Huge chunks of the internet were completely unavailable yesterday, with many other websites and services experiencing slow performance. It was immediately clear that the problem was with the Cloudflare network, but it took some time for the company to establish the true cause.
Cloudflare says that it initially believed it was experiencing a massive cyber-attack, but subsequently realized the problems were caused by a “painful” error with a software update …
As we reported yesterday, the outage was a massive one.
A large number of apps and websites are currently taken entirely offline, or experiencing significant outages, due to an issue with the popular Cloudflare infrastructure network provider. The Cloudflare CDN powers the websites behind many high-profile apps, so any outage at Cloudflare has wide-reaching implications. That includes social media site X (formerly Twitter), where users are currently unable to publish new posts or refresh their timelines. The problem appears to be impacting web users worldwide.
Why Cloudflare thought it was under attack
Cloudflare said the pattern it saw was connections being taken offline for around five minutes at a time before being restored and then taken offline again. This pattern led the company to believe that it was experiencing what it described as a hyperscale DDoS attack, since a technical error would not normally fix itself.
A distributed denial of service attack is when a malicious actor directs a very large volume of requests to a server in order to use all its available capacity, meaning that genuine users are unable to access the service.
What appeared to be further evidence for a cyber attack turned out to be pure coincidence.
Throwing us off and making us believe this might have been an attack was another apparent symptom we observed: Cloudflare’s status page went down. The status page is hosted completely off Cloudflare’s infrastructure with no dependencies on Cloudflare. While it turned out to be a coincidence, it led some of the team diagnosing the issue to believe that an attacker may be targeting both our systems as well as our status page.
The true cause was a Cloudflare error
... continue reading