Cloudflare is one of the most popular Content Delivery Network (CDN) and Web Application Firewall (WAP) provider on the Internet that does not only help you to mitigate DDoS, but it also improves the performance of your website and the application. The best thing about the Cloudflare is its free service which offers almost everything that can help your website to improve its performance while provides an additional security layer.
Recently, Cloudflare ditched reCaptcha and moved to hCaptcha to avoid the burden of paying a high cost to reCaptcha since Google has limited reCaptcha API call to 1,000 per second in its recent announcement. Also, the Cloudflare team have notified the change in a blog post detailing the reason behind switching to hCaptcha was restrictions on Google’s Services in China, GDPR Compliance and of course, the cost.
Earlier, Cloudflare switched to hCaptcha, and now it has started using Let’s Encrypt SSL Certificate to encrypt the millions of the website that are using Cloudflare without paid custom SSL service. The change is currently, appearing on a limited number of website which includes Isrg KB as well.
Cloudflare is still using its SSL Certificate, CloudFlare Inc ECC CA-2 signed and issued by DigiCert Baltimore Root. Before CloudFlare Inc ECC CA-2, Cloudflare was using wildcard SSL of Comodo SSL. Still, because of heartbleed vulnerability, the team decided to start issuing its SSL Certificate with the help of DigiCert Baltimore Root. Though the Cloudflare team have not confirmed the change but started issuing the SSL Certificates by Let’s Encrypt at least it can be found Isrg KB.