Hyperscaling Have I Been Pwned with Cloudflare Workers and Caching
a year ago
- #Cloudflare
- #Performance Optimization
- #Data Security
- Have I Been Pwned (HIBP) has evolved to use Cloudflare edge caching for faster searches.
- Caching at Cloudflare edge nodes reduces latency by 99%, improves availability, and cuts costs.
- HIBP now caches searches by the first six characters of SHA-1 hashed email addresses, totaling ~16 million possible prefixes.
- Cache flushes occur when new breaches are loaded or users opt out, temporarily increasing origin traffic and costs.
- API key validation remains a bottleneck as it requires a trip to the origin server in West US.
- Cloudflare's cache reserve handles over 3,900 Pwned Passwords requests per second on average, peaking at 17k/sec.