Cloudflare suffered a global outage that blocked services such as Canva and ChatGPT. Atentus detected the problem early and alerted its customers, mitigating the impact on their platforms.
“Hundreds of complaints and users unable to access different websites caused the downfall of Cloudflare, which is behind the interruption of services such as Canva, LOL, X and ChatGPT.
Cloudflare, one of the main providers of infrastructure and internet security, is experiencing an incident on its global network that is impacting hundreds of users around the world. Atentus detected these flaws early in the morning in the continuous monitoring of its customers' platforms that use the provider in question. This allowed him to inform his customers before they received complaints from his users and to mitigate the damage done by this external incident to his services.
Atentus monitoring solutions allow us to have real-time visibility into the operation of services, to quickly detect external or internal incidents and to make proactive decisions to minimize impact. Not only does this protect the user experience, but it also helps organizations to act quickly and maintain the trust of their customers.
Atentus recorded 500 errors during the day (internal server failure) and was repeatedly met with the message “Please unblock challenges.cloudflare.com to continue”. An error that has affected global giants such as chatgpt”.
Technical Analysis by Atentus: The Role of the Challenges.cloudflare.com Domain
At Atentus, we have identified and analyzed the root cause of the recent outages. The problem is intrinsically linked to the security mechanism that operates under the domain challenges.cloudflare.com.
This domain functions as Cloudflare's primary traffic filter, acting as a security barrier designed to distinguish legitimate human traffic from malicious bots.
Barrier Mission: When Cloudflare systems detect behavior that they consider suspicious or automated, a security test hosted on challenges.cloudflare.com is activated. The objective is simple: if the user is a bot, the barrier is raised and access to the site is blocked.
The “Total Shield” Effect: The problem we have observed is that, during internal incidents of Cloudflare itself, this security mechanism is activated massively and indiscriminately. The “shield” goes up completely, and a large number of users and legitimate traffic are wrongly classified as “false positives” with a malicious attitude.
In essence, the system designed to protect becomes an obstacle during a failure, leaving thousands of users off the site when they are rejected by their own validation test.
%20vs%20Monitoreo%20Sint%C3%A9tico.avif)
