Update November 09, 17:19 EST: A threat group known as Anonymous Sudan claimed that they were the ones who took down Cloudflare's website in a distributed denial-of-service (DDoS) attack.
Cloudflare confirmed that the outage resulted from a DDoS attack that only affected the www.cloudflare.com website without impacting other products or services. The company didn't attribute the attack to a specific threat actor.
"Cloudflare experienced a DDoS attack that caused intermittent connectivity issues to www.cloudflare.com for a few minutes. This DDoS attack did not affect any service or product capability that Cloudflare provides, and no customers were impacted by this incident," a spokesperson told BleepingComputer.
"Cloudflare’s website is deliberately hosted on separate infrastructure and cannot impact Cloudflare services. To be clear, our website is fully functional and up and running."
Anonymous Sudan (aka Storm-1359) also claimed a DDoS attack that took down OpenAI's ChatGPT bot on Wednesday and other attacks that have impacted Microsoft's Outlook.com, OneDrive, and Azure Portal in June.
While the group claims to be targeting countries and organizations interfering with Sudanese politics, some analysts believe it to be a false flag and link the group to Russia instead.
Update November 09, 16:25 EST: Cloudflare says a fix has been rolled out.
Cloudflare is investigating an ongoing outage causing 'We're sorry" Google errors to be shown on the company's website
"We're sorry... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now," the error reads.
The message on Cloudflare's website also contains a Google logo with a font face that doesn't match the current design and looks "a little off," as Cloudflare's Head of Organic Social Ryan Knight said.
In an incident report added to its status page 10 minutes ago, at 20:59 UTC, Cloudflare said it's now looking into the issue.
"www.cloudflare.com is experiencing issues. The Cloudflare Dashboard is accessible through dash.cloudflare.com and APIs and all Cloudflare services are unaffected," it said.
Last week, Cloudflare's dashboard and APIs also went down after a power outage impacted its core data center in North America.
The full list of services whose functionality was wholly or partially affected also included Logpush, WARP / Zero Trust device posture, Stream API, Workers API, and the Alert Notification System.
Customers reported having issues logging into their accounts and seeing 'Code: 10000' authentication and internal server errors when accessing Cloudflare's dashboard.
Another outage took down multiple products on Monday, October 30, including Cloudflare Sites and Services (Access, CDN Cache Purge, Dashboard, Images, Pages, Turnstile, Waiting Room, WARP, Workers KV).
As explained in a post-mortem published two days later, that outage was caused by a misconfiguration in the tool used to deploy a new Workers KV build.
Comments
johnlsenchak - 7 months ago
I noticed today that some websites that use Cloudflare as their DNS servers where slow with latency
AutomaticJack - 7 months ago
"I noticed today that some websites that use Cloudflare as their DNS servers where slow with latency "
Cloudflare is becoming more and more of a major force on the internet these days by being a critical umbrella for many of the other big players we all use and likely why they were targeted - for maximum impact and coverage.
lanickel - 7 months ago
We noticed that too on a lot of websites we host. Turns out, at least for us, the cause was a bug in the recently released WordPress 6.4.
AutomaticJack - 7 months ago
"We noticed that too on a lot of websites we host. Turns out, at least for us, the cause was a bug in the recently released WordPress 6.4."
Wordpress ecosystem sounds like it's been even more of a dumpster fire than usual over the last year or so. Godspeed my friend.