You are not logged in.
Same here, I didn't had any problems while uploading my packages to AUR today here in Istanbul. Great work everyone!
Cheers!
Offline
Update - for what it is worth, on 8/17 as of 2200 zulu I get about 50% of the pages I request from AUR over IPv4. The pages I do get take approximately 60 seconds to load. The pages I don't get just timeout at whatever the timeout is set to (somewhere around 60-90 seconds).
Have any of the Arch admins considered contacting the appropriate authorities in the region where Arch is based for help (or at least for reporting purposes). That would be a CISA like entity in the US (in what was the US, pre-2025). That will at least put this incident on their RADAR, and depending on who all, including Arch, is being hit by the current attack may help focus resources on the problem.
The issue isn't just the miscreants launching the attack, it's the ISPs and cloud providers failing to have systems in place to identify and prevent their hardware from being used for illegal purposes. All reporting helps focus attention on that aspect of the problem as well.
Let's hope this fun ends soon.
David C. Rankin, J.D.,P.E.
Offline
Aren't there services that help with that? Cloudflare?
*puts tinfoil hat on*
Maybe they're getting attacked so they start using Cloudflare...
Last edited by tikidrone (2025-08-18 07:03:51)
Offline
It is possible that recent malicious activity is related to a vulnerability in HTTP/2 that makes it easier to carry out DoS attacks.
Offline
I noticed that arch repo list and aur repo list is fast when it's night time here in the Philippines. but when i try to use it on daytime. It doesn't even load most of the time - both of them.
Offline
The forum not being available earlier today is an unrelated incident. Just a normal malfunction in the datacenter.
For people not subscribed to ML, passing the message:
Hello everyone,
I just wanted to let you know that the Arch Linux forums which are
usually found under https://bbs.archlinux.org are currently not
reachable due to a fault of the underlying cloud node.This outage is unrelated to the issue with the DDoS attacks that were
happening in the last few days.We'll monitor this issue and hope it is resolved soon!
Cheers,
Chris
for the Arch Linux DevOps team
Paperclips in avatars?
NIST on password policies (PDF) — see §3.1.1.2
Sometimes I seem a bit harsh — don’t get offended too easily!
Offline
Yes right now we are suffering from attacks again, the outage for BBS has been resolved this morning by our hoster.
Offline
AUR offline for me too.
Offline
I'm getting failures on AUR perhaps 3 out of 4 tries. Also started getting failures on official repos, similarly, not consistent. It works sometimes, not others.
Ryzen 5900X 12 core/24 thread - RTX 3090 FE 24 Gb, Asus B550-F Gaming MB, 128Gb Corsair DDR4, Cooler Master N300 chassis, 5 HD (2 NvME PCI, 4SSD) + 1 x optical.
Linux user #545703
/ is the root of all problems.
Offline
This is not an official statement.
Apparently about 2–3 hours ago, after 9 UTC, some processes on the server started to consume too much CPU time. In effect connections were normally accepted, but aurweb was unable to communicate, and connections were simply closed without sending anything. From what I know that situation got fixed about a hour later.
But I can see at the moment I write this post (12 UTC) the problem seems to be back. Let’s wait and allow devops to stab and knead the software to make it behave.
Maybe, and again this is only my private opinion, it’s a good idea if the entire world is not trying to catch up with AUR updates on a single Sunday.
Last edited by mpan (2025-08-24 12:14:13)
Paperclips in avatars?
NIST on password policies (PDF) — see §3.1.1.2
Sometimes I seem a bit harsh — don’t get offended too easily!
Offline
https://archlinux.org/news/recent-services-outages/
We maintain a mirror of AUR packages on GitHub. You can retrieve a package using: $ git clone --branch <package_name> --single-branch https://github.com/archlinux/aur.git <package_name>
Offline
It seems a regional issue. As in Latin America this morning I just try to update my packages and I can use the AUR. I had done it like almost two hours ago, and now, in both cases the AUR is working for me.
So just use the github repo I guess, as seth has said.
str( @soyg ) == str( @potplant ) btw!
Online
Is there any way to access AUR during DDoS ? Mirror or something ?
Offline
Is there any way to access AUR during DDoS ? Mirror or something ?
Look up ^^^^
Offline
It seems a regional issue. As in Latin America this morning I just try to update my packages and I can use the AUR. I had done it like almost two hours ago, and now, in both cases the AUR is working for me.
There were two series of connectivity problems with AUR: 9–11 UTC (6–8 Brasilia), and then another one that should had gone before 14 UTC (11 Brasilia). Since they were CPU load-related, a portion of connections were passing through.
Is there any way to access AUR during DDoS ? Mirror or something ?
Ugjka linked to the official release. But note that, since today’s event was not caused by DDoS, the remarks about “TCP SYN authentication” and the earlier mentions of IPv6 access are not relevant.
Paperclips in avatars?
NIST on password policies (PDF) — see §3.1.1.2
Sometimes I seem a bit harsh — don’t get offended too easily!
Offline
There were two series of connectivity problems with AUR: 9–11 UTC (6–8 Brasilia), and then another one that should had gone before 14 UTC (11 Brasilia). Since they were CPU load-related, a portion of connections were passing through.
So maybe I was that little lucky or pacific sea fiber optic cable made my day, saying hello to Australia or the US
Last edited by Succulent of your garden (2025-08-24 16:33:54)
str( @soyg ) == str( @potplant ) btw!
Online
AUR working now.
Offline
I just wanted to say thank you to the admins working the issue over these days. It's appreciated!
Offline
Anyone know the source country of these ddos attacks?
Offline
Anyone know the source country of these ddos attacks?
No, but per announcement:
We are keeping technical details about the attack, its origin and our mitigation tactics internal while the attack is still ongoing.
Paperclips in avatars?
NIST on password policies (PDF) — see §3.1.1.2
Sometimes I seem a bit harsh — don’t get offended too easily!
Offline
Hey guys, the AUR server seems to be dropping all TCP connections to port 22. Therefore, I cannot upload or update packages. So, instead of a pushing-to-remote-server scheme, by any chance, we could have an automatic pull request solution, where we could submit git patches via email or a web interface? It's something like the kernel mailing list, but easy to automate, given that the AUR package updates are structured and machine-friendly.
Offline
@TJM, the AUR is currently working fine, maybe you just got banned either due to the amount of unsuccessful ssh authentications or because you exceeded the nginx rate limit. Feel free to send your ipv4 and ipv6 address to accountsupport@archlinux.org and we can look into unbanning you
Offline
Really, again? (Or still)
Who even has anything to win from DDoSing AUR? Like what are they even trying to do?
I see they invested quite some time in it in the past 2 months or so: https://status.archlinux.org/788139639/calendar
Last edited by mvtab (2025-10-05 06:56:50)
Haec inconstantia, mutabilitasque mentis, quem non ipsa grauitate deterreat?
Offline
I can confirm that here I don't have AUR access, again.
str( @soyg ) == str( @potplant ) btw!
Online
I picked a good time to wipe my box and re-install .. AUR has been iffy last few days and unreachable all day today for me , luckily I tarballed my home dir before the wipe so I have copied my yay cache over to reinstall most things :-/
Offline