WebProNews

Tag: CDN

  • Cloudflare Outage Takes Out Hundreds of Sites

    Cloudflare Outage Takes Out Hundreds of Sites

    A major outage at content delivery network (CDN) Cloudflare has brought down some of the biggest sites on the web across a range of industries.

    At roughly 3:00 AM ET Tuesday morning, Cloudflare tweeted that they were aware of an issue impacting services. The issues impacted Discord, DoorDash, Fitbit, NordVPN, and Peloton, as well as crypto exchanges OKX and FTX.

    Cloudflare has fixed the issue and explained the outage was the result of a change made in an ongoing effort to improve the resilience of the company’s network. The outage impacted 19 of the company’s data centers.

    A change to the network configuration in those locations caused an outage which started at 06:27 UTC. At 06:58 UTC the first data center was brought back online and by 07:42 UTC all data centers were online and working correctly.

    The company apologized to its customers and assured them steps have been taken to ensure the issue wouldn’t happen again.

    We are deeply sorry for the disruption to our customers and to all the users who were unable to access Internet properties during the outage. We have already started working on the changes outlined above and will continue our diligence to ensure this cannot happen again.

  • When Big Websites Crash: The Importance of a Reliable CDN

    When Big Websites Crash: The Importance of a Reliable CDN

    Remember when the New York Times and BBC websites went down in June this year? They were not the only major websites that suffered unexpected downtime on the same day. Many others including the Financial Times, The Guardian, and Le Monde went offline. So did the popular Reddit platform.

    Many initially thought that there was a concerted attack against these multiple Western sites. The suspects ranged from state-sponsored hackers to hacktivists that supposedly sought to “punish” the mainstream media. The real story, however, is not as nefarious as many thought.

    When Big Websites Crash

    The reason for the June 2021 downtime of several major websites was determined to be a technical problem in their content delivery network (CDN) provider. The CDN provider admitted the mistake through a tweet: “We identified a service configuration that triggered disruptions across our POP’s globally and have disabled that configuration”

    What is a content delivery network? It is basically a geographically distributed network of servers deployed to ensure the efficient delivery of online content. Pages and content load faster when they are provided by a server that is geographically closer to the user requesting the page or content. With multiple servers located across different parts of the world, CDNs help ensure the fast and efficient delivery of content to users regardless of their location.

    This reliance on content delivery networks, however, has a crucial downside. When the CDN provider goes down, everybody who relies on it also goes down. This is what happened with the crashing of major websites in June. The configuration problem on the CDN provider’s side was enough to stir a worrisome event that generated various speculations. The downtime was not that long, but imagine if the crash was caused by something else more serious, like a state-sponsored hack attack. Recovery would have taken way longer.

    It is for this reason that organizations are advised to only use dependable content delivery networks and ascertain that the providers they are choosing to have adequate content delivery or CD security. A good CDN should not only be able to optimize site performance, but it should also provide adequate protection for active and legacy applications, third-party apps, APIs, microservices, virtual machines, and more.

    Several other major sites share the same CDN provider, and it is incumbent upon their provider to ascertain the reliability and security of their network. If a persistent cyberattack manages to pull the plug on Medium.com’s CDN, for example, numerous other websites will also go down including ResearchGate, Yelp, Shopify, the World Health Organization, Digg, ScienceDirect, Patreon, and Discord.

    CDNs: Added Defense or an Additional Threat?

    Many view content delivery networks as a solution to the possibility of getting attacked by cybercriminals. For example, with DDoS attacks, which have increased by 341 percent during the pandemic, CDNs are viewed as a protective setup as they have vast resources to absorb massive DDoS attacks. They also have the expertise to better deal with various other threats that are designed to

    However, there is also the alternative view that sees CDNs as leverage to amplify attacks. A study by researchers from multiple universities explored this idea. “This paper uncovers a vulnerability which not only allows an attacker to penetrate CDN’s protection but to actually use a content delivery network to amplify the attack against a customer website,” reads the study’s abstract.

    The study demonstrates how a CDN can be “recruited” to amplify an attack on multiple websites. It found vulnerabilities in two leading commercial CDNs, Akamai and Limelight, that help enable attacks. In particular, both of these content delivery networks allow trackers to send a request to an arbitrary edge server within the CDN platforms that can override the CDNs’ server selection mechanisms. Also, this request can penetrate CDN caching to reach the origin site and use an edge server to exhaust bandwidth by processing the request from the origin site.

    These weaknesses may have already been addressed by more established content delivery networks at present. However, the same weaknesses or their variations/evolution may be present in newer CDNs that have yet to establish their expertise in handling more aggressive and sophisticated attacks.

    There is no question that CDNs can be a form of defense for websites. However, the wrong choices can easily turn them into a burden. Using a poorly secured CDN, including those that take time to respond to newly discovered threats, is more of a threat than a veil of protection.

    The Need for a Better CDN

    The CDN market is growing rapidly. According to BCC Research, it is set to be worth $34.3 billion in 2024, more than triple its value of $11.5 billion in 2019 or a CAGR of 24.5 percent for the 2019-2024 period. More and more websites are relying on CDNs for their efficient content delivery and supposed protection from the usual attacks, especially DDoS.

    This staggering growth only shows how important it is for content delivery network providers to secure their systems. At the same time, it shows how CDN users should be wary of the providers they are choosing. With numerous new CDNs sprouting, customers benefit from the broader range of options and lower price of services because of the growing competition. However, this also means the higher possibility of encountering scrupulous and run-of-the-mill providers that can endanger a company’s website more than create advantages.

    It is advisable to select a CDN provider that can guarantee a 99.999 percent uptime while ensuring low latency (50ms minimum) for the vast majority of its global network. Also, it is recommended to pick a content delivery network that can provide an efficient issue resolution through a service-level agreement (SLA).

    The unsightly and highly inconvenient of big websites going down together is going to become a common occurrence because of the growing reliance on CDNs and the inability of CDN providers to implement improved security measures. Content delivery networks are now becoming the new targets for concerted cyberattacks, especially state-sponsored ones, because of the kind of impact that results from their downtime.

    It is reassuring to know that CDN companies, at least the leading ones and those associated with established cybersecurity firms, are constantly updating their security and technologies to keep up not only with the growing demand for their services but also to anticipate cyberattacks that target them.

  • Cloudflare Pivots Way From Intel in Next-Gen Servers

    Cloudflare Pivots Way From Intel in Next-Gen Servers

    Cloudflare is the latest company to ditch Intel, announcing it will not be using the company’s processors in its next generation servers.

    Cloudflare’s content delivery network (CDN) and security services are used by some of the biggest names on the web. The company’s servers handle some 25 million HTTP requests every second. As result, Cloudflare chooses the technology it uses very carefully.

    When the company evaluated processors for its 11th generation servers, it evaluated Intel, AMD and the Ampere Altra ARM architecture. Cloudflare found that Intel’s latest Ice Lake Xeon processors matched AMD in performance, but their “power consumption was several hundred watts higher per server – that’s enormous. This meant that Intel’s Performance per Watt was unattractive.”

    In contrast both AMD and Ampere both made the company’s shortlist. Cloudflare ultimate went with AMD’s 64 core EPYC 7713, which provided roughly 29% better performance, while maintaining similar power consumption and thermal levels as the previous generation.

    Cloudflare’s revelation is a blow to Intel as the company is struggling to regain its former dominance in the semiconductor industry.

  • A Single Customer Was Responsible for Fastly’s Outage

    A Single Customer Was Responsible for Fastly’s Outage

    Fastly has said a single customer caused yesterday’s outage, an outage that had widespread repercussions.

    Fastly made headlines yesterday when an issue with the company’s network led to a major outage. As a content delivery network, some of the biggest companies in the world rely on Fastly, including Amazon, the BBC, CNN, Financial Times, The New York Times, Reddit, Spotify, GitHub, Twitch, Stack Overflow, Hulu, HBO Max, Quora, PayPal, Shopify, Stripe and Vimeo.

    According to TheStreet, the company rolled out a software update in May that introduced a bug that could be triggered under very specific circumstances. The bug only needed a single customer to have a very specific configuration for the bug to active, which ultimately happened.

    “Even though there were specific conditions that triggered this outage, we should have anticipated it,” the company said. “We apologize to our customers and those who rely on them for the outage and sincerely thank the community for its support.”

  • CDN Glitch Leads to Massive Internet Outages

    CDN Glitch Leads to Massive Internet Outages

    A glitch at Fastly, a popular CDN, led to outages for some of the internet’s biggest sites Tuesday morning.

    CDNs, or content delivery networks, are distributed networks of servers designed to help websites and web apps manage their user load and remain responsive. Fastly is a popular CDN option that helps power some of the biggest websites on the net.

    Early Tuesday, a glitch at Fastly led to outages at the BBC, CNN, Financial Times, The New York Times, Reddit, Spotify, GitHub, Twitch, Stack Overflow, Hulu, HBO Max, Quora, PayPal, Shopify, Stripe and Vimeo.

    Fastly confirmed the issue, and was able to quickly resolve it, although the outage illustrates the challenges associated with so many websites relying on a single point of potential failure.

    “Today’s outage of major websites once again highlights the importance of access to online news and government services, underlining the importance of the internet for day to day living,” Matthew McDermott, Senior Officer, Access Partnership, a global tech policy consultancy, told WebPronews. “Fastly responded quickly to restored the issue but this serves as a reminder that resilience is an important part of digital infrastructure to modern life. Organisations and government bodies need to look at implementing the steps that look to assess, stabilize, improve and monitor to ensure this issue do not pose further problems in the future. Assessment is needed to determine the server’s bottleneck then stabilizing the issue with implementation of quick fixes will mitigate impact to broader stakeholders and users. After this, stakeholders will need to improve by augmenting and optimize server capabilities to ensure it meets the necessary needs. Lastly, regular monitoring will need to be set up using automated tools to help prevent future issues.”

  • Cloudflare Rolls Out API Abuse Detection

    Cloudflare Rolls Out API Abuse Detection

    Cloudflare, one of the leading content delivery networks, has announced API Discovery and API Abuse Detection.

    Application programming interfaces (APIs) are used by companies in every industry. APIs provide a way for different programs and platforms to communicate with each other or hardware components. Many companies use hundreds, or even thousands, of APIs. Unfortunately, despite their value, APIs can be easily abused.

    Cloudflare is looking to address that issue with two tools: API Discovery and API Abuse Detection.

    API Discovery is designed to help companies keep track of the APIs they have. In some cases, companies have so many that they lose track of them, or easily confuse similar ones.

    API Abuse Detection uses a two-prong approach to detecting abuse: volume and sequence. Based on the estimated volume a company should realistically expect on a given API, Cloudflare can detect when volume is higher than it should be.

    Similarly, an API has a valid sequence of events when it’s used properly. Cloudflare can monitor an API for calls that are out of sequence, a likely indication it’s being abused.

    The new tools are currently available in early access.