Closed brianteeman closed 2 years ago
Correct... The servers are under a DDOS attack.
only posted as it was so unusual for it to be so long I was concerned that you might have been away and no one had noticed.
I was still sleeping when it happened.... 😛 Rochen stated they can't do anything and sort of blame us for exposing the server IP in the DNS, while that is they way how they did it for years. We only centralized the DNS of all domains a year ago, exactly how they told us to do it. Now they expect us to fix it, while the moment you enable the proxy option in Cloudflare (to hide the IP) the sites completely breakdown and get in an every lasting redirect mode.
In 2 hours, I'm nowhere near a solution from/with them. We don't have access to the platform or servers to really do anything ourselves.
The servers are under a DDOS attack.
I dont believe that. They are currently redirecting in a redirect loop. Thats not a DDOS. Thats a configuration error.
they currently redirect to non-ssl which redirects to https:// which then redirects in a loop back to non-ssl
curl -I https://www.joomla.org
HTTP/2 301
date: Sat, 31 Jul 2021 10:27:59 GMT
cache-control: max-age=3600
expires: Sat, 31 Jul 2021 11:27:59 GMT
location: http://www.joomla.org/
cf-request-id: 0b9db44de900003bd46937a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlq%2FR7%2F%2FSsy9KXgtDkGc%2F8IGTt0ucQT20mbdYgqf%2BnPBAMrRP6o3b2OwXwkpIRsECbYdTc26QhbPCK%2FpD5Gr5CzyJNyiUXhpsTVctPhZgWexifyux9iYZTHo%2BhSJCWQw8LwUTrS%2FoSQzWmNJDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 677623297f3f3bd4-CDG
I also don't believe it, they changed the IP address of the sites and we had to change the DNS. They required us to enable a setting, which result in the stupid redirect. Without that setting the site loads if you disable the Rochen CDN, with their CDN the site breaks as well.
Just as a note for those reading: As the update sites are also down, all Joomla sites in the world now error on checking for Joomla updates.
Depending on local server configuration they can get a timeout PHP Fatal error, or a disabling of the update site after a failure to load the XML and a warning message.
Some SaaS that provide update services - are getting lots of messages about this already :)
https://status.joomla.org reports all is well now. Hope it stays that way
It's now only working a sort of after removing the Rochen CDN.
https://update.joomla.org is not on that status page.
https://update.joomla.org/core/extensions/com_joomlaupdate.xml is still down.
https://update.joomla.org is not on that status page.
https://update.joomla.org/core/extensions/com_joomlaupdate.xml is still down.
Correct, that is a Rochen CDN address. I don't know why (@HLeithner) The server address really is: https://update1.joomla.org/core/extensions/com_joomlaupdate.xml
The server address really is: https://update1.joomla.org/core/extensions/com_joomlaupdate.xml
Not really helpful when every Joomla CMS site is configured to use the CDN version though haha :)
The update1 is not for public use, it's only for maintaining the server. Update.j.o connects to update1 or the IP I don't know that's something configured by the hosting company.
Well this looks like a simple CDN not pointing to the right IP and thus it's "gateway" appears down.
I guess you are right..... They will never really tell us what the error was and only reply that it's fixed. Which now took almost 5 hours.
For what I can see it now works
@brianteeman do you have access to the uptimerobot account to add a new monitor to the status page for the update site, who does?
It does appear fixed now, further proving it was not a DDOS :-)
It was added to the system, but not displayed on the status page. I changed the setting to display it: https://status.joomla.org/786978080
@PhilETaylor I have access to nothing
DDOS is a default explanation from hosts just as a virus from doctors
At least with a DDOS there is evidence that can be produced
They've been down for the last 3 hours