Protecting web origins with Authenticated Origin Pulls

The text discusses securing connections between Cloudflare and origin servers, as well as end users and Cloudflare. It introduces TLS Client Authentication, which allows both client and server to verify each other's identity during a handshake. This feature is implemented in nginx by one of Cloudflare's engineers, Piotr Sikora, and the code is open source. The text also explains how to enable Authenticated Origin Pulls using Cloudflare's new dashboard (currently in beta). Additionally, it provides a certificate signed by a CA for use with this feature. Finally, configuration examples for popular web servers will be included in Cloudflare Support Docs soon.