this post was submitted on 19 Nov 2025
46 points (100.0% liked)

Pulse of Truth

1726 readers
53 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago
MODERATORS
krogoth@infosec.pub
46
Massive Cloudflare outage was triggered by file that suddenly doubled in size (arstechnica.com)
submitted 2 days ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub
4 comments fedilink hide all child comments
 

"I worry this is the big botnet flexing," CEO said. But outage was self-inflicted.

you are viewing a single comment's thread
view the rest of the comments
[–] Cypher@lemmy.world 11 points 2 days ago (1 children)

Prince explained that the problem “was triggered by a change to one of our database systems’ permissions which caused the database to output multiple entries into a ‘feature file’ used by our Bot Management system.

They know what caused the file size increase, exactly what system it broke and how.

Cloudflare will work on “hardening ingestion of Cloudflare-generated configuration files in the same way we would for user-generated input; enabling more global kill switches for features; eliminating the ability for core dumps or other error reports to overwhelm system resources; [and] reviewing failure modes for error conditions across all core proxy modules,” according to Prince.

And they’re planning to prevent future occurrences.

Seriously did you not read the article?

[–] buddascrayon@lemmy.world 1 points 2 days ago (1 children)

Yeah, what or who made the change to the database? Why did they do it? What are they "hardening ingestion of Cloudflare-generated configuration files" against? Do they know? Are they trying not to be specific on purpose or are they being incompetent?

[–] Cypher@lemmy.world 1 points 2 days ago

Seriously just read the article, Cloudflare have made a surprising amount of detail public.

If you don’t understand what’s in the article that’s fine… just ask for the bits you don’t understand to be explained.