this post was submitted on 19 Nov 2025
358 points (98.4% liked)

Technology

76918 readers
3409 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
358
Cloudfare outage post mortem (blog.cloudflare.com)
submitted 1 day ago by homura1650@lemmy.world to c/technology@lemmy.world
57 comments fedilink hide all child comments
 

The issue was not caused, directly or indirectly, by a cyber attack or malicious activity of any kind. Instead, it was triggered by a change to one of our database systems' permissions which caused the database to output multiple entries into a “feature file” used by our Bot Management system. That feature file, in turn, doubled in size. The larger-than-expected feature file was then propagated to all the machines that make up our network.

The software running on these machines to route traffic across our network reads this feature file to keep our Bot Management system up to date with ever changing threats. The software had a limit on the size of the feature file that was below its doubled size. That caused the software to fail.

you are viewing a single comment's thread
view the rest of the comments
[–] dan@upvote.au 61 points 1 day ago (2 children)

When are people going to realise that routing a huge chunk of the internet through one private company is a bad idea? The entire point of the internet is that it's a decentralized network of networks.

[–] Jason2357@lemmy.ca 4 points 1 day ago (1 children)

Someone always chimes into these discussions with the experience of being DDOSed and Cloudflare being the only option to prevent it.

Sounds a lot like a protection racket to me.

[–] dan@upvote.au 2 points 1 day ago

Companies like OVH have good DDoS protection too.

[–] echodot@feddit.uk 7 points 1 day ago (2 children)

I hate it but there really isn't much in the way of an alternative. Which is why they're dominant, they're the only game in town

[–] Capricorn_Geriatric@lemmy.world 35 points 1 day ago (1 children)

How come?

You can route traffic without Cloudflare.

You can use CDNs other than Cloudflare's.

You can use tunneling from other providers.

There are providers of DDOS protection and CAPTCHA other than Cloudflare.

Sure, Cloudflare is probably closest to asingle, integrated solution for the full web delivery stack. It's also not prohibitively expensive, depending on who needs what.

So the true explanation, as always, is lazyness.

[–] lena@gregtech.eu 4 points 1 day ago (1 children)

I'm lazy and use cloudflare, so that checks out. Due to recent events I'll switch to another CDN, the centralization of the internet is very concerning.

[–] dan@upvote.au 2 points 21 hours ago* (last edited 21 hours ago) (1 children)

I'm a fan of BunnyCDN - somehow they're one of the fastest while also being one of the cheapest, and they're based in Europe (Slovenia).

KeyCDN is good too, and they're also Europe-based (Switzerland), but they have a higher minimum monthly spend of $4 instead of $1 at Bunny.

Fastly have a free tier with 100GB per month, but bandwidth pricing is noticeably higher than Bunny and KeyCDN once you exceed that.

https://www.cdnperf.com/ is useful for comparing performance. They don't list every CDN though.

Some CDN providers are focused only on large enterprise customers, and it shows in their pricing.

[–] lena@gregtech.eu 1 points 21 hours ago

Wow, bunny is second in query speed, just below cloudflare. Impressive!

[–] dan@upvote.au 10 points 1 day ago* (last edited 20 hours ago)

there really isn't much in the way of an alternative

Bunny.net covers some of the use cases, like DNS and CDN. I think they just rolled out a WAF too.

There's also the "traditional" providers like AWS, Akamai, etc. and CDN providers like KeyCDN and CDN77.

I guess one of the appeals of Cloudflare is that it's one provider for everything, rather than having to use a few different providers?