Free SSL certificate 'Let's Encrypt' suffers a DDoS attack and performance drops temporarily
Let's Encrypt, a free and open certificate authority, was hit by a DDoS attack , resulting in poor service performance for about four and a half hours.
Title: Let's Encrypt's performance is currently degraded due to a DDoS attack
— Hncynic bot (@hncynic) March 7, 2021
????: I know it is a big thing to complain about but why does the whole DNS lookup system require an invalid certificate? Because it seems too easy to get a certificate from a DNS provider that has…
Let's Encrypt's performance is currently degraded due to a DDoS attack | Hacker News
https://news.ycombinator.com/item?id=26374430
At 7:38 local time on March 7, 2021, 14 domains such as Let's Encrypt's 'acme-staging-v02.api.letsencrypt.org' were found to be under DDoS attack. Let's Encrypt took countermeasures immediately after the attack was discovered, and announced at 12:14 on the same day that 'We have succeeded in mitigating the DDoS attack. Currently, our service is operating normally.'
Let's Encrypt Status
https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/6044830be2838505358d3108
'HTTPS ' is a communication protocol that makes Internet communication more secure by encrypting communication with innumerable websites on the Internet. For HTTPS communication, the web browser that displays the website must send an 'SSL certificate ' from the web server to confirm which certificate authority (CA) the site is authorized by. .. Let's Encrypt is one of the certificate authorities that issues SSL certificates for free.
In just three years from the official launch of Let's Encrypt in 2016, the percentage of websites that support HTTPS has skyrocketed from 40% to 80%, making Let's Encrypt a major contributor to the spread of highly secure HTTPS. It is believed to have been fulfilled. As of February 2020, the total number of SSL certificates issued by Let's Encrypt has exceeded 1 billion, which is the backbone of HTTPS.
Announced that the number of SSL certificates issued by Let's Encrypt has exceeded 1 billion, HTTPS usage has increased rapidly in the past 3 years-GIGAZINE
The attacker and reason for this DDoS attack are unknown, and the Hacker News forum said, 'I thought Let's Encrypt was'natural', but I realized it was just a service. 'The fact that DDoS attacks are fairly easy to carry out creates this kind of problem.'
Related Posts:
in Web Service, Posted by darkhorse_log