No upgrade needed: CloudFlare sites already protected from FREAK

On March 04, 2015, John Graham-Cumming announced that CloudFlare's SSL customers are not affected by the FREAK vulnerability. The company does not support 'export grade' cryptography and upgraded to a non-vulnerable version of OpenSSL in early January. Their OpenSSL configuration is available on Github, along with patches for OpenSSL 1.0.2. CloudFlare stays proactive by disabling outdated protocols and ciphers while keeping up with the latest secure ones.