Logging into computers on July 2nd was not a great experience for many people wishing to access their favorite websites, such as chat service Discord, cryptocurrency news hub Coindesk or the dating site OKCupid. These users were met with displays of “502 errors” appearing in their browsers (a status code that means that one server on the internet received an invalid response from another server). This was due to problems with sites linked to Cloudflare.
While most of the issues were resolved before the end of the day, some analytics tools continued to face disruption. Ironically, this included Downdetector, a website which monitors Internet disruptions.
Other popular websites reporting issues included Flightradar24 (which tracks airlines to schedule), Social Blade (a social media statistics service) and vineyard monitoring system Vinelytics, according to the BBC. While Cloudflare implemented a fix by 14:15 UTC and declared the situation resolved by 14:57 UTC, a number of Internet users have continued to report issues.
Cloudflare provides performance and security to website owners via its intelligent global network. As to the reasons for this, Cloudflare co-founder and CEO Matthew Prince has told TechCrunch: “Massive spike in CPU usage caused primary and backup systems to fall over. Impacted all services. No evidence yet attack related. Shut down service responsible for CPU spike and traffic back to normal levels. Digging in to root cause.”.
A week ago the company suffered a similar glitch, which they put down to a route leak impacting some Cloudflare IP ranges, as The Register reported.
Commenting on the leak Monique Becenti, product and channel specialist at SiteLock tells Digital Journal: “Cloudflare’s massive outage leaves the website owner and the site’s visitors extremely vulnerable. When an outage occurs, website owners are left with a critical decision to make: remove Cloudflare services from their website to get it back up as quickly as possible, or wait for the issues to be resolved. For some business owners, waiting is not feasible, as downtime can cost a business $427 per minute.”
She adds a note of caution in relation to the easier option: “While removing services may seem like the best option for a quick fix, site owners must take into account the security implications of removing firewall services that protect them from cyberattacks. This type of downtime can potentially leave customers’ websites vulnerable to attack.”