Bubble DDoS Attack

In light of the recent DDoS attack on Bubble, which resulted in downtime for all our apps, I would like to express my concerns as someone who relies heavily on Bubble for my business operations.

It is crucial for us to understand the measures being taken to prevent such incidents in the future and to ensure the platform’s stability and security. Can we discuss what steps are being implemented to mitigate the risk of future attacks and safeguard our businesses?

1 Like

I second this

1 Like

Don’t worry… Josh will almost certainly respond when all is said and done. I’d be shocked if he doesn’t.

2 Likes

Why was this post censored from the public?

It’s not censored, but there is already a main thread going (as I’m sure you know), and Josh will likely respond there. There is no need for a new thread.

1 Like

It’s definitely censored and not viewable on the forum page

Yes, it’s unlisted, as were a good number of other threads so that folks would use the main thread and everything would be in one place.

It’s simply to keep the forum more organized, that’s what moderators are for :blush:

2 Likes

This post title seems a bit more proper and easy to identify for the new visitors… than the repeating group not working but yes, I understand.

The fact that they have the ability to censor forum posts related to the DDoS Attack is quite alarming.

Fair point about the post title… maybe we can change the other one.

I wonder if Josh will actually spin up a new topic for his response on this one, given the severity of the outage.

1 Like

The original thread is pinned globally…

1 Like

This is what I am saying. That’s a bad censorship. They are using the post with vague title and not Bubble DDoS Attack because it’s damaging. The fact that they control the narrative is something we should be conscious about.

Jeez… your thread is literally linked to the original thread.

They can just change the title of the original thread if its a big deal :man_shrugging:

1 Like

How effective is the title “Bubble DDoS Attack” vs. Repeating group not working?

1 Like

I pinned the other one for everyone.

Changing the name of the ‘one’ thread is a good idea and will do that.

Having multiple threads at once when bubble staff are posting updates into a single thread is not helpful during the short period when everything is going bad.

It isn’t censorship - it is trying to get as much info in the same place. Post the same topic tomorrow (hoping it doesn’t happen again) and it would not be removed.

3 Likes

Bubble uses Cloudflare to mitigate DDoS attacks. Probably they received lots of such attacks, but they do nothing since they are stopped by Cloudflare at their edge.

Then, why this attack affected and was not stopped by cloudflare? I’m just a web developer, and definitely I’m not an expert, but from what I know and learned into internet and Cloudflare blogs, this could be due to some causes, most common ones are:

  • An IP leak could have made attackers skip Cloudflare and attack directly into bubble servers

  • The attack was very sophisticated and Cloudflare couldn’t detect and mitigate it automatically. (Case of this YouTuber: https://youtu.be/_IPeU2upbaw)

What could have done the bubble team to mitigate it and prevent further attacks?

If it’s an IP leak, it’s really difficult to stop, but a possible mitigation that they could have done is to block all non-cloudflare IP’S (propably that’s what they did)(it takes some time to implement)

If it’s a very sophisticated attack, enable Cloudflare under attack mode manually and bot management, allowing only access to users with a high reputation level.

The worst scenario is that nothing works, and Cloudflare doesn’t detects anything. That could require direct Cloudflare intervention, so bubble has nothing to do here.

Personal opinion, if you are a bubble user, there’s nothing to worry about, since after that, it’s very probably that they could add better measures against such attacks and others will get blocked easier, resulting in the worst case in just some minutes.

If you think this is a reason for not trusting bubble, It’s a reason for not trusting every platform in the internet, since every platform is exposed to those and other kinds of attacks

What would be great is a clarification from the bubble team on what’s happened.
Also preventing status monitoring from spamming our email with thousands of repeatedly emails

FYI…

3 Likes

And please, prevent status monitor spamming our emails :sweat_smile:

2 Likes