"Not a state hacker or a DDOS attack by a botnet, but a simple erroneous update file that spread like a virus at high speed through the global Cloudflare network. Why did this shut down the company's services? And how unique was this problem? The outage on November 18 was the largest Cloudflare has suffered since 2019. Services of all shapes and sizes, from ChatGPT to X, Spotify, Canva, Authy, and the IKEA website, went offline as a result."
"Technically, there was nothing wrong with these customer-facing services themselves or indeed the end users' connection, as the 500 error message regularly showed. Unusually, it was the second link in the chain between user, router and host that broke. The online path to the affected global services ran through at least one Cloudflare system. The culprit was located in the CDN provider's Bot Management system, a separately purchased offering that blocks malicious bots without CAPTCHAs."
A rapid global outage on November 18 was caused by an erroneous feature update in Cloudflare's Bot Management system that propagated across the CDN like a virus. The outage, the largest Cloudflare has experienced since 2019, produced 500 errors while customer services and end-user connections remained intact. The failure occurred in the path between user, router, and host where traffic passed through at least one Cloudflare system. Cloudflare initially suspected a hyper-scale DDoS but traced the issue to its own bot-detection feature file; the Bot Management offering blocks malicious bots without CAPTCHAs when functioning correctly.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]