Case Study: ThredUp achieves stronger site security and faster performance with Cloudflare WAF

thredUP Bolsters Site Security With the Cloudflare WAF

thredUP is the world’s largest fashion resale marketplace (3+ million women’s and kids’ items, 35,000+ brands) that enables shoppers to buy and resell sustainably. As the company scaled and received over 100,000 items daily, its website faced an increasing number and size of exploratory and targeted attacks that required costly hardware and significant engineering time to detect and mitigate.

thredUP deployed Cloudflare’s WAF and global network to automatically block threats, cache content closer to customers, and enable API- and Terraform-driven changes for fast, repeatable deployments. The result: Cloudflare blocked or challenged 6.2 million malicious requests in September 2019, thredUP rolled out custom WAF rules and achieved TLS 1.2+ for 100% of traffic (TLS 1.3 for 48%), while reducing bandwidth costs and lowering operational overhead for security and performance management.

ThredUp

Roman Chepurnyi

Director of Infrastructure Engineering