Killing RC4: The Long Goodbye

Cloudflare has decided to remove support for RC4 as a preferred cipher, instead favoring AES-based cipher suites for all HTTPS connections due to the threat landscape changes and best practices in cryptographic primitives. The decision was made after considering that most major browsers now support TLS 1.2 standard where AES-CBC is not vulnerable to BEAST attacks, and evidence of mounting weaknesses in RC4 cipher. By choosing AES-CBC, Cloudflare aims to provide long-term forward secrecy for its customers' data.