In the past week our service has experienced a couple of downtimes. This morning we finally got everything fixed. In the interest of full disclosure, I’m giving you an overview of the incident.
On Friday, March 11, we had a hardware failure in our Texas data center. This would be business as usual, if it weren’t for the fact that, at that moment, we were under a DDoS attack. These two combined led to downtime on our website and the Classic dashboard. It lasted for a few minutes until our failover got the service back online.
Our initial plan was to fix the hardware failure and put ManageWP into maintenance so we could get the primary servers back online over the weekend. Unfortunately, the DDoS attacks did not relent, so we focused our effort on staying ahead of the hackers. They kept changing their attack methods, which caused periodic slowdowns and a couple of 1-2 minute downtimes over the next few days, so we decided to move the maintenance ahead of schedule.
The maintenance is over, our servers are up and running at full capacity, and we expect everything to be back to normal.
Was my account in danger?
No. A DDoS attack cannot put your account in danger or steal any information. Its sole purpose is to prevent ManageWP from functioning properly by overloading the server with millions of requests. This particular DDoS was sophisticated, specifically targeting ManageWP, so we suspect that the attacker (or attackers) behind it would profit from ManageWP users quitting our service. We’ve turned our logs over to the FBI and let them handle the rest.
Is ManageWP in danger of going down again?
No. We employ a team of seasoned security and DevOps experts that are used to tackle much more serious attacks, so there was no real threat here. It’s only because of the hardware failure that the attackers managed to cause this little disruption.
It’s worth noting that during all of this the Orion dashboard was up, and a lot of users kept managing their websites. Unlike the ManageWP website and the Classic dashboard, Orion is on AWS cloud infrastructure, which cares less for DDoS attempts than Marlon Brando did for line rehearsals.
We also store a backup of our data on a remote destination (practice what you preach, eh? :D), which allows us to quickly bring ManageWP back online on another infrastructure.
I apologize for not letting you know about all of this right away. We wanted to gather as much intel as possible before we turn this over to the authorities, so we didn’t want to tip off the attackers. If there’s one thing you can count on, it’s that we’ve got your back.