Reading up on Cloudflare
77 deep · digging since nov 19, 25
- Cloudflare gives OpenAI network signals covering 20% of the web
Cloudflare and OpenAI launched a research pilot that feeds Cloudflare's real‑time network freshness and traffic data into OpenAI's search system to speed up and improve AI web indexing.
- Cloudflare Workers and Hyperdrive with TanStack Start – Master.dev Blog
Using Cloudflare Workers with Hyperdrive and TanStack Start requires per-request database objects to avoid runtime errors and connection limits.
- Cloudflare Drop
Cloudflare Drop lets anyone drag a folder or ZIP to instantly preview a static site for an hour and then claim it to make the deployment permanent.
- Announcing Vite+ Beta
Vite+ beta unifies runtime, package manager, and frontend tools like Vite, Vitest, Rolldown, and Oxlint into a single open-source CLI workflow for web projects.
- How OpenAI Delivers Low-Latency Voice AI for 900M Users
OpenAI splits WebRTC into a stateless relay and a stateful transceiver, using the ICE ufrag for routing to serve 900M voice AI users with low latency.
- Cloudflare teams up with Chrome, Firefox, and Edge on a privacy-first anti-bot protocol
Cloudflare, Mozilla, Google, and Microsoft are developing PACT, a privacy-first protocol to verify web traffic legitimacy without tracking users.
- never waste a token
Putting a durable buffer between AI agents and LLM providers prevents token waste and re-billing when a process crashes mid-stream, with resumable streaming and crash recovery using the same mechanism.
- Bots Have Now Passed Human Traffic Online Cloudflare Boss Laments Says Agentic Traffic Wasnt Expected To Eclipse Real People Until Next Year
Cloudflare CEO Matthew Prince reports AI agent traffic has surpassed human traffic online for the first time, far earlier than his 2027 prediction.
- VoidZero is joining Cloudflare
VoidZero, the company behind Vite, Vitest, Rolldown, Oxc, and Vite+, is joining Cloudflare; the tools will remain open source and vendor-agnostic, with Cloudflare committing $1M to a Vite ecosystem fund.
- Just a moment...
This page presents a security verification challenge, likely operated by Cloudflare, that prevents direct access to the underlying article content that was requested.
- Astro 6.4 | Astro
Astro 6.4 releases a pluggable Markdown processor API, a faster Rust-based Sätteri processor, and Cloudflare helpers for experimental advanced routing.
- GitHub - nkzw-tech/cloudsail: Self-hosted instant sandboxes for coding agents on Cloudflare.
Cloudsail is an alpha tool that provides self-hosted instant sandboxes for coding agents on Cloudflare, with secure credential injection and controlled egress.
- How I Choose Which Cloudflare Employees to Replace With AI - WSJ
Cloudflare laid off over 20% of its workforce despite record growth, arguing AI will replace 'measuring' roles like middle managers and operations, not builders or sellers.
- Project Glasswing: what Mythos showed us
Cloudflare found Anthropic's Mythos Preview LLM can chain multiple bugs into exploits but requires a multi-stage harness and architectural defenses to scale effectively.
- Project Glasswing: what Mythos showed us
Cloudflare tested Mythos Preview on its own code and found it effective at chaining low-severity bugs into exploits, but harness design is critical for scale.
- Cloudflare to Slash 1,100 Jobs Due to AI-Driven Restructuring Plan - WSJ
Cloudflare will cut about 1,100 jobs as part of an AI-driven restructuring, citing a paradigm shift in the software industry.
- Cloudflare to Cut One-Fifth of Workers in Move to AI-First Model
Cloudflare plans to eliminate 20% of its workforce as part of a strategic reorganization toward an AI-first operational model.
- How OpenAI delivers low-latency voice AI at scale
OpenAI rebuilt its WebRTC stack with a relay-transceiver architecture to reduce latency and manage scale for real-time voice AI across 900 million users.
- GitHub - gragland/codex-imessage-handoff: Work from iMessage baby
A Codex skill routes prompts from iMessage or SMS into a local Codex thread via Sendblue, enabling remote continuation of coding sessions.
- GitHub - cloudflare/agentic-inbox: A self-hosted email client with an AI agent, running entirely on Cloudflare Workers
Cloudflare released Agentic Inbox, a self-hosted email client with an AI agent that runs entirely on Cloudflare Workers using Email Routing, Durable Objects, and R2.
- Agents can now create Cloudflare accounts, buy domains, and deploy
Cloudflare and Stripe launch a protocol that lets AI agents autonomously create accounts, subscribe, and buy domains to deploy apps without human involvement.
- The AI engineering stack we built internally — on the platform we ship
Cloudflare built its internal AI engineering stack on its own platform, achieving 93% R&D adoption and 47.95M AI requests in 30 days.
- Cloudflare Email Service
Cloudflare launches Email Service for sending emails via API or Workers, sparking debate on spam risks, pricing, and its framing as an agent interface.
- Agents Week 2026 Updates and Announcements
Cloudflare launched over 20 products and features for AI agents during Agents Week 2026, including Agent Memory, AI Search, Sandboxes, and a new CLI.
- Browser Run: give your agents a browser
Cloudflare renames Browser Rendering to Browser Run, adding Live View, Human in the Loop, CDP access, WebMCP support, session recordings, and 4x higher concurrency for AI agents.
- Building a CLI for all of Cloudflare
Cloudflare introduces 'cf', a unified CLI technical preview with a new TypeScript schema layer for generating consistent commands across all products, alongside Local Explorer for debugging local data.
- Attention Required!
Cloudflare blocks access to a CACM article on NASA's Artemis II fault-tolerant computer, showing only a cookie consent wall.
- Show HN: I put an AI agent on a $7/month VPS with IRC as its transport layer
A developer built a two-tier AI agent on a $7/month VPS using IRC as transport, enabling visitors to ask about his work with real code access instead of rephrased resume text.
- Show HN: Ichinichi – One note per day, E2E encrypted, local-first
A minimal daily journaling app that locks past entries to prevent editing, stores data locally with optional E2E encrypted sync via Supabase.
- The 49MB web page
News websites like the NYT have grown bloated with ads and tracking, reaching 49MB, driving users to block JavaScript or seek alternatives.
- Cloudflare crawl endpoint
Cloudflare launches a managed crawl endpoint that respects robots.txt, aiming to provide a well-behaved alternative to aggressive AI scrapers.
- Crawl entire websites with a single API call using Browser Rendering
Cloudflare's Browser Rendering adds a /crawl endpoint that lets developers crawl entire websites via a single API call, outputting HTML, Markdown, or JSON.
- Is AI Doing Less & Less?
A six-month evolution from fully agentic AI to a hybrid architecture shows 65% of workflow nodes now run as deterministic code, improving reliability and cost efficiency.
- Open Source in the age of AI
AI is enabling rapid cloning of open source codebases, as demonstrated by Cloudflare rebuilding Next.js in a week, challenging the value of software licenses and the premise of open source.
- Never buy a .online domain
Buying a .online domain led to automatic blacklisting by Google Safe Browsing and suspension by registry Radix, with no appeal process.
- Tests Are The New Moat
As AI clones open source work easily, tests, API contracts, and surface area become the new commercial moat, clashing with open documentation incentives.
- How we rebuilt Next.js with AI in one week
Cloudflare rebuilt Next.js on Vite in one week using AI, achieving faster builds and smaller bundles, but HN commenters are deeply skeptical about edge cases and long-term support.
- Code Mode: give agents an entire API in 1,000 tokens
Cloudflare's Code Mode for Workers AI reduces MCP token usage by 99.9%, exposing the entire API via two search and execute tools.
- Introducing Markdown for Agents
Cloudflare introduces Markdown for Agents, automatically converting HTML to markdown for AI crawlers and agents to reduce token usage and improve structured data access.
- Sell skills on playbooks
The site playbooks.com returned a 502 Bad Gateway error from Cloudflare, indicating the web server is temporarily unreachable.
- Vercel's CEO offers to cover expenses of 'Jmail'
Vercel's CEO offered to pay Jmail's $46k hosting bill after it went viral hosting Epstein files, sparking debate over the platform's pricing versus cheaper alternatives.
- Ask HN: Who do you follow via RSS feed?
HN users share RSS subscriptions to reduce doomscrolling, favoring tech blogs, webcomics, and substacks over algorithmic feeds.
- Attention Required!
The page is a Cloudflare security challenge blocking access to a paywalled The Information article titled "OpenAI Aims to Lure Businesses From Anthropic."
- Cloudflare acquires Astro
Cloudflare acquires the company behind the Astro web framework, promising continued open-source development, MIT licensing, and support for multiple deployment targets.
- What came first: the CNAME or the A record?
Cloudflare's reordering of CNAME records in DNS responses broke glibc and other clients due to widespread reliance on undocumented ordering.
- The Code-Only Agent
An AI agent restricted to only writing and executing code, rather than using multiple tools, produces more reliable, repeatable, and verifiable results.
- Why We Built Our Own Background Agent
Ramp built its own background coding agent, Inspect, that verifies its work with production tools and now writes roughly 30% of the company's pull requests.
- Show HN: Prism.Tools – Free and privacy-focused developer utilities
Prism.Tools offers a collection of free, privacy-focused developer utilities that run entirely client-side, though hosting on GitHub Pages draws scrutiny from commenters.
- Attention Required!
seats.aero is a fast search engine for finding award flights using points, offering free searches and alerts with a PRO tier for extended features.
- Iran Goes Into IPv6 Blackout
Iran's IPv6 connectivity dropped to near zero during protests, while IPv4 also briefly dipped, indicating government-imposed censorship.
- There were BGP anomalies during the Venezuela blackout
BGP anomalies during Venezuela's blackout suggest possible cyber operations, but misconfiguration or routine prepending are equally plausible explanations.
- The Most Popular Blogs of Hacker News in 2025
Simon Willison ranked as the most popular blogger on Hacker News for the third consecutive year in 2025, based on analysis of domain score data.
- Just a moment...
The page is a Cloudflare login form requiring email, password, or SSO authentication to access the dashboard.
- Review.Fast - Make every Pull Request Easy To Understand
Review.Fast uses AI to generate concise “review stories” for GitHub PRs, aiming to reduce human review time by 3x.
- Just a moment...
Cloudflare's 2025 Year in Review report reveals continued internet traffic growth, generative AI bot surge, and increased adoption of post-quantum encryption and IPv6 across its global network.
- What are you doing this week?
A Lobsters weekly thread collects diverse updates from developers working on tools, job shifts, health, and open-source projects.
- Context plumbing (Interconnected)
Matt Webb argues that effective AI agents require continuous, pre-planned movement of context from creation to use, akin to plumbing.
- Do not put your site behind Cloudflare if you don't need to
Putting your site behind Cloudflare introduces a single point of failure and unnecessary risk for sites that don't need its DDoS or CDN benefits.
- Cloudflare outage causes error messages across the internet | Internet
A Cloudflare outage caused widespread error messages across the internet for several hours before the company resolved the issue.
- Replicate is joining Cloudflare
Cloudflare is acquiring Replicate to integrate its AI model catalog into Workers, enabling serverless inference with 50,000+ models plus fine-tuning.
Takes
☁️ I made my own little Cloudflare called Pietflare, it's a DDOS and probe detector with AI and with a central IP / ASN / country block list Each server (VPS) sends suspicious probes, or DDOS attempts etc, from the access logs to the central admin and each server pulls a central blocklist every minute and blocks it in Nginx It has a central dashboard where I can see any threats and then instantly block them but preferably the AI blocks it by itself
@levelsio
A few months ago my kids started vibecoding little web games with Cursor and wanted their friends to play them. GitHub Pages was fine until the games needed real backends, so I hacked together a setup where each game was a folder in one repo that deployed to a Hetzner box on every push. That held up until we shipped FULL SEND for Vibe Jam 2026 and it took off with 38,000+ players. The duct tape needed to become something real, so I rebuilt it properly and pulled it out into its own project. It turns one Linux server into a push-to-deploy host for many apps. The whole thing is a single Go binary that installs and drives Docker, Kamal, Cloudflare, Tailscale, and GitHub for you. After that: - Each app is a GitHub repo. - A git push is live in <5 seconds. - Deploys are zero-downtime. - Each app runs in its own container. - Automatic Cloudflare DNS and TLS tunnels. - SQLite-aware backup and restore. It's deliberately single server using convention over configuration, so for a typical app there's no YAML or Dockerfile to write. The idea is that one decent VPS can reliably run all your projects without per-app bills or piles of infra config. It's built on top of Kamal, so it's basically a Kamal wrapper for the "lots of apps on one server" case, with the Cloudflare, Tailscale, DNS, and backup glue wired up by convention. Setup is one interactive command on a fresh Linux box, which walks you through connecting everything. If you also have a bunch of projects you want to run on a single server, tell your Claude Code, Codex, Cursor, or favorite AI agent to grab a VPS and try it for you. It's fully open source and you can customize it to your liking:
@dvassallo
I gave Fable this tweet and let it crank in ultracode. It created a fully functioning multiplayer markdown editor with obsidian style editing, version history, sharing with email invites, cli sync with a skill, image support, deployed it to cloudflare and bought a domain.
@sawyerhood
Things I started using today that I wish I started using earlier: 1. Terraform for my Cloudflare Accounts. 2. 1Password CLI for Tokens and Secrets.
@Jilles
Spending some time tinkering on a flight and realizing that, yeah, all I need is Cloudflare. To do anything. * Compute: Workers * Storage: D1, KV, R2 * IdP: sign-in with Cloudflare through Access * Domain: Cloudflare Registrar * Email: send and receive * AI: Workers AI * Frontier Lab AI: no lock-in, route it to AI Gateway * Containers: sure Create an MCP portal and have an AI agent running in the cloud talk to my Oura and Withings data and email me a dashboard report as if it is my own personal operating system? Yup. I have worked here for 8+ years and sometimes even I just can't believe the platform the team has built is real...
@LakeAustinBlvd
Still limited by compute, so I built a thing that runs codex in the cloud, powered by @Cloudflare firecracker boxes (and since that's not beefy enough for larger projects, tests are run via crabbox) Uses Ghostty ofc, via WebAssembly. Codex replicated itself, basically.
@steipete
By far THE most annoying part of running a business for me is collecting receipts for my accountant Every month my accountants hounds me for invoices and receipts of every single expense I did, doesn't matter how tiny like $0.50, sometimes also for income (I don't know why) Most companies charge monthly so that means collecting 12 invoices per year at least One reason I am canceling so many SaaS is not even the cost, it's just that I hate bookkeeping so much so I think if I don't spend the money, I don't need to collect invoices and receipts for every single payment every month (also I like extremely high profit margins like 99.99%) I'm down to just about 10 companies I pay now, like Cloudflare, Hetzner, Backblaze etc. so that means only ~120 invoices to collect per year cause most are paid monthly Yes I have an automatic email filter that forwards invoices to my accountant but many companies do NOT send you an automatic invoice by email So you're talking about logging in to 10 websites, them sending you a 2FA code by email, opening your email, entering the code, trying to find wherever the Billing page is hidden, going to Invoices, opening the invoice, clicking Download to DPF (if it even exists) This week I tried to improve this, my accountant uses Xero, so I made a Xero API key, gave it to Claude Code, and asked it to login and figure stuff out, then it just asks me which expenses still need a receipt and a note, I find it and drag the PDF or screenshot into Claude Code and it resolves it Next step is letting it login to all my vendors and also download the invoice by itself which seems very very possible Much easier!
@levelsio
So @loaibassam asked me my stack recently, I replied: FREE: Nginx web server on Ubuntu (free) Auto upgrade with unattended-upgrade (free) Scheduled workers with Cron (free) Vanilla PHP for site backend (free) Vanilla CSS (free) Vanilla JS for code (free) Game servers I do in vanilla Node JS (free) SQLite for DB (free) Python for tool scripts (free) Cloudflare with Cloudflare tunnel for DNS/SSL (free) Tailscale for security (free) OpenFreeMap for maps (free) CHEAP: xAI for AI API (cheap) Stripe for payments (cheap) Cloudflare R2 for image storage (cheap) Hetzner VPS ($4/mo) Cloudflare domain reg (~$10/year) So about ~$5/mo total costs with about ~5M unique visitors per month per site (these are site averages)
@levelsio
@aviflombaum @Cloudflare today's victims were headless browser APIs. switched to cloudflare's browser run.
@Shpigford
P.S. this Mapbox cost is another cost detected by my new Situation Monitor dashboard with AI insights, it scouts all my projects insights on what to improve A few weeks ago it detected the Cloudflare bill was too high and we found they made a mistake which they quickly fixed and refunded Really nice!
@levelsio
I’ve spent the past 3 weeks trying to port a handful of WordPress sites to EmDash CMS, a new open source CMS from Cloudflare But it might all be for naught… I believe my love of Cloudflare + excitement for "the shiny new thing" blinded me towards what I really need for my business case After banging my head with build times, load times, etc I had to step back Now I’ve spent the a few hours today really challenging my assumptions and looking at other options like Payload CMS, SonicJS, and some git-based CMS solutions like Alinea and Sveltia I'm still not sure what I'll end up on, but I am excited about what we're building tl;dr I may have wasted TONS of time and thousands of dollars of engineering contractor time on my team for the wrong solution!! FML I've been hammering Opus 4.7 and Gstack’s skills to help me think it through, plus getting second opinions from Gemini and Codex. I'll try getting a second opinion on my PRD from GPT 5.5 too Happy Friday! Any suggestions appreciated
@nickgraynews
The new @Cloudflare site is a great baseline — it checks whether you return Markdown ✨ http://acceptmarkdown.com checks whether you return it correctly (Vary, q-values, 406, Link rel=alternate), tracks which AI agents actually adopt the standard, and includes integration guides
@retlehs
The wait is over. Cloudflare Email Service is now in public beta 📧 Send and receive emails directly from Workers or REST API with global delivery on Cloudflare's network And just in time for you to build email agents with the Agents SDK!
@thomasgauvin
Cloudflare dashboard can now complete tasks for you. - "Create a Worker and bind a new R2 bucket to it" - "Change my DNS records to 1.1.1.1" - "How many errors have happened this week" Not only do we tell you, but we show you with generative UI. PROTIP: Use full-screen mode.
@BraydenWilmoth
pi + ghostty running entirely in a cloudflare workers durable object. sqlite based file system + js code exec + cron support. The best part is it can deploy worker sites using Dynamic Worker Loaders.
@Vercantez
I want to be very upfront about Void being tightly coupled to Cloudflare. The lock-in is what makes the DX possible. If you don’t want the lock-in, then it’s not for you, and that’s fine! Vite will forever be platform agnostic - use it with Nitro v3, or Adonis - the choice is yours, and Void just gives you another option!
@evanyou
The design on the new @Cloudflare sandbox site is in a league of its own.→ https://t.co/RvYFH0Ufcg pic.twitter.com/On2cXu0dJN
@d__raptis