVE ₹199 .EMAIL ₹199 .EU ₹199 .TODAY ₹299 .MOBI ₹299 .INFO ₹299 .SITE ₹109 .TECH ₹99 .STORE ₹199   Deals on Hosting & more Get upto 55% off on web hosting! Get online at affordable rates! Domain Value Adds BigRock Instant – 50% off ₹149/yr Privacy Protect ₹299/yr Bundled Deals Domains and Hosting Deals   Addon Offers Lockdown your website security with our addon offers! Codeguard Backup Service 20% off SiteLock Malware Protect 20% off SSL Certificates 20% off *Applies to Annual plans only   Email Solutions Want to look professional? Start with your email address! Choose secure and professional email solutions at discounted rates! Business Email ₹24/mo/acc Enterprise Email ₹49/mo/acc G Suite* ₹99/mo/acc *Applies to Annual plans only *Applies to 1-5 seats only   We hope you make the most of Big Hosting Days and get these products at discounted prices! Mark your calendars for 16th March because you don’t want to miss out!

Cloudflare's COVID-19 FAQs

CloudFlare Blog -

As the status of COVID-19 continues to impact people and businesses around the world, Cloudflare is committed to providing awareness and transparency to our customers, employees, and partners about how we are responding. We do not anticipate any significant disruptions in Cloudflare services.Our Business Continuity Team is monitoring the situation closely and all company personnel are kept up to date via multiple internal communication channels including a live chat room. Customers and the public are encouraged to visit this blog post for the latest information. You can check the status of our network at www.cloudflarestatus.com. For COVID-19-related questions that aren’t answered below, please contact our Customer Support Team.Does Cloudflare have a Business Continuity Team (BCT)?Yes, Cloudflare’s Business Continuity Team is a cross-functional, geographically diverse group dedicated to navigating through a health crisis like COVID-19 as well as a variety of other scenarios that may impact employee safety and business continuity.What is Cloudflare’s Business Continuity Plan in the light of COVID-19?In addition to Cloudflare’s existing Disaster Recovery Plan we have implemented the following strategies:Daily Business Continuity Team meetings to determine if updates, changes, or communication need to be provided to customers, partners, and employees.Global monitoring of COVID-19 related events and impact.Tailored business continuity plans per office and function, including work from home policies and regional resources.Can the essential aspects of the product or service, requiring employee interaction, be performed by employees working from alternate locations or at their homes?Fortunately the nature of Cloudflare business is digital and rarely requires in-person activity. At this time we do not anticipate significant impact to products or services. Some teams are adjusting to teleworking but at this time we have not identified a service-level impact.Which components of the product or service are reliant on employees performing a specific action vs. which ones are automated activities?Troubleshooting and maintenance of the platform is performed by Cloudflare employees in globally dispersed locations. On-prem support is not required for the vast majority of our products and services.Products can be used without the need for manual interaction from Cloudflare employees.What is the response for your customer support team? Do you have call centers?Cloudflare does not have call centers. Our support personnel will continue to provide assistance 24 hours a day to customers no matter their location as usual.Have you implemented any travel restrictions or social distancing protocols?Yes, Cloudflare has implemented travel restrictions to countries as recommended by government agencies. Employees are encouraged to postpone all non-essential business travel at this time including inter-office travel. We are monitoring regional guidance from health authorities and updating our requirements as needed.Do any of Cloudflare’s vendors have any new or emerging concerns about their ability to deliver goods or services during a pandemic?Cloudflare has taken an extra step to work with critical business partners and suppliers to ensure that there will be minimal to no impact to the business or our customers.Are Cloudflare offices closed?Cloudflare offices in the US, EMEA, and Sydney are physically closed and we have moved to a full teleworking model. In Singapore and Beijing, employees have been split into two groups. Each group will be alternating between working from home and working in the office.What are your plans to ensure minimal impact to services?Cloudflare’s business continuity team has worked with organization leaders to prepare for the challenges of COVID-19 and many other scenarios. We are confident in our ability to limit impact to services because of our preparation.Do you anticipate any service disruption or support by either yourself or your subcontractors due to COVID-19?At this time we do not anticipate any service disruptions due to COVID-19. We are monitoring the situation closely and will update as information becomes available.What happens if one of our data centers goes down? Who will remedy it? Does it require a person to be on-prem?Due to the nature of the Anycast network, we have over 200 Points of Presence (PoPs) that manage failover traffic. Traffic would simply be rerouted to other locations. Learn about the Anycast network here: https://www.cloudflare.com/network/.The Infrastructure and Engineering teams are working proactively to ensure that enough capacity is available at our most critical PoPs. We feel confident in our ability to service our most critical facilities with our approved partner.Which vendor contact is responsible for communicating any disruption in their service to customers?Our Customer Support Team is fully operational and will reach out as they would with any other outage or incident. Methods vary based on contract.What is the communication method they will be using to inform customers of an interruption? (For example, if they would normally call your office phone, and you are working remotely, your desk phone may no longer be the best option)You can check the status of our services at www.cloudflarestatus.com. Additionally, our Customer Support Team is fully operational and will reach out as they would with any other outage or incident. Methods vary based on contract.Who can I reach out to for comments or concerns?For questions not answered above, customers can reach out to our Customer Support Team via normal means.

Instagram Strategy: Growing Your Followers and Business

Social Media Examiner -

Looking for a strategic approach to organic Instagram growth? Wondering how to develop content that will grow your business and your Instagram following? To explore how to use Instagram as a hub for shareable content that leads to business growth, I interview Vanessa Lau on the Social Media Marketing Podcast. Vanessa is a community development […] The post Instagram Strategy: Growing Your Followers and Business appeared first on Social Media Marketing | Social Media Examiner.

Cloudflare During the Coronavirus Emergency

CloudFlare Blog -

This email was sent to all Cloudflare customers a short while agoFrom: Matthew PrinceDate: Thu, Mar 12, 2020 at 4:20 PM Subject: Cloudflare During the Coronavirus EmergencyWe know that organizations and individuals around the world depend on Cloudflare and our network. I wanted to send you a personal note to let you know how Cloudflare is dealing with the Coronavirus emergency.First, the health and safety of our employees and customers is our top priority. We have implemented a number of sensible policies to this end, including encouraging many employees to work from home. This, however, hasn't slowed our operations. Our network operations center (NOC), security operations center (SOC), and customer support teams will remain fully operational and can do their jobs entirely remote as needed.Second, we are tracking Internet usage patterns globally. As more people work from home, peak traffic in impacted regions has increased, on average, approximately 10%. In Italy, which has imposed a nationwide quarantine, peak Internet traffic is up 30%. Traffic patterns have also shifted so peak traffic is occurring earlier in the day in impacted regions. None of these traffic changes raise any concern for us. Cloudflare's network is well provisioned to handle significant spikes in traffic. We have not seen, and do not anticipate, any impact to our network's performance, reliability, or security globally.Third, we are monitoring for any changes in cyberthreats. While we have seen more phishing attacks using the Coronavirus as a lure, we have not seen any significant increase in attack traffic or new threats. Again, our SOC remains fully operational and is continuously monitoring for any new security threats that may emerge.Finally, we recognize that this emergency has put strain on the infrastructure of companies around the world as more employees work from home. On Monday, I wrote about how we are making our Cloudflare for Teams product, which helps support secure and efficient remote work, free for small businesses for at least the next six months:https://blog.cloudflare.com/cloudflare-for-teams-free-for-small-businesses-during-coronavirus-emergency/As the severity of the emergency has become clearer over the course of this week, we decided to extend this offer to help any business, regardless of size. The healthy functioning of our economy globally depends on work continuing to get done, even as people need to do that work remotely. If Cloudflare can do anything to help ensure that happens, I believe it is our duty to do so.If you are already a Cloudflare for Teams customer, we have removed the caps on usage during this emergency so you can scale to whatever number of seats you need without additional cost. If you are not yet using Cloudflare for Teams, and if you or your employer are struggling with limits on the capacity of your existing VPN or Firewall, we stand ready to help and have removed the limits on the free trials of our Access and Gateway products for at least the next six months. Cloudflare employees around the world have volunteered to run no-cost onboarding sessions so you can get set up quickly and ensure your business' continuity.Details: https://developers.cloudflare.com/access/about/coronavirus-emergency/Sign up for an onboarding session: https://calendly.com/cloudflare-for-teams/onboardingThank you for being a Cloudflare customer. These are challenging times but I want you to know that we stand ready to help however we can. We understand the critical role we play in the functioning of the Internet and we are continually humbled by the trust you place in us. Together, we can get through this.--Matthew PrinceCo-founder & CEOCloudflare@eastdakota@cloudflare

Protect your team with Cloudflare Gateway

CloudFlare Blog -

On January 7th, we announced Cloudflare for Teams, a new way to protect organizations and their employees globally, without sacrificing performance. Cloudflare for Teams centers around two core products - Cloudflare Access and Cloudflare Gateway. Cloudflare Access is already available and used by thousands of teams around the world to secure internal applications. Cloudflare Gateway solves the other end of the problem by protecting those teams from security threats without sacrificing performance.Today, we’re excited to announce new secure DNS filtering capabilities in Cloudflare Gateway. Cloudflare Gateway protects teams from threats like malware, phishing, ransomware, crypto-mining and other security threats. You can start using Cloudflare Gateway at dash.teams.cloudflare.com. Getting started takes less than five minutes.Why Cloudflare Gateway?We built Cloudflare Gateway to address key challenges our customers experience with managing and securing global networks. The root cause of these challenges is architecture and inability to scale. Legacy network security models solved problems in the 1990s, but teams have continued to attempt to force the Internet of the 2020s through them.Historically, branch offices sent all of their Internet-bound traffic to one centralized data center at or  near corporate headquarters. Administrators configured that to make sure all requests passed through a secure hardware firewall. The hardware firewall observed each request, performed inline SSL inspection, applied DNS filtering and made sure that the corporate network was safe from security threats. This solution worked when employees accessed business critical applications from the office, and when applications were not on the cloud.Average SaaS spending per company since 2008 (source)SaaS broke this model when cloud-delivered applications became the new normal for workforce applications. As business critical applications moved to the cloud, the number of Internet bound requests from all the offices went up. Costs went up, too. In the last 10 years, SaaS spending across all company size segments  grew by more than 1615%. The legacy model of backhauling all Internet traffic through centralized locations could not keep up with the digital transformation that all businesses are still going through.The challenge of backhauling traffic for a global workforceExpensive and slowSaaS adoption is only one element that is breaking traditional network models. Geographically distributed offices and remote workers are playing a role, too.Cloudflare Gateway has been in beta use for some of our customers over the last few months. One of those customers had more than 50 branch offices, and sent all of their DNS traffic through one location. The customer’s headquarters is in New York, but they have offices all over the world, including in India. When someone from the office in India visits google.com, DNS requests travel all the way to New York.As a result, employees in India have a terrible experience using the Internet. The legacy approach to solve this problem is to add MPLS links from branch offices to the headquarters. But MPLS links are expensive, and can take a long time to configure and deploy. Businesses end up spending millions of dollars on legacy solutions, or they remain slow, driving down employee productivity.Slow to react to security threatsWhen businesses backhaul traffic to a single location to inspect and filter malicious traffic using a hardware firewall. But, the legacy hardware appliances were not built for the modern Internet. The threat landscape for the Internet is constantly changing.For example: about 84% of phishing sites exist for less than 24 hours (source) and legacy hardware firewalls are not fast enough to update their static rules to thwart phishing attacks. When security threats on the Internet act like moving targets, legacy hardware appliances that rely on static models to filter malicious traffic cannot keep up. As a result, employees remain vulnerable to new threats even when businesses backhaul Internet bound traffic to a single location.Cloudflare GatewayStarting today, businesses of all sizes can secure all their Internet-bound traffic and make it faster with  Cloudflare Gateway. Cloudflare has data centers in more than 200 cities around the world and all of our services run in every single data center. Therefore, when a business uses Cloudflare Gateway, instead of backhauling traffic to a single location (slow), all Internet-bound requests travel to the nearest data center (fast) from the end user where Cloudflare Gateway applies security policies to protect businesses from security threats. All of this is done without the need for expensive MPLS links.(Source)Gateway’s secure DNS filtering capabilities are built on top of 1.1.1.1, the fastest public DNS resolver in the world. We took the pieces that made the 1.1.1.1 public DNS resolver the fastest and built Cloudflare Gateway’s secure DNS filtering capabilities for customers who want to secure their connection to the Internet. Combined with Cloudflare’s global presence of data centers in more than 200 cities and the fastest public DNS resolver in the world, Cloudflare Gateway secures every connection from every device to every destination on the Internet without sacrificing performance.Why Secure DNS Filtering?More than 90% of malware use DNS to perform command & control attacks and exfiltrate sensitive data. Here’s an example of how a malware can infect a device or a data center and perform a command & control (also known as C2C or C&C) attack: Imagine Bob receives an email from someone impersonating his manager with a link to ‘Box’ that looks harmless. The email looks legitimate but in reality it is a phishing email intended to steal valuable information from Bob’s computer or infected with malware. When Bob clicks on the link, the website phishing ‘Box’ delivers an exploit and installs malware onto Bob’s computer. The downloaded malware sends a request to the Command & Control server signaling that the malware is ready to receive instructions from the server. Once the connection between the malware and Command & Control server is established, the server sends instructions to the malware to steal proprietary data, control the state of the machine to reboot it, shut it down or perform DDoS attacks against other websites. If Bob’s computer was using DNS filtering, it could have prevented the attack in two places. First, when Bob clicked on the phishing link (2). The browser sends a DNS request to resolve the domain of the phishing link. If that domain was identified by DNS filtering as a phishing domain, it would have blocked it right away.Second, when malware initiated the connection with the Command & Control server, the malware also needed to make a DNS request to learn about the Command & Control server’s IP address. This is another place where a secure DNS filtering service can detect the domain as malware and block access to it. Secure DNS filtering acts as the first layer of defence against most security threats and prevents corporate networks and devices from getting infected by malicious software in the first place. According to a security report by Global Cyber Alliance, companies could have prevented losses of more than $200B using DNS filtering.How does Gateway’s secure DNS filtering work?The primary difference between the 1.1.1.1 public DNS resolver and Gateway’s secure DNS filtering is that the 1.1.1.1 public DNS resolver does not block any DNS queries. When a browser requests example.com, the 1.1.1.1 public DNS resolver simply looks up the answer for the DNS query either in cache or by performing a full recursive query.Cloudflare Gateway adds one new step to introduce security into this flow. Instead of allowing all DNS queries, Gateway first checks the name being queried against the intelligence Cloudflare has about threats on the Internet. If that query matches a known threat, or is requesting a blocked category, Gateway stops it before the site could load for the user - and potentially execute code or phish that team member.For example, if a customer is using Cloudflare Gateway, and sends a DNS query to example.com, first, Gateway checks if the DNS query is coming from a customer. Second, if it is coming from a customer Gateway checks if the DNS query matches with any of the policies setup by the customer. The policy could be a domain that the customer is manually blocking or it could be part of a broader security category that the customer enabled. If the domain matches one of those cases, Cloudflare Gateway will block access to the domain. This will prevent the end user from going to example.com.Encrypted DNS from day oneGateway supports DNS over HTTPS today and will also support DNS over TLS in the future. You can use Firefox to start sending DNS queries to Gateway in an encrypted fashion. It will also support other DNS over HTTPS clients as long as you can change the hostname in your preferred DNS over HTTPS client.Here’s how DNS over HTTPS for Cloudflare Gateway works:The DNS over HTTPS client encrypts the DNS request and sends it to the closest Cloudflare’s data center. Upon receiving the encrypted DNS request, it will decrypt it and send it to Cloudflare Gateway. Cloudflare Gateway will apply the required security policies and return the response to our edge. Our edge will encrypt the response and send it back to the DNS over HTTPS client.By encrypting your DNS queries you will make sure that ISPs cannot snoop on your DNS queries and at the same time filter DNS requests that are malicious.Cloudflare Gateway is for everyoneOne of our customers, Algolia, is a fast growing startup. Algolia grew by 1005% in 2019 (source). As the company experienced rapid growth, Cloudflare Gateway helped maintain their corporate security without slowing them down:“Algolia is growing pretty fast. At Algolia, we needed a way to have visibility across our corporate network without slowing things down for our employees. Cloudflare Gateway gave us a simple way to do that” Adam Surak (Director of Infrastructure & Security Algolia)But Gateway isn’t just for fast growing startups. Anyone with a Cloudflare account can start using Cloudflare Gateway today. Gateway has a free tier where we wanted to make sure even small businesses, teams and households who cannot afford expensive security solutions can use Cloudflare Gateway to protect themselves from security threats on the Internet. We offer a free plan to our customers because we have a paid tier for this product with additional functionality that are more suited towards super users. Features like longer data retention for analytics, more granular security and content categories, individual DNS query logs, logpush to a cloud storage bucket etc. are features that are only available to our paid customers. You can learn more about Gateway in our product page.How can you get started?If you already have a Cloudflare account get started by visiting the Teams dashboard.The onboarding will walk you through how to configure your router, or device to send DNS queries to Gateway. The onboarding will help you setup a location. A location is usually a physical entity like your office, retail location, data center or home.Once you finish onboarding, start by configuring a policy. A policy will allow you to block access to malicious websites when anyone is using the Internet from the location that you just created.You can choose from the categories of policy that we have created. You can also manually add a domain to block it using Gateway. Once you start sending DNS queries to Gateway, you will see analytics on the team's dashboard. The analytics dashboard will help you understand if there are any anomalies in your network.What’s nextCloudflare's mission is to help create a better Internet. We have achieved this by protecting millions of websites around the world and securing millions of devices using WARP. With Cloudflare Access, we helped secure and protect internal applications. Today, with Cloudflare Gateway’s secure DNS filtering capabilities we have extended our mission to also protect the people who use the Internet every day. The product you are seeing today is a glimpse of what we are building for the future. Our team is incredibly proud of what we have built and we are just getting started.

Coronavirus (COVID-19) and Webmaster Conference

Google Webmaster Central Blog -

Last year we organized Webmaster Conference events in over 15 countries. The spirit of WMConf is reflected in that number: we want to reach regions that otherwise don't get much search conference love. Recently we have been monitoring the coronavirus (COVID-19) situation and its impact on planning this year's events.To wit, with the growing concern around coronavirus and in line with the travel guidelines published by WHO, the CDC, and other organizations, we are postponing all Webmaster Conference events globally. While we're hoping to organize events later this year, we're also exploring other ways to reach targeted audiences.We’re very sorry to delay the opportunity to connect in person, but we feel strongly that the safety and health of all attendees is the priority at this time. If you want to get notified about future events in your region, you can sign up to receive updates on the Webmaster Conference site. If you have questions or comments, catch us on Twitter!Posted by Cherry Prommawin and Gary

WP Engine Named a Fortune Best Workplace in Technology

WP Engine -

For the third year in a row, WP Engine has been named a Fortune Best Workplace in Technology, a designation that recognizes companies with highly fulfilled, engaged employees and a strong focus on innovation.  To determine the companies selected for 2020, Fortune partner Great Place to Work®, analyzed anonymous survey responses from nearly 300,000 employees… The post WP Engine Named a Fortune Best Workplace in Technology appeared first on WP Engine.

Announcing a New Scholarship for LGBTQ+ WordPress Community Members

WordPress.com News -

The Queeromattic Employee Resource Group, Automattic’s LGBTQ+ internal organization, is proud to announce a scholarship for LGBTQ+ WordPress Community members who need financial support to attend a WordCamp flagship event for the first time.  For those unfamiliar with WordCamps, they are informal, community-organized events that are put together by WordPress users like you. Everyone from casual users to core developers participate, share ideas, and get to know each other. There are currently four flagship events each year: WordCamp Europe, WordCamp Asia, WordCamp US, and WordCamp Latin America. We’re going to sponsor one member of the LGBTQ+ community to attend each of these events! Our hope in sponsoring folks to attend an initial WordCamp flagship event is that it will provide a career-enhancing opportunity for folks to connect more deeply with members of the WordPress community and level up their own WordPress skills to take back into their everyday life. Many of us at Automattic found our way here through the wider WordPress community and we’re really excited to share that chance with folks from the LGBTQ+ community who might not have the opportunity otherwise.  Right now, we’re accepting applications to WordCamp US 2020. If you’re a member of the LGBTQ+ community and a WordPress user, we encourage you to apply: https://automattic.com/scholarships/queeromattic/  To be considered, please apply no later than Sunday, May 31, 2020 at 12 a.m. Pacific Time. If you know someone who would be perfect for an opportunity like this, please share it with them! We want folks from all over the world to have the chance to benefit from this new scholarship.

HostGator Customer Spotlight: Afie Braimoh of SACFruits

HostGator Blog -

The post HostGator Customer Spotlight: Afie Braimoh of SACFruits appeared first on HostGator Blog. While many of HostGator’s customers have high passion levels for their side projects, we know it’s also true that the daily grind can be tough, especially after working a regular, perhaps dull, 9-5 job. It can be challenging to take those initial steps to get started when all you want to do is veg out and watch the latest and greatest on Netflix. If you’re thinking about starting a killer side hustle, you need a website. And we’ve got some inspiration from one of our favorite HostGator success stories, Afie Braimoh, creator of the SACFruits business and website. Who Is Afie Braimoh of SACFruits? We first learned about Afie Braimoh and her company SACfruits when she entered her story in our Side Hustle Star Awards. And dude, were we impressed! (In fact, Afie won the contest!)  Afie worked hard to develop an excellent global health product, dried fruit from West African fruit. The product is tasty, 100% natural, and perfect for anyone at any time and on any day. What is even more exciting about Braimoh’s business—even more than the pure deliciousness of her product—is how she decided to start her side hustle.  How Afie Got Started With Her Side Hustle She started her health food side hustle while living in Nigeria after seeing so many West African farmers slip into poverty due to too much food waste.  Afie explains how her side hustle helps fight poverty in Africa. “I market and distribute dried fruit snacks from West Africa. I saw the poverty in the farmers because their fruits would simply rot away because of bad access to roads to get their goods to the market, so I started this side hustle. I have also built a very strong relationship with farmers across Nigeria, and have invested in some of their crops like mango trees and pineapple farms.” The SACFruits side hustle started small. Afie began by trying out her recipes and says, “I purchased a dehydrator and started drying fruits in season. Then I started sampling parties that comprised of friends, work colleagues, and family as well.” Then, Afie went through the process of getting FDA approval and launched SACFruits on Amazon in January 2019, and continues to see her business grow. Afie Braimoh knew her side hustle would be successful when she continually saw the global health trend on TV, social media, and expos where people are concerned about what they eat. Her dedication and belief in her side hustle show when you look at her results. “I spend every evening combing through websites learning ways to distribute this product. I am slowly identifying traditional and unique ways. I launched at the Macy’s Market, a supermarket in Miami, and also a coffee shop in NY. Given my full-time job, this has been a leap,” according to Braimoh. What Challenges Did Afie Braimoh Overcome? Starting a side hustle isn’t all roses and daisies. It can be difficult, and some side hustlers may get stuck and want to give up from time to time. We asked Afie what challenges she experienced with running a business internationally. Her answers included figuring out shipping costs, delivering goods on time for large orders, and understanding exchange rates. “It’s tough getting funding for a small business,” says Afie. “But, I constantly use my salary to cover my small business expenses including constantly advertising online. I am working with just one distributor who has a day job but believes in my products. I continue to manage my expenses as much as I can by being the only employee for the business for now. Everything is scaled back to be able to meet my expenses.” Even though she experienced several challenges, Afie also said she never wanted to give up during the process, and she plans to quit her full-time job in the future. Afie urges other side hustlers not to give up either. She tells fellow side hustlers to “stay focused and be passionate about what you do. The most successful people today have passion.” Why HostGator? While Afie experienced some initial challenges in getting her business off the ground, building a website with HostGator was not one of them. We asked Afie why she chose HostGator to host and build her website. She said she has been impressed with HostGator because of the “reliability and responsiveness” of our hosting platform. Whatever type of business you’re looking to start and no matter how much web experience you may have, HostGator can help you get online. Our flexible platform allows you to quickly start a website and scale your web hosting package as your business grows. For example, the drag-and-drop Gator Website Builder makes it possible for even the first-timer to create a professional website.  If you already have a side hustle in mind, we would love to help you get your website up and running. Thankfully, the process is easy. Here is a quick tutorial on how you can build a website today. We can’t wait to see you get started. Find the post on the HostGator Blog

Open sourcing our Sentry SSO plugin

CloudFlare Blog -

Cloudflare Access, part of Cloudflare for Teams, replaces legacy corporate VPNs with Cloudflare’s global network. Using your existing identity provider, Access enables your end users to login from anywhere — without a clunky agent or traffic backhaul through a centralized appliance or VPN.Today, we are open sourcing a plugin that continues to improve that experience by making it easier for teams to use Cloudflare Access with one of the software industry’s most popular engineering tools, Sentry.What is Sentry?Sentry is an application that helps software teams find and diagnose errors in their products. We use Sentry here at Cloudflare. When you encounter an error when using a Cloudflare product, like our dashboard, we log that event. We then use Sentry to determine what went wrong.Sentry can categorize and roll up errors, making it easy to identify new problems before investigating them with the tool’s event logging. Engineering managers here can use the dashboards to monitor the health of a new release. Product managers often use those reports as part of prioritizing what to fix next. Engineers on our team can dig into the individual errors as they release a fix.Sentry is available in two forms: a SaaS model and a self-hosted version. Both modes give engineering teams comprehensive insight into the behavior of their deployed applications and the issues their users encounter.Connecting users to SentryOrganizations can deploy the self-hosted version on-premise or in a cloud environment they control. However, they still need to create a secure way to allow their teams to connect to the app.Historically, most opt for a VPN to solve that challenge. End users outside of the office need to configure a VPN client on their laptop and try to login with credentials that are often different from the ones used for a corporate SSO. Administrators had to make sure their VPN appliance could scale for a few users, but with most in the office, the VPN was a serious inconvenience for a smaller set of users.Over the last few years, that group of users working outside of the office has grown. Users are working from BYOD laptops, mobile phones, and in unfamiliar networks that all struggle with a VPN. Even worse, a VPN has a load limit because it relies on an actual appliance (whether virtual or physical hardware). Organizations can attempt to stress test their VPN, but will always have a limit that administrators need to continuously monitor.Cloudflare Access gives administrators the scale of Cloudflare’s global network and provides end users with a SaaS-like experience that just works from any device or network. When teams secure Sentry with Cloudflare Access, end users visit the hostname of the application, login with their identity provider, and are redirected from Cloudflare’s edge to the app if they have permission to reach it.However, in the case of an app like Sentry, end users need to login one more time to the application itself. That small step adds real friction, which Access can now solve through this open source plugin.JWT Security with Cloudflare for TeamsWhen a user logs in to their identity provider when connecting to an application protected by Access, Cloudflare signs a JSON Web Token (JWT).Cloudflare Access uses that JWT, and its contents, to confirm a user identity before allowing or denying access to sensitive resources. Cloudflare securely creates these through the OAUTH or SAML integration between Cloudflare Access and the configured identity provider. Each JWT consists of three Base64-URL strings: the header, the payload, and the signature.The header defines the cryptographic operation that encrypts the data in the JWT.The payload consists of name-value pairs for at least one and typically multiple claims, encoded in JSON. For example, the payload can contain the identity of a userThe signature allows the receiving party to confirm that the payload is authentic.The token is signed using a public private key pair and saved in the user’s browser. Inside of that token, we store the following details in addition to some general metadata:User identity: typically the email address of the user retrieved from your identity provider.Authentication domain: the domain that signs the token. For Access, we use “example.cloudflareaccess.com” where “example” is a subdomain you can configure.Audience: The domain of the application you are attempting to reach.Expiration: the time at which the token is no longer valid for use.When a request is made to an application behind Access, Cloudflare looks for the presence of that token. If available, we decrypt it, validate its authenticity, and then read the payload. If the payload contains information about a user who should be able to reach the application, we send their request to an origin.The Sentry plugin takes that JWT and reuses it, instead of prompting the visitor to login again with separate credentials. The plugin parses the user identity, checks it against the directory of users in Sentry, and maps that token to a Sentry profile and its assigned permissions.All of this is seamless to the end user and takes just a few milliseconds. The user is instantly redirected to the application, fully authenticated, and only needs to remember their SSO login. Administrators now have one fewer set of credentials to worry about managing and the associated onboarding and offboarding.Building your own SSO pluginWe believe that the JSON Web Token is a simple and efficient method for sending identity. Applications that use JWTs for authorization only need to support the JWT standard, instead of attempting to integrate with different versions of SAML or other formats like OIDC and OAUTH. A JWT is also information dense and built in a format, JSON, that can be easily parsed by the target application.Some products, like Redash, already have native support for JWT integration. The Sentry plugin we built joins our Atlassian plugin as both options to extend support to those apps, but also examples that can be used for integration with other products. Other teams, like Auth0, have also published materials to add JWT integration to legacy apps.What’s next?Cloudflare Access is available on every Cloudflare account and 5 free seats are included by default. You can follow these instructions to get started.If you are a small business, you can sign up for the Cloudflare for Teams program right now at the link below.https://www.cloudflare.com/smallbusiness/

Pages

Recommended Content

Subscribe to Complete Hosting Guide aggregator