Following extended monitoring without further disruptions, we are resolving this issue.
May 14, 21:33 CDT
While DOS attacks are outside of our ability to control, having DNS zones managed by our Liquid Web team did allow us to update the IP addresses for those zones and avoid extended impact to those websites. If your DNS is hosted elsewhere, please consider hosting DNS with us in the future which will allow us to mitigate impact to your websites should a similar situation arise.
Although we have experienced no further network disruptions, we still advise updating the DNS for websites to the IP listed in ticket communications or to 18.104.22.168.
We will continue to monitor the network closely and will post any new details as they are made available.
May 14, 01:05 CDT
As of 5PM CDT, all network traffic has returned to normal. Our networking and operations teams will continue to monitor performance closely and we will provide updates as new information becomes available.
May 13, 18:10 CDT
Unfortunately, this large scale DDos attack is still targeting the impacted IP. We highly recommend you redirect any impacted websites to the below suggested IPs. Our networking team is monitoring the traffic but the scale of the attack is preventing the return of functionality of the original IP at this time. If you would like to update your Domain Registrar to point to our internal Liquid Web name servers, our support team can help you create DNS records that will allow your website traffic to be visible on a different IP.
May 13, 06:24 CDT
Due to the external DDos impacting customer traffic into our Cloud Sites platform in PHX, specifically php7-32.wc2.phx1 at 22.214.171.124, we are moving impacted customers to additional IPs. However, we can only migrate customers using our Liquid Web nameservers. Customers with external DNS service, should consider migrating their IPs to the afore mentioned IPs until the DDos is further mitigated.
May 12, 23:47 CDT
We are continuing to work to mitigate the DDOS. If you have not already updated impacted Sites to the aforementioned IP, please use 126.96.36.199 instead.
May 12, 22:26 CDT
At this time we are experiencing a large inbound DDOS targeting php7-32.wc2.phx1 at 188.8.131.52. Client’s pointing to the primary IP are asked to temporarily update to 184.108.40.206 to avoid disruption at this time.
We will continue to monitor network traffic and performance and will provide an update as additional information becomes available.
If you have any questions, please do not hesitate to contact a member of our support team via live-chat or by toll-free phone at 1.855.348.9060 or international at +1.517.322.0434.
May 12, 21:52 CDT