Replace November 09, 17:19 EST: A menace group generally known as Nameless Sudan claimed that they have been those who took down Cloudflare’s web site in a distributed denial-of-service (DDoS) assault.
Cloudflare confirmed that the outage resulted from a DDoS assault that solely affected the www.cloudflare.com web site with out impacting different services or products. The corporate did not attribute the assault to a selected menace actor.
“Cloudflare skilled a DDoS assault that brought on intermittent connectivity points to www.cloudflare.com for a couple of minutes. This DDoS assault didn’t have an effect on any service or product functionality that Cloudflare supplies, and no clients have been impacted by this incident,” a spokesperson advised BleepingComputer.
“Cloudflare’s web site is intentionally hosted on separate infrastructure and can’t influence Cloudflare companies. To be clear, our web site is absolutely purposeful and up and operating.”
Nameless Sudan (aka Storm-1359) additionally claimed a DDoS assault that took down OpenAI’s ChatGPT bot on Wednesday and different assaults which have impacted Microsoft’s Outlook.com, OneDrive, and Azure Portal in June.
Whereas the group claims to be concentrating on nations and organizations interfering with Sudanese politics, some analysts consider it to be a false flag and hyperlink the group to Russia as an alternative.
Replace November 09, 16:25 EST: Cloudflare says a repair has been rolled out.
Cloudflare is investigating an ongoing outage inflicting ‘We’re sorry” Google errors to be proven on the corporate’s web site
“We’re sorry… however your pc or community could also be sending automated queries. To guard our customers, we will not course of your request proper now,” the error reads.
The message on Cloudflare’s web site additionally comprises a Google brand with a font face that does not match the present design and appears “a bit off,” as Cloudflare’s Head of Natural Social Ryan Knight mentioned.
In an incident report added to its standing web page 10 minutes in the past, at 20:59 UTC, Cloudflare mentioned it is now wanting into the difficulty.
“www.cloudflare.com is experiencing points. The Cloudflare Dashboard is accessible by way of sprint.cloudflare.com and APIs and all Cloudflare companies are unaffected,” it mentioned.
Final week, Cloudflare’s dashboard and APIs additionally went down after an influence outage impacted its core information middle in North America.
The total checklist of companies whose performance was wholly or partially affected additionally included Logpush, WARP / Zero Belief gadget posture, Stream API, Staff API, and the Alert Notification System.
Prospects reported having points logging into their accounts and seeing ‘Code: 10000’ authentication and inner server errors when accessing Cloudflare’s dashboard.
One other outage took down a number of merchandise on Monday, October 30, together with Cloudflare Websites and Companies (Entry, CDN Cache Purge, Dashboard, Photos, Pages, Turnstile, Ready Room, WARP, Staff KV).
As defined in a autopsy revealed two days later, that outage was brought on by a misconfiguration within the instrument used to deploy a brand new Staff KV construct.
