Cloudflare
Title | Cloudflare |
|---|---|
Use | DNS, WAF, CDN, Caching |
Owner | Andrew Somervell |
Location |
|
Cost | Free |
Billing | Free |
Cloudflare is an enterprise-class security proxy that sits in front of 26m websites, protecting them from known security attacks. It manages DNS (globally distributed), WAF (OWASP top 10 and more), CDN (also globally distributed) and Caching (does all sorts of magic to accelerate the delivery of content to modern browsers, does a whole lot of javascript polish so you don’t have to)
Access Control
Current status of accounts
Andrew Somervell and Rafael Fonseca have administrative rights both with MFA on.
Admin Permissions Process
To be given admin rights you must:
Be a technical employee of Voluntarily
or be a trusted and experienced, long term contributor we have met in person.
have MFA enabled on your IAM account
Password policy allows alpha only passphrases but must be 15 chars or more.
Revoking Permissions
Access will be revoked for a person:
No longer meeting the above requirements.
Not contributing a change to the platform for more than 12 months.
Any action causing malicious harm to the project/code base.
Any action breaking the code of conduct towards others.
Any illegal activity
Auditing Permissions and Changes
Asset Backup and disaster recovery
Impact of losing access to service
Site will be down (along with 20% of the internet)
Backup Process
Fault tolerant SaaS service, if they’re really down, redirect DNS to Route53 or otherwise.