Google's domain blocked web service 'switch to Cloudflare' grudge

by GuillermoJM

For a web service, the 'domain' is a very important entity at the entrance of the service. The online document creation service ' GitBook ', which used ' Google Domains ' to register such a domain, has blocked the domain from Google and is temporarily unable to provide the service.

06/2020: GitBook domains blocked by registrar-GitBook's Blog
https://blog.gitbook.com/tech/post-mortems/06-20-gitbook-domains-blocked-by-registrar

At 6:40 AM, June 4, Coordinated Universal Time , the GitBook team noticed an alert that certain services were inaccessible. Eight minutes later, at 6:48 am, it seems that Google received an email saying 'We have temporarily stopped all domains of GitBook because phishing was detected'.

Since GitBook is a service that allows users to create documents on the web, the contents can be freely manipulated by users. Since some malicious users may create content for spamming and phishing purposes, GitBook aimed to eliminate inappropriate content by confirming the user's identity. GitBook acknowledged that the content for phishing purposes increased on GitBook from May to June, and the suspension of the related account was also completed, but GitBook said that the domain was suspended by Google. Is talking.

After receiving an email from Google, the GitBook team contacted Google's support to see what content was the problem and what could be done to resolve the problem. Google's response to that was a notification of the specific domain that the phishing was reported on and a request for an external content scan and a vulnerability report, a solution that could not be addressed immediately.

Many users used GitBook with a custom domain, so the GitBook team addressed the issue by providing a temporary domain and having the user change the CNAME setting. However, the original domain remains blocked.

Around 11:00, the team managed to get in touch with a Google representative using live chat. A Google representative replied, 'We have outsourced the issue to our compliance team and will receive an email within 24 to 48 hours.' In response, GitBook said, 'The email domain is blocked... …” commented.

Finally, at 15:05, we received an email from Google indicating that the block was removed, and the service was restored at the end of about 8 hours of downtime.

This time it was a failure due to the freezing of the domain, so it did not affect the user information etc. Regarding future measures, GitBook will strengthen the crackdown on malicious content and will move domain management from Google Domains to Cloudflare Registrar . The reason is that it suddenly freezes the domain without notification, does not report even though it should have known malicious content in advance, and immediately detects even one malicious content, it immediately blocks the entire domain. It is said that.

The actual interaction between Google personnel and the GitBook team is also introduced. In response to the GitBook question, 'If'brix.github.io/spam' is spammed, will you shut down the entire GitHub domain?'

GitBook has a serverless and failover capable configuration with multiple nodes, and was focusing on availability, but the domain is an unavoidable single point of failure. GitBook says that the inability to do anything while knowing that it is annoying the users is unbearable, and commented that the users are grateful to them for putting up with and understanding this obstacle.