italki, the top global online language learning community, was established in 2007. It provides 1-on-1 online language lessons with verified native teachers in more than 150 languages, also integrates free language learning content and tools, and a global community for all language lovers. It currently connects more than 30,000 teachers and tens of millions of students from over 190 countries. italki believes that human connection and cultural immersion are the best ways to learn languages and reach fluency. It is imperative to their business that they stay online and secure, so they can continue to serve language learners all over the world.
italki cares deeply about the security, stability, and efficiency of its platform, since those qualities make its language learning community more robust.
Unfortunately, the company has faced serious attacks in the past. In one instance, an HTTP flood DDoS attack on the italki web server brought the service down for more than 5 hours, resulting in a decrease in users, a degraded user experience, and a loss of nearly one million dollars. italki knew it needed to prevent such an attack from happening again.
italki began working with Cloudflare in 2021, using security services including the web application firewall (WAF), DDoS protection, and Rate Limiting to build the first line of defense for the platform. Spark Liu, italki's technical director, said, "We chose Cloudflare to block indiscriminate attacks, provide italki with security protection at the outermost layer, and integrate with italki's own security protection technology to ensure the stable operation of italki from different dimensions."
Cloudflare's 100 Tbps network blocks an average of 76 billion threats per day, prevents DDoS attacks from the edge, and responds quickly, providing italki with unmetered, always-on DDoS protection. Currently, Cloudflare blocks approximately 5 million malicious attacks for italki every month.
italki's user content is also an important area for protection. The italki community provides users with services such as podcasts, exercises, and Q&As. Users can freely post on the platform, exchange language experiences with other learners, or ask teachers questions. To prevent this content from being maliciously crawled and used for unintended purposes, otherwise known as content scraping, italki uses Cloudflare’s Bot Management solution — which seamlessly integrates with other products in use, such as WAF, DDoS, and CDN — to identify automated programs.
With Bot Management, italki can use threat intelligence drawn from the millions of Internet properties on the Cloudflare network to quickly and accurately stop content scrapers and other bots without complicated configurations or maintenance, allowing the company to spend more time on platform construction and creating greater value for users.
In addition to security tools, italki also uses Workers, Cloudflare’s serverless development platform, to complete migration from the old technology stack to the Cloudflare platform, avoiding complicated technical work. In the future, italki will continue to explore Cloudflare products to create a safer, more stable, and more efficient language learning platform for users worldwide.
Blocks approximately 5 million attacks for italki every month.
Bot Management prevents malicious bots from scraping user content.
“We chose Cloudflare to block indiscriminate attacks, provide italki with security protection at the outermost layer, and integrate with our own security protection technology to ensure stable operation from different dimensions.”
italki Technical Director