Our Client: Happn
Happn was launched in February 2014 in Paris where it is headquartered. Happn is a mobile dating app that offers a unique real time, real life, hyper located experience and interactions with people one have crossed paths with. It could be in the subway, a store, walking in the street, an elevator or a restaurant... or anywhere, just as real life.
Every time you cross paths with another Happn user, his or her profile appears on your timeline on the app. Currently present in more than 40 major cities around the world, from San Paulo to Singapore. The app has grown rapidly and attracted over 22 million users since its launch.
Happn’s Challenge: Maintaining Performance & Keeping Customer Data Secure
Happn’s rapid global expansion made it a visible target for cybercriminals. The company always made a priority to ensure the security of its customer data and, with 22 million users over the globe today, it wanted to further strengthen its security measures while maintaining the performance of its infrastructure to ensure the quality of the service provided to its users. These requirements encouraged Happn’s to search for a trustworthy security partner. Lead Operations Engineer Marc Falzon said: “Performance and security are equally top-of-mind at Happn. We needed protection against advanced DDoS attacks and a WAF that would enable us to effectively block more targeted attacks.”
Happn decided on using Cloudflare’s advanced DDoS mitigation and its powerful, customizable WAF to address their performance and security requirements.
Deep Dive: Advanced DDoS Mitigation
Happn is now automatically protected against level 3 and 4 DDoS attacks thanks to Cloudflare’s advanced Anycast Network DDoS mitigation technology. Cloudflare’s DDoS protection is best-of-breed and is well known for stopping the largest DDoS attack in history. This protection works by recognizing threats and routing malicious traffic through Cloudflare’s network where it is absorbed by the over 115 PoP’s spread throughout the world instead of hitting and overwhelming an origin server. Happn is now protected from these attacks and their users enjoy snappy page load times and fast app performance.
Deep Dive: Web Application Firewall (WAF)
Happn also uses Cloudflare’s Web Application Firewall (WAF) to protect their API against targeted application layer attacks. Cloudflare’s WAF prevents hackers from ever reaching the Happn servers so there is no need for Happn to make any changes to their codebase. Cloudflare’s out-of-the-box WAF rulesets help Happn prevent layer 7 attacks aimed at particular technologies, and above this, Happn created custom WAF rules jointly with the Cloudflare support team to protect against specific, unique threats. “Ultimately” Falzon said, “we could better block and mitigate targeted attacks thanks to the WAF.”
Unexpected Benefits: IPv6 Compatibility & DNS Analytics
Happn also enjoys the benefit of Cloudflare’s IPv6 gateway, which ensures Happn is forward compatible with the network and app requirements of the future while maintaining their existing hardware (as Apple start to transition to IPv6-only network services in iOS 9). Plus, Happn uses Cloudflare's DNS Analytics to gain deeper insight into their DNS traffic. Falzon noted "We were interested in this feature because I like visibility into critical competencies like DNS. We’re very happy with Cloudflare’s existing DNS service, and now we have deeper information about DNS request volume and geographies."