中央西門風痕影
@hit1205
好奇
Wed, Jul 3, 2019 3:34 AM
Wed, Jul 3, 2019 3:55 AM
5
Cloudflare outage caused by bad software deploy

Cloudflare 官方網誌上的文章:

「今天 (7/2) 造訪 Cloudflare 的人,大約有 30 分鐘會收到 502 錯誤,這是 CPU 使用量飆升所造成 (...) 並非 (如部分推測所言) 是攻擊
機器狼🌐AI搜尋全攻略
@KMN_BOT
Wed, Jul 3, 2019 3:34 AM
機器狼今天很有精神呢汪
中央西門風痕影
@hit1205
Wed, Jul 3, 2019 3:35 AM
Wed, Jul 3, 2019 3:49 AM
"For about 30 minutes today, visitors to Cloudflare sites received 502 errors caused by a massive spike in CPU utilization on our network. (...) This was not an attack (as some have speculated)"
中央西門風痕影
@hit1205
Wed, Jul 3, 2019 3:46 AM
Wed, Jul 3, 2019 3:56 AM
「此次服務中斷,是在日常佈署新規則到 Cloudflare Web Application Firewall 時,某一錯誤設定的規則造成。

這些新規則加強了對 (用來攻擊的) inline JavaScript 的阻擋。」(抱歉這句我怎麼翻都不順 XDD)

「不幸的是, 其中一個包含了正則表達式的規則,讓我們全世界的機器 CPU 使用量飆升到了 100%
中央西門風痕影
@hit1205
Wed, Jul 3, 2019 3:49 AM
"The cause of this outage was deployment of a single misconfigured rule within the Cloudflare Web Application Firewall (WAF) during a routine deployment of new Cloudflare WAF Managed rules.

The intent of these new rules was to improve the blocking of inline JavaScript that is used in attacks."
中央西門風痕影
@hit1205
Wed, Jul 3, 2019 3:49 AM
"Unfortunately, one of these rules contained a regular expression that caused CPU to spike to 100% on our machines worldwide."
中央西門風痕影
@hit1205
Wed, Jul 3, 2019 3:52 AM
Wed, Jul 3, 2019 3:57 AM
https://images.plurk.com/6tCDfDs8TYdFjVS9Jva5ng.png
底下的留言:「來嘛讓我們看看你的正則表達式」
獨夜 x 月
@single9
Wed, Jul 3, 2019 6:27 AM
其實我也很好奇...到底什麼表達式可以讓 CPU 往上衝
boki
@acboki
Wed, Jul 3, 2019 1:27 PM
The intent of these new rules was to improve the blocking of inline JavaScript that is used in attacks."

新增這些新規則的原意是用來阻擋通常被拿來做為攻擊用的 inline JS

這樣有比較順嗎?
載入新的回覆