4 months ago
23
ARTICLE AD BOX
Cloudflare is down again, temporarily impacting hundreds of websites, including Canva, Zoom and Claude, among assorted others, unreachable connected Friday (December 5). Cloudflare CTO Dane Knecht confirmed the method problems, saying that the institution is moving connected a hole and the websites should soon beryllium coming backmost online.
He besides shared the “root cause” of what led to the worldwide outage. The net infrastructure supplier deployed corrective measures.
Root Cause: Disabling logging features
In a station connected X (formerly Twitter), Knecht said, “We are alert of the contented impacting the availability of Cloudflare’s network. It was not an attack; basal origin was disabling immoderate logging to assistance mitigate this week’s React CVE.”“Will stock afloat details successful a blog station today. Sites should beryllium backmost online now, but I recognize the vexation this causes and the enactment being,” helium added.He antecedently posted that the institution is "closely tracking the React RSC vulnerability." If you deploy connected Cloudflare Workers, you are protected. The Workers information exemplary prevents this exploit astatine the runtime layer. For users that trust connected WAF to support aforesaid hosted applications much variants of this exploit are already surfacing and we are evaluating each one. As ever the champion mode to enactment protected is to upgrade to the patched versions of React and NextJS arsenic soon arsenic possible," helium added.
Later, the cmopany rolled retired "additional mitigations" to support much customers.
Meanwhile, the institution posted connected its presumption leafage that a hole has been resolved, the services are backmost online, and the squad is monitoring the situation.“Cloudflare services are presently operating normally. We are nary longer observing elevated errors oregon latency crossed the network. Our engineering teams proceed to intimately show the level and execute a deeper probe into the earlier disruption, but nary configuration changes are being made astatine this time,” the institution said (at the clip of writing).“At this point, it is considered harmless to re-enable immoderate Cloudflare services that were temporarily disabled during the incident. We volition supply a last update erstwhile our probe is complete,” the institution added.
Second Cloudflare outage successful a month
This is the 2nd specified outage successful a month’s time. Previously, connected November 18, Cloudflare went down for hours, impacting large websites worldwide. At that time, the CTO said, “A latent bug successful a work underpinning our bot mitigation capableness started to clang aft a regular configuration alteration we made. That cascaded into a wide degradation to our web and different services. This was not an attack.”Knecht stressed that the grade of the contented and the clip required for solution were “unacceptable.”
